Bouncy Castle 1.80 解析出了错误的CRL Number值

Open onepeople158 opened this issue 9 months ago • 1 comments

Hello Developer, I have a CRL file with the CRL Number value as a string, which is "G63287510". However, when I use Bouncy Castle 1.80 to parse this CRL file, the result parsed by Bouncy Castle 1.80 is "#473633323837353130" without any errors. So, is this a bug?

Test Case:

crl_string_num.zip

Code:

import java.io.InputStream;
import java.io.FileInputStream;
import org.bouncycastle.asn1.x509.CertificateList;
import org.bouncycastle.cert.X509CRLHolder;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.ASN1OctetString;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.ASN1OctetStringParser;

public class CRLParserExample_serial_num {
    public static void main(String[] args) throws Exception{
            
            InputStream inputStream = new FileInputStream("crl_string_num.der");
            
            X509CRLHolder crlHolder = new X509CRLHolder(inputStream);
            
            ASN1ObjectIdentifier oid = new ASN1ObjectIdentifier("2.5.29.20"); 
            
            Extension extension = crlHolder.getExtension(oid);

            System.out.println(extension.getParsedValue());

        } 
}

Apr 14 '25 06:04 onepeople158

Same incomplete parsing issue as #2055. Validation won't happen until you try to resolve the tagged object as an INTEGER.

Apr 14 '25 09:04 peterdettman