Closed
Description
Hello Developer, I have a CRL file with a CRL number value of -36. According to RFC5280, the CRL number should be a non-negative integer, but Bouncy Castle 1.80 successfully printed this CRL without any errors.May I ask if this is a bug?
Code:
import java.io.InputStream;
import java.io.FileInputStream;
import org.bouncycastle.asn1.x509.CertificateList;
import org.bouncycastle.cert.X509CRLHolder;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.ASN1OctetString;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.ASN1OctetStringParser;
public class CRLParserExample_serial_num {
public static void main(String[] args) throws Exception{
InputStream inputStream = new FileInputStream("crl_file_test_.der");
X509CRLHolder crlHolder = new X509CRLHolder(inputStream);
ASN1ObjectIdentifier oid = new ASN1ObjectIdentifier("2.5.29.20");
Extension extension = crlHolder.getExtension(oid);
System.out.println(extension.getParsedValue());
}
}
Test Cases: