You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pdfbox.apache.org by ti...@apache.org on 2020/10/22 17:08:02 UTC
svn commit: r1882766 -
/pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/cert/CRLVerifier.java
Author: tilman
Date: Thu Oct 22 17:08:02 2020
New Revision: 1882766
URL: http://svn.apache.org/viewvc?rev=1882766&view=rev
Log:
PDFBOX-3017: close stream; avoid ClassCastException
Modified:
pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/cert/CRLVerifier.java
Modified: pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/cert/CRLVerifier.java
URL: http://svn.apache.org/viewvc/pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/cert/CRLVerifier.java?rev=1882766&r1=1882765&r2=1882766&view=diff
==============================================================================
--- pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/cert/CRLVerifier.java (original)
+++ pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/cert/CRLVerifier.java Thu Oct 22 17:08:02 2020
@@ -303,12 +303,25 @@ public final class CRLVerifier
{
return new ArrayList<>();
}
- ASN1InputStream oAsnInStream = new ASN1InputStream(crldpExt);
- ASN1Primitive derObjCrlDP = oAsnInStream.readObject();
+ ASN1Primitive derObjCrlDP;
+ try (ASN1InputStream oAsnInStream = new ASN1InputStream(crldpExt))
+ {
+ derObjCrlDP = oAsnInStream.readObject();
+ }
+ if (!(derObjCrlDP instanceof ASN1OctetString))
+ {
+ LOG.warn("CRL distribution points for certificate subject " +
+ cert.getSubjectX500Principal().getName() +
+ " should be an octet string, but is " + derObjCrlDP);
+ return new ArrayList<>();
+ }
ASN1OctetString dosCrlDP = (ASN1OctetString) derObjCrlDP;
byte[] crldpExtOctets = dosCrlDP.getOctets();
- ASN1InputStream oAsnInStream2 = new ASN1InputStream(crldpExtOctets);
- ASN1Primitive derObj2 = oAsnInStream2.readObject();
+ ASN1Primitive derObj2;
+ try (ASN1InputStream oAsnInStream2 = new ASN1InputStream(crldpExtOctets))
+ {
+ derObj2 = oAsnInStream2.readObject();
+ }
CRLDistPoint distPoint = CRLDistPoint.getInstance(derObj2);
List<String> crlUrls = new ArrayList<>();
for (DistributionPoint dp : distPoint.getDistributionPoints())