I'm not sure why the latest byte cannot be 0xFF? What about if my content length is 256? For example:
677 if (lowByte == -1) { 678 throw new IOException("Incomplete BER/DER length info"); 679 } Otherwise, looks fine to me. Xuelei On 10/11/2011 9:05 AM, Weijun Wang wrote: > Webrev at http://cr.openjdk.java.net/~weijun/7099399/webrev.00/ > > Basically, we're now accepting X.509 block of 4-octets length. For > simplicity, the highest byte must be <= 127, so that the length can be > expressed with a 32-bit int. > > Thanks > Max > > > -------- Original Message -------- > *Change Request ID*: 7099399 > *Synopsis*: cannot deal with CRL file larger than 16MB > > Product: java > Category: java > Subcategory: classes_security > Type: Defect > > === *Description* > ============================================================ > The X.509 impl of CertificateFactory only parses X.509 blocks smaller > than 16MB, i.e. when the length can be encoded in 3 octets. Now we have > a customer whose CRL file is as big as 30MB. >