PROBLEM WITH ENCODING IPv4 ADDRESS

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

PROBLEM WITH ENCODING IPv4 ADDRESS

Yang Liu
This post was updated on .
I am trying to write a  snmpset using bouncy castle lib version 1.52,
I tried to encode an IPv4 address like this:

I used tcpdump to analyze the request packets and found the ip address is encoded into:
oid=[BE_ANY!?]

I updated the lib to 1.57 and still get the same result

UPDATE:
I used several methods to encode the ip address, and all of them get problem:
1)
    code:   v.add(new DEROctetString(ip.getBytes()));
    results: the result is the correct,but its a string, and in snmp, the ip address is a type different from string, so the snmp agent still return an error

2)
   code:  v.add(new GeneralName(GeneralName.iPAddress, ip))
   result: the ip address is encoded into:  [BE_ANY!?]

3)
   code: v.add(new BERApplicationSpecific(BERTags.APPLICATION, Asn1Utils.toBEROctetString(ip)))
   result: the ip address is encoded into: [id?C/x/64]

4)
   code: DERApplicationSpecific(true, BERTags.APPLICATION, Asn1Utils.toBEROctetString(ip))
   result: the ip addres is encoded into: [id?C/x/64]


any one can give some help?
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: PROBLEM WITH ENCODING IPv4 ADDRESS

Eckenfels. Bernd
Leading 0 bytes in ASN.1 encoded integers are not allowed. See thenrecent discussion here on the list. BC has recently made the checks stricter for security reasons. In the current Beta and upcoming release you will be able to turn the checks off again. I don't think this is related to the subject of your mail, so if you want to know something else it would be good to have a separate thread about it.

BTW IN Oracle Java the same check (for certificate validation) is also present in 8u121 and 8u131 and was again removed in 8u141. Nevertheless you should never generate those broken integers.

Gruss
Bernd
--
http://www.seeburger.com
________________________________________
From: thelordsaves [[hidden email]]
Sent: Wednesday, July 26, 2017 03:28
To: [hidden email]
Subject: [dev-crypto] Re: PROBLEM WITH ENCODING IPv4 ADDRESS

any one can give some help?



--
View this message in context: http://bouncy-castle.1462172.n4.nabble.com/PROBLEM-WITH-ENCODING-IPv4-ADDRESS-tp4658884p4658886.html
Sent from the Bouncy Castle - Dev mailing list archive at Nabble.com.









SEEBURGER AG            Vorstand/SEEBURGER Executive Board:
Sitz der Gesellschaft/Registered Office:                Axel Haas, Michael Kleeberg, Friedemann Heinz, Dr. Martin Kuntz, Matthias Feßenbecker
Edisonstr. 1
D-75015 Bretten         Vorsitzende des Aufsichtsrats/Chairperson of the SEEBURGER Supervisory Board:
Tel.: 07252 / 96 - 0            Prof. Dr. Simone Zeuchner
Fax: 07252 / 96 - 2222
Internet: http://www.seeburger.de               Registergericht/Commercial Register:
e-mail: [hidden email]               HRB 240708 Mannheim


Dieses E-Mail ist nur für den Empfänger bestimmt, an den es gerichtet ist und kann vertrauliches bzw. unter das Berufsgeheimnis fallendes Material enthalten. Jegliche darin enthaltene Ansicht oder Meinungsäußerung ist die des Autors und stellt nicht notwendigerweise die Ansicht oder Meinung der SEEBURGER AG dar. Sind Sie nicht der Empfänger, so haben Sie diese E-Mail irrtümlich erhalten und jegliche Verwendung, Veröffentlichung, Weiterleitung, Abschrift oder jeglicher Druck dieser E-Mail ist strengstens untersagt. Weder die SEEBURGER AG noch der Absender (Eckenfels. Bernd) übernehmen die Haftung für Viren; es obliegt Ihrer Verantwortung, die E-Mail und deren Anhänge auf Viren zu prüfen.


This email is intended only for the recipient(s) to whom it is addressed. This email may contain confidential material that may be protected by professional secrecy. Any fact or opinion contained, or expression of the material herein, does not necessarily reflect that of SEEBURGER AG. If you are not the addressee or if you have received this email in error, any use, publication or distribution including forwarding, copying or printing is strictly prohibited. Neither SEEBURGER AG, nor the sender (Eckenfels. Bernd) accept liability for viruses; it is your responsibility to check this email and its attachments for viruses.

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: PROBLEM WITH ENCODING IPv4 ADDRESS

Yang Liu
This post was updated on .
I tried this:
InetAddress ip = InetAddress.getByName("xx.xx.xx.xx");
byte[] bytes = ip.getAddress();
v.add(new DERApplicationSpecific(0, new DEROctetString(bytes)));


but get the following result:
C/x/IpAddress_04_04_0a_00_00_64
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: PROBLEM WITH ENCODING IPv4 ADDRESS

Yang Liu
This post was updated on .
In reply to this post by Yang Liu
finally, I solved this problem, by this:
InetAddress ip = InetAddress.getByName(value);
byte[] bytes = ip.getAddress();
v.add(new DERApplicationSpecific(0, bytes));
Loading...