From: Martin Bosslet <Martin.Bosslet@...>
Date: 2011-05-12T08:11:28+09:00
Subject: [ruby-core:36118] [Ruby 1.9 - Bug #4374] [ext/openssl] ASN1.decode wrong for infinite length values


Issue #4374 has been updated by Martin Bosslet.

Assignee set to Martin Bosslet


----------------------------------------
Bug #4374: [ext/openssl] ASN1.decode wrong for infinite length values
http://redmine.ruby-lang.org/issues/4374

Author: Martin Bosslet
Status: Open
Priority: Normal
Assignee: Martin Bosslet
Category: ext
Target version: 1.9.3
ruby -v: ruby 1.9.2p136 (2010-12-25 revision 30365) [i686-linux]


=begin
 Hi all,
 
 ASN.1 decoding behaves incorrectly for DER encodings with infinite length values. Two examples:
 
 
 require 'openssl'
 require 'pp'
 
 eoc = OpenSSL::ASN1::EndOfContent.new
 int = OpenSSL::ASN1::Integer.new (1)
 
 inner = OpenSSL::ASN1::Sequence.new([int, eoc])
 inner.infinite_length = true
 
 outer = OpenSSL::ASN1::Sequence.new([inner, eoc])
 outer.infinite_length = true
 
 asn1 = OpenSSL::ASN1.decode(outer.to_der)
 
 pp asn1
 
 => #<OpenSSL::ASN1::Sequence:0x9b4bd70
  @infinite_length=true,
  @tag=16,
  @tag_class=:UNIVERSAL,
  @tagging=nil,
  @value=
   [#<OpenSSL::ASN1::Sequence:0x9b4bd84
     @infinite_length=true,
     @tag=16,
     @tag_class=:UNIVERSAL,
     @tagging=nil,
     @value=
      [#<OpenSSL::ASN1::Integer:0x9b4be24
        @infinite_length=false,
        @tag=2,
        @tag_class=:UNIVERSAL,
        @tagging=nil,
        @value=1>,
       #<OpenSSL::ASN1::EndOfContent:0x9b4bde8
        @infinite_length=false,
        @tag=0,
        @tag_class=:UNIVERSAL,
        @tagging=nil,
        @value="">,
       #<OpenSSL::ASN1::EndOfContent:0x9b4bdac
        @infinite_length=false,
        @tag=0,
        @tag_class=:UNIVERSAL,
        @tagging=nil,
        @value="">]>]>
 
 The end of content DER for the outer Sequence is incorrectly stored with the values 
 of the inner sequence. Although after encoding the resulting DER will be correct, the
 structure should rather look like this:
 
 #<OpenSSL::ASN1::Sequence:0x9f58ee0
  @infinite_length=true,
  @tag=16,
  @tag_class=:UNIVERSAL,
  @tagging=nil,
  @value=
   [#<OpenSSL::ASN1::Sequence:0x9f58f30
     @infinite_length=true,
     @tag=16,
     @tag_class=:UNIVERSAL,
     @tagging=nil,
     @value=
      [#<OpenSSL::ASN1::Integer:0x9f58f94
        @infinite_length=false,
        @tag=2,
        @tag_class=:UNIVERSAL,
        @tagging=nil,
        @value=1>,
       #<OpenSSL::ASN1::EndOfContent:0x9f58f6c
        @infinite_length=false,
        @tag=0,
        @tag_class=:UNIVERSAL,
        @tagging=nil,
        @value="">]>,
    #<OpenSSL::ASN1::EndOfContent:0x9f58f08
     @infinite_length=false,
     @tag=0,
     @tag_class=:UNIVERSAL,
     @tagging=nil,
     @value="">]>
 
 Another example:
 
 require 'openssl'
 require 'pp'
 
 eoc = OpenSSL::ASN1::EndOfContent.new
 oct = OpenSSL::ASN1::OctetString.new ("\x01")
 
 inner = OpenSSL::ASN1::Constructive.new([oct, eoc], OpenSSL::ASN1::OCTET_STRING)
 inner.infinite_length = true
 
 outer = OpenSSL::ASN1::Constructive.new([inner, eoc], OpenSSL::ASN1::OCTET_STRING)
 outer.infinite_length = true
 
 asn1 = OpenSSL::ASN1.decode(outer.to_der)
 
 pp asn1
 
 => <OpenSSL::ASN1::ASN1Data:0xa0fcdf0
  @infinite_length=true,
  @tag=4,
  @tag_class=:CONTEXT_SPECIFIC,
  @value=
   [#<OpenSSL::ASN1::Constructive:0xa0fce04
     @infinite_length=true,
     @tag=4,
     @tag_class=:UNIVERSAL,
     @tagging=:EXPLICIT,
     @value=
      [#<OpenSSL::ASN1::ASN1Data:0xa0fce2c
        @infinite_length=true,
        @tag=4,
        @tag_class=:CONTEXT_SPECIFIC,
        @value=
         [#<OpenSSL::ASN1::Constructive:0xa0fce40
           @infinite_length=true,
           @tag=4,
           @tag_class=:UNIVERSAL,
           @tagging=:EXPLICIT,
           @value=
            [#<OpenSSL::ASN1::OctetString:0xa0fcee0
              @infinite_length=false,
              @tag=4,
              @tag_class=:UNIVERSAL,
              @tagging=nil,
              @value="\x01">,
             #<OpenSSL::ASN1::EndOfContent:0xa0fceb8
              @infinite_length=false,
              @tag=0,
              @tag_class=:UNIVERSAL,
              @tagging=nil,
              @value="">,
             #<OpenSSL::ASN1::EndOfContent:0xa0fce68
              @infinite_length=false,
              @tag=0,
              @tag_class=:UNIVERSAL,
              @tagging=nil,
              @value="">]>]>]>]>
 
 Here it's worse, because when calling asn1.to_der it will even result in an error:
 
 test.rb:17:in `to_der': invalid constructed encoding (OpenSSL::ASN1::ASN1Error)
 	from test.rb:17:in `each'
 	from test.rb:17:in `to_der'
 	from test.rb:17:in `<main>'
 
 The problem are the defaults for tagging and tag_class in ossl_asn1_initialize that are not 
 intuitive and are defaults for tagged DER values instead of "normal" values.
 
 The correct structure for the above would look like this:
 
 #<OpenSSL::ASN1::Constructive:0x93ed128
  @infinite_length=true,
  @tag=4,
  @tag_class=:UNIVERSAL,
  @tagging=nil,
  @value=
   [#<OpenSSL::ASN1::Constructive:0x93ed178
     @infinite_length=true,
     @tag=4,
     @tag_class=:UNIVERSAL,
     @tagging=nil,
     @value=
      [#<OpenSSL::ASN1::OctetString:0x93ed1c8
        @infinite_length=false,
        @tag=4,
        @tag_class=:UNIVERSAL,
        @tagging=nil,
        @value="\x01">,
       #<OpenSSL::ASN1::EndOfContent:0x93ed1a0
        @infinite_length=false,
        @tag=0,
        @tag_class=:UNIVERSAL,
        @tagging=nil,
        @value="">]>,
    #<OpenSSL::ASN1::EndOfContent:0x93ed150
     @infinite_length=false,
     @tag=0,
     @tag_class=:UNIVERSAL,
     @tagging=nil,
     @value="">]>
 
 The attached patch fixes the problems and has also "more natural" defaults for
 ossl_asn1_initialize.
 
 Regards,
 Martin
=end



-- 
http://redmine.ruby-lang.org