Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Incorrect Object Identifier DER Encoding #1520

Closed
zhengyao-lin opened this issue Sep 14, 2024 · 2 comments · Fixed by #1522
Closed

Incorrect Object Identifier DER Encoding #1520

zhengyao-lin opened this issue Sep 14, 2024 · 2 comments · Fixed by #1522

Comments

@zhengyao-lin
Copy link

The encoding seems to be incorrect for certain object identifiers at the boundary of arc length. For example:

// decoded: 1.2.0
println!("decoded: {:?}",  ObjectIdentifier::from_der(&ObjectIdentifier::new_unwrap("1.2.128").to_der().unwrap()));

// decoded: 1.2.0.0
println!("decoded: {:?}",  ObjectIdentifier::from_der(&ObjectIdentifier::new_unwrap("1.2.16384").to_der().unwrap()));

I'm using this crate:

der = { version = "0.7.9", features = [ "alloc", "oid" ] }
@zhengyao-lin
Copy link
Author

zhengyao-lin commented Sep 14, 2024
edited
Loading

This also seems to fail for many 1.2.<n> with n >= 16384

For instance

// decoded: 1.2.0.4
println!("decoded: {:?}", ObjectIdentifier::from_der(ObjectIdentifier::new_unwrap("1.2.16385").to_der().unwrap()));

@tarcieri
Copy link
Member

Reproduced. Thanks for the report.

tarcieri added a commit that referenced this issue Sep 18, 2024
@tarcieri
const-oid: fix large arc handling in encoder
30d3852 
BER encodings were being miscomputed for certain large arcs.

The previous method was a bit wacky (in addition to being buggy) and
attempted to encode each arc backwards within the BER output buffer.

This switches to a new method which splits the upper 7 bits from an arc
and encodes that as a byte, continuing until all bytes of the arc have
been encoded, which is much more straightforward.

The problematic cases which were reported have now been corrected.

Fixes #1520
@tarcieri tarcieri mentioned this issue Sep 18, 2024
Merged
tarcieri added a commit that referenced this issue Sep 18, 2024
@tarcieri
const-oid: fix large arc handling in encoder (#1522)
7c4638b 
BER encodings were being miscomputed for certain large arcs.

The previous method was a bit wacky (in addition to being buggy) and
attempted to encode each arc backwards within the BER output buffer.

This switches to a new method which splits the upper 7 bits from an arc
and encodes that as a byte, continuing until all bytes of the arc have
been encoded, which is much more straightforward.

The problematic cases which were reported have now been corrected.

Fixes #1520
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

const-oid: fix large arc handling in encoder RustCrypto/formats
2 participants
@tarcieri @zhengyao-lin