Bug #4374

[ext/openssl] ASN1.decode wrong for infinite length values

Added by Martin Bosslet about 3 years ago. Updated almost 3 years ago.

[ruby-core:35123]
Status:Closed
Priority:Normal
Assignee:Martin Bosslet
Category:ext
Target version:1.9.3
ruby -v:ruby 1.9.2p136 (2010-12-25 revision 30365) [i686-linux] Backport:

Description

=begin
Hi all,

ASN.1 decoding behaves incorrectly for DER encodings with infinite length values. Two examples:

require 'openssl'
require 'pp'

eoc = OpenSSL::ASN1::EndOfContent.new
int = OpenSSL::ASN1::Integer.new (1)

inner = OpenSSL::ASN1::Sequence.new([int, eoc])
inner.infinite_length = true

outer = OpenSSL::ASN1::Sequence.new([inner, eoc])
outer.infinite_length = true

asn1 = OpenSSL::ASN1.decode(outer.to_der)

pp asn1

=> #,
#,
#]>]>

The end of content DER for the outer Sequence is incorrectly stored with the values
of the inner sequence. Although after encoding the resulting DER will be correct, the
structure should rather look like this:

#,
#]>,
#]>

Another example:

require 'openssl'
require 'pp'

eoc = OpenSSL::ASN1::EndOfContent.new
oct = OpenSSL::ASN1::OctetString.new ("\x01")

inner = OpenSSL::ASN1::Constructive.new([oct, eoc], OpenSSL::ASN1::OCTETSTRING)
inner.infinite
length = true

outer = OpenSSL::ASN1::Constructive.new([inner, eoc], OpenSSL::ASN1::OCTETSTRING)
outer.infinite
length = true

asn1 = OpenSSL::ASN1.decode(outer.to_der)

pp asn1

=> ,
#,
#]>]>]>]>

Here it's worse, because when calling asn1.to_der it will even result in an error:

test.rb:17:in to_der': invalid constructed encoding (OpenSSL::ASN1::ASN1Error)
from test.rb:17:in
each'
from test.rb:17:in to_der'
from test.rb:17:in
'

The problem are the defaults for tagging and tagclass in osslasn1_initialize that are not
intuitive and are defaults for tagged DER values instead of "normal" values.

The correct structure for the above would look like this:

#,
#]>,
#]>

The attached patch fixes the problems and has also "more natural" defaults for
osslasn1initialize.

Regards,
Martin
=end

fix_asn1.diff Magnifier (3.62 KB) Martin Bosslet, 02/07/2011 02:52 AM

Associated revisions

Revision 31700
Added by emboss almost 3 years ago

  • ext/openssl/osslasn1.c: Fix decoding of infinite length values. Simplified osslasn1_decode0 by splitting it into three separate functions. Add tests. [Ruby 1.9 - Bug #4374]

History

#1 Updated by Martin Bosslet about 3 years ago

=begin
I verified that with the current code it's not possible to construct a Constructive
instance without tagging if the tag_class is passed as an explicit parameter.
Tagging will be set to :EXPLICIT if it was passed as nil. That's why

if (infinite && !(tag == VASN1SEQUENCE || tag == VASN1SET)){
asn1data = rbfuncall(cASN1Constructive,
rb
intern("new"),
4,
value,
INT2NUM(tag),
Qnil,
ID2SYM(tag_class));

in osslasn1decode0 will always produce a Constructive with :EXPLICIT
tagging, and reencoding a parsed ASN.1 value will fail or produce incorrect
output.
At first I thought changing the defaults in osslasn1initialize would be
more intuitive but not essential to the fix - but now I think it has become
mandatory.
=end

#2 Updated by Martin Bosslet almost 3 years ago

  • Assignee set to Martin Bosslet

#3 Updated by Anonymous almost 3 years ago

  • Status changed from Open to Closed
  • % Done changed from 0 to 100

This issue was solved with changeset r31700.
Martin, thank you for reporting this issue.
Your contribution to Ruby is greatly appreciated.
May Ruby be with you.


  • ext/openssl/osslasn1.c: Fix decoding of infinite length values. Simplified osslasn1_decode0 by splitting it into three separate functions. Add tests. [Ruby 1.9 - Bug #4374]

#4 Updated by Martin Bosslet almost 3 years ago

Hi,

I fixed this bug and tried to simplify osslasn1decode0 and
improve its performance.

Here is what I did:

  • removed the "once" parameter

  • added sanity checks that verify that all bytes are actually
    read when parsing is finished

  • tried to reduce complexity by splitting osslasn1decode0
    into three separate methods to make it easier to spot the code that
    handles constructed values and the code that handles primitive
    values

  • osslasn1decode now returns an Array just in the case of
    parsing constructed values, otherwise it returns the plain value
    to reduce overall allocated objects

  • changed the behavior of osslasn1initialize slightly to allow the
    construction of infinite length primitive values in the form of a
    Constructive

  • replaced rb_intern with static symbols to improve performance

  • allocate and initialize ASN1Data (and sub-classes) instances
    in C to improve performance and save additional VM roundtrips

  • initialize those instances additionally with tag and tagclass
    to avoid hash look-ups each time in ossl
    asn1_initialize

  • added some tests for edge cases (I'll add more soon)

The performance gain is noticeable - in my tests (certificates,
CMS signatures) the current implementation was roughly twice as
fast as that of 1.9.2p180.

I would be happy about comments and improvements.

Regards,
Martin

Also available in: Atom PDF