parsing invalid DER
Peter Sylvester
peter.sylvester at gmail.com
Thu Sep 1 20:21:48 UTC 2022
On 01/09/2022 18:15, Matt Caswell wrote:
>
>
> On 01/09/2022 13:21, Dave Coombs via openssl-users wrote:
>> So! Is it possible to work around these, using ASN1_MACRO trickery or
>> what-have-you? It's pretty clear I should end up with an empty bit-
>> string and integer value 0x42, so is there a way to loosen the parser's
>> pickiness and achieve this?
>
> Unfortunately, AFAIK, I don't think there is a way to do this.
>
> Matt Hi,
I would try to patch two routines.
I vaguely remember that openssl's integer decoder was eating a leading 0 octet in a positive
integer decoding.
but that seems to be fixed. code is in routine c2i_ibuf in crypto/asn1/a_int.c
0301xx look what ossl_c2i_ASN1_BIT_STRING in a_bitstr.c Don't test for bits when length is 1
Best
Peter
More information about the openssl-users
mailing list