parsing invalid DER
Viktor Dukhovni
openssl-users at dukhovni.org
Thu Sep 1 20:50:03 UTC 2022
On Thu, Sep 01, 2022 at 08:21:21AM -0400, Dave Coombs via openssl-users wrote:
> These are the 2 invalid encodings I have seen:
>
> First, a bit-string used for flags, encoded as (hex) 030108. That is,
> the number of unused bits is set to 8, and no other content, presumably
> indicating no flags are set. DER would have this be 030100 instead.
> My d2i is resulting in ASN1_R_INVALID_BIT_STRING_BITS_LEFT in
> c2i_ASN1_BIT_STRING().
This is likely not even valid BER, so you'll need a custom decoder to
deal with this.
> Second, a positive integer with leading 00 padding which is not
> necessary, encoded as 80020042. (It has an implicit [0] tag.) DER
> would have this be 800142. My d2i is resulting in
> ASN1_R_ILLEGAL_PADDING in c2i_ibuf().
This is at least BER, so a BER decoder should be able to handle it.
But the "d2i*" routines expect DER, so the above breakage is not
d2i-compatible.
--
Viktor.
More information about the openssl-users
mailing list