[openssl-users] Will a PKCS#12 safeContentsBag change affect anyone?

Richard Levitte levitte at openssl.org
Sat Jul 14 05:53:00 UTC 2018

Since the dawn of time, it seems that OpenSSL has had an incorrect
implementation of safeContentsBag.  The current RFC defines it as

    SafeContents ::= SEQUENCE OF SafeBag
    safeContentsBag BAG-TYPE ::=
         {SafeContents        IDENTIFIED BY {bagtypes 6}}

However, the OpenSSL implementation is this:

     ASN1_ADB(PKCS12_SAFEBAG) = { 
             ADB_ENTRY(NID_keyBag, ASN1_EXP(PKCS12_SAFEBAG, value.keybag, PKCS8_PRIV_KEY_INFO, 0)), 
             ADB_ENTRY(NID_pkcs8ShroudedKeyBag, ASN1_EXP(PKCS12_SAFEBAG, value.shkeybag, X509_SIG, 0)), 
             ADB_ENTRY(NID_safeContentsBag, ASN1_EXP_SET_OF(PKCS12_SAFEBAG, value.safes, PKCS12_SAFEBAG, 0)), 
             ADB_ENTRY(NID_certBag, ASN1_EXP(PKCS12_SAFEBAG, value.bag, PKCS12_BAGS, 0)), 
             ADB_ENTRY(NID_crlBag, ASN1_EXP(PKCS12_SAFEBAG, value.bag, PKCS12_BAGS, 0)), 
             ADB_ENTRY(NID_secretBag, ASN1_EXP(PKCS12_SAFEBAG, value.bag, PKCS12_BAGS, 0)) 
     } ASN1_ADB_END(PKCS12_SAFEBAG, 0, type, 0, &safebag_default_tt, NULL);

Note ASN1_EXP_SET_OF, i.e. it's implemented as a SET OF, rather than a
SEQUENCE OF.  See https://github.com/openssl/openssl/issues/6665 for
the discussion that we've had so far.

A fix is already on the way, but there's the question if this will
affect anyone.  As far as the voices on github say so far, this
particular bag appears to be unused...  so that's the question we want
to ask you; has anyone here used this particular bag and will
therefore be affected by a change, or do you know anyone who will?


Richard Levitte         levitte at openssl.org
OpenSSL Project         http://www.openssl.org/~levitte/

More information about the openssl-users mailing list