CryptoConfig.EncodeOID Incorrectly Parses OID Numbers

[leechristensen]

Description

The following PowerShell code demonstrates the error:

PS C:\> [System.Security.Cryptography.CryptoConfig]::EncodeOID('1.3.6.1.4.1.311.21.8.2473183039')
MethodInvocationException: Exception calling "EncodeOID" with "1" argument(s): "Value was either too large or too small for an Int32."
PS C:\> $error[0].exception.innerexception

TargetSite     : Void ThrowOverflowOrFormatException(ParsingStatus, System.TypeCode)
StackTrace     :    at System.Number.ThrowOverflowOrFormatException(ParsingStatus status, TypeCode type)
                    at System.Number.ParseInt32(ReadOnlySpan`1 value, NumberStyles styles, NumberFormatInfo info)
                    at System.Int32.Parse(String s, IFormatProvider provider)
                    at System.Security.Cryptography.CryptoConfig.EncodeOID(String str)

The affected code is here:

runtime/src/libraries/System.Security.Cryptography.Algorithms/src/System/Security/Cryptography/CryptoConfig.cs

Line 520 in 5c80887

oidNums[i] = unchecked((uint)int.Parse(oidString[i], CultureInfo.InvariantCulture));

The error occurs because the value 2473183039 does not fit in an int type, therefore the code throws an exception. However, that value is valid for an OID.

Configuration

All versions of .NET appear to be affected.

Regression?

No

Other information

Originally ran into it here: Crypt32/pkix.net#44

Tagging subscribers to this area: @bartonjs, @vcsjones, @krwq, @GrabYourPitchforks
See info in area-owners.md if you want to be subscribed.

Issue Details

---

Description

The following PowerShell code demonstrates the error:

PS C:\> [System.Security.Cryptography.CryptoConfig]::EncodeOID('1.3.6.1.4.1.311.21.8.2473183039')
MethodInvocationException: Exception calling "EncodeOID" with "1" argument(s): "Value was either too large or too small for an Int32."
PS C:\> $error[0].exception.innerexception

TargetSite     : Void ThrowOverflowOrFormatException(ParsingStatus, System.TypeCode)
StackTrace     :    at System.Number.ThrowOverflowOrFormatException(ParsingStatus status, TypeCode type)
                    at System.Number.ParseInt32(ReadOnlySpan`1 value, NumberStyles styles, NumberFormatInfo info)
                    at System.Int32.Parse(String s, IFormatProvider provider)
                    at System.Security.Cryptography.CryptoConfig.EncodeOID(String str)

The error occurs because the value 2473183039 does not fit in an int type, therefore the code throws an exception. However, that value is valid for an OID.

Configuration

All versions of .NET appear to be affected.

Regression?

No

Other information

Originally ran into it here: Crypt32/pkix.net#44

Author:	leechristensen
Assignees:	-
Labels:	area-System.Security, untriaged
Milestone:	-

[vcsjones]

If you need to work around this today, you can use the newer System.Formats.Asn1 functionality.

AsnWriter writer = new(AsnEncodingRules.DER);
writer.WriteObjectIdentifier("1.3.6.1.4.1.311.21.8.2473183039");
byte[] encoded = writer.Encode();

@bartonjs would it makes sense to change CryptoConfig to use the new ASN1 stuff? Not sure where the .NET Framework compat line is for CryptoConfig.

[bartonjs]

I feel like I wanted to do that previously, but CryptoConfig.EncodeOID had some weird behaviors that I couldn't replicate.

e.g.

• 1.41 (arcs 0 and 1 are limited to 0..39; so this is actually 2.1)
• 1.01 (e.g. leading zeros are ignored, but System.Formats.Asn1 won't (IIRC))
• 1.-2 (what's a negative arc? well, it does stuff... turns it into 0.38)
• 1.0.-4 => 06 02 28 FC, doesn't decode since it ends with the high bit set.

Since it didn't previously throw on these nonsense inputs, and they can't be made to work with System.Formats.Asn1, this is probably an "it is what it is and we won't change it". Though, I suppose we could always be weird and do

try
{
    AsnWriter writer = new AsnWriter(AsnEncodingRules.DER);
    writer.WriteObjectIdentifier(str);
    return writer.Encode();
}
catch (AsnContentException)
{
    return OldEncodeOID(str);
}

[vcsjones]

Hm. I wonder if that would just make this harder to reason about, especially since there is a way forward: use the spec-compliant APIs. "1.41.2473183039" would still not parse, but "1.2.2473183039" and "1.41.123" would.

[bartonjs]

Given that the current API has a hard to maintain mix of nonsense answers and throwing, I think we should just stick with "this is what it's done for 20 years".

System.Formats.Asn1.AsnWriter.WriteObjectIdentifier uses BigInteger for its RID decoding, so it works on an effectively unbounded integer size. (The UUID-as-an-OID space is one of its test cases)