Skip to content

ASN1 wrong tag encoding for explicit or implicit tagged value #122

Open
@chrisliaw

Description

@chrisliaw

It does seems that the encoding of ASN1 is wrong during to_der. Simple test as following

require 'openssl'
i = OpenSSL::ASN1::Integer.new(1,1,:explicit). # result is same if :implicit is used
s = OpenSSL::ASN1::Sequence.new(i)
p s

At this stage, result would be correct:

=> #<OpenSSL::ASN1::Sequence:0x45815ffc @value=[#<OpenSSL::ASN1::Integer:0x35a9782c @value=1, @tag=1, @tagging=:explicit, @infinite_length=false, @tag_class=:CONTEXT_SPECIFIC>], @tag=16, @tagging=nil, @infinite_length=false, @tag_class=:UNIVERSAL>

However after convert to der and decode it back, the result is incorrect

ds = s.to_der
dec = OpenSSL::ASN1.decode(ds)
p dec

Decoding result would be:

=> #<OpenSSL::ASN1::Sequence:0x6b00f608 @value=[#<OpenSSL::ASN1::Integer:0x3e821657 @value=#<OpenSSL::BN:0x615091b8>, @tag=2, @tagging=nil, @infinite_length=false, @tag_class=:UNIVERSAL>], @tag=16, @tagging=nil, @infinite_length=false, @tag_class=:UNIVERSAL>

Note the tag_class should be :CONTEXT_SPECIFIC instead :UNIVERSAL as in result above.

Or I understand the standard wrongly?

Feedback is very much appreciated!

Environment:
jruby 9.1.6.0 (2.3.1) 2016-11-09 0150a76 Java HotSpot(TM) 64-Bit Server VM 25.112-b16 on 1.8.0_112-b16 +jit [darwin-x86_64]


Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.


Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.

Metadata

Metadata

Assignees

No one assigned

    Labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions