Description
It does seems that the encoding of ASN1 is wrong during to_der. Simple test as following
require 'openssl'
i = OpenSSL::ASN1::Integer.new(1,1,:explicit). # result is same if :implicit is used
s = OpenSSL::ASN1::Sequence.new(i)
p s
At this stage, result would be correct:
=> #<OpenSSL::ASN1::Sequence:0x45815ffc @value=[#<OpenSSL::ASN1::Integer:0x35a9782c @value=1, @tag=1, @tagging=:explicit, @infinite_length=false, @tag_class=:CONTEXT_SPECIFIC>], @tag=16, @tagging=nil, @infinite_length=false, @tag_class=:UNIVERSAL>
However after convert to der and decode it back, the result is incorrect
ds = s.to_der
dec = OpenSSL::ASN1.decode(ds)
p dec
Decoding result would be:
=> #<OpenSSL::ASN1::Sequence:0x6b00f608 @value=[#<OpenSSL::ASN1::Integer:0x3e821657 @value=#<OpenSSL::BN:0x615091b8>, @tag=2, @tagging=nil, @infinite_length=false, @tag_class=:UNIVERSAL>], @tag=16, @tagging=nil, @infinite_length=false, @tag_class=:UNIVERSAL>
Note the tag_class should be :CONTEXT_SPECIFIC instead :UNIVERSAL as in result above.
Or I understand the standard wrongly?
Feedback is very much appreciated!
Environment:
jruby 9.1.6.0 (2.3.1) 2016-11-09 0150a76 Java HotSpot(TM) 64-Bit Server VM 25.112-b16 on 1.8.0_112-b16 +jit [darwin-x86_64]
Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.
Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.