diff options
| author | Werner Koch <[email protected]> | 2023-10-24 07:22:13 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2023-10-24 07:33:35 +0000 |
| commit | 7661d2fbc6eb533016df63a86ec3e35bf00cfb1f (patch) | |
| tree | 520d959f7f1cff785fc63fb43ea78f4aef184400 /tests | |
| parent | doc: Minor typo fixes. (diff) | |
| download | gnupg-7661d2fbc6eb533016df63a86ec3e35bf00cfb1f.tar.gz gnupg-7661d2fbc6eb533016df63a86ec3e35bf00cfb1f.zip | |
sm: Another partly rewrite of minip12.c
* sm/minip12.c (struct tlv_ctx_s): Add origbuffer and origbufsize.
Remove pop_count. Rename offset to length.
(dump_tag_info, _dump_tag_info): Rewrite.
(dump_tlv_ctx, _dump_tlv_ctx): Rewrite.
(tlv_new): Init origbuffer.
(_tlv_peek): Add arg ti.
(tlv_peek): New.
(tlv_peek_null): New.
(_tlv_push): Rewrite.
(_tlv_pop): Rewrite.
(tlv_next): New macro. Move old code to ...
(_tlv_next): this. Add arg lno. Pop remaining end tags.
(tlv_popped): Remove.
(tlv_expect_object): Handle ndef.
(tlv_expect_octet_string): Ditto.
(parse_bag_encrypted_data): Use nesting level to control the inner
loop.
(parse_shrouded_key_bag): Likewise.
(parse_bag_data): Handle surplus octet strings.
(p12_parse): Ditto.
* sm/minip12.c (decrypt_block): Strip the padding.
(tlv_expect_top_sequence): Remove. Replace callers by
tlv_expect_sequence.
* tests/cms/samplekeys/t6752-ov-user-ff.p12: New sample key.
* tests/cms/samplekeys/Description-p12: Add its description
--
This patch improves the BER parser by simplifying it. Now tlv_next
pops off and thus closes all containers regardless on whether they are
length bounded or ndef. tlv_set_pending is now always used to undo
the effect of a tlv_next in a loop condition which was terminated by a
nesting level change.
Instead of using the length as seen in the decrypted container we now
remove the padding and let the BER parser do its work. This might
have a negative effect on pkcs#12 objects which are not correctly
padded but we don't have any example of such broken objects.
GnuPG-bug-id: 6752
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/cms/samplekeys/Description-p12 | 6 | ||||
| -rw-r--r-- | tests/cms/samplekeys/t6752-ov-user-ff.p12 | bin | 0 -> 2323 bytes |
2 files changed, 6 insertions, 0 deletions
diff --git a/tests/cms/samplekeys/Description-p12 b/tests/cms/samplekeys/Description-p12 index a73998fac..01276087f 100644 --- a/tests/cms/samplekeys/Description-p12 +++ b/tests/cms/samplekeys/Description-p12 @@ -45,4 +45,10 @@ Pass: abc Cert: 5cea0c5bf09ccd92535267c662fc098f6c81c27e Key: 3cb2fba95d1976df69eb7aa8c65ac5354e15af32 +Name: t6752-ov-user-ff.p12 +Desc: Mozilla generated with a surplus octet string container +Pass: start +Cert: 4753a910e0c8b4caa8663ca0e4273a884eb5397d +Key: 93be89edd11214ab74280d988a665b6beef876c5 + # eof # diff --git a/tests/cms/samplekeys/t6752-ov-user-ff.p12 b/tests/cms/samplekeys/t6752-ov-user-ff.p12 Binary files differnew file mode 100644 index 000000000..153ffb000 --- /dev/null +++ b/tests/cms/samplekeys/t6752-ov-user-ff.p12 |