Reinstate indefinite length and [UNIVERSAL 0] support in crypto/asn1

[samuel40791765]

Issues:

Addresses CryptoAlg-3037

Description of changes:

This is the first step of trying to reinstate support for BER in our OpenSSL ASN1 macro parsers. Proper support for BER consists of two parts, "indefinite length BER" and "implicitly tagged constructed BER strings". This is being done to properly support BER in our PKCS7 parsers, as we've made the transition to switch from CBB -> ASN1 macros for PKCS7 for now: 621bceb. We were using CBS_asn1_ber_to_der to translate BER -> DER for d2i_PKCS7, but the function has a caveat with implicitly-tagged constructed strings that causes encoding translations to be incomplete. We've decided to restore BER support in the macro parsers to resolve the PKCS7 compatibility issue and provide better OpenSSL compatibility for possible applications using OpenSSL's ASN.1 functions with BER encoding.

This commit is a revert of the two prior commits below. All "new logic" in crypto/asn1/tasn_dec.c was taken from these two commits.

• edbdc24
• ee510f5

The only smaller new changes are the following:

1. I've only translated the comment code styling and added a few more comments clarifying some of the historic ASN1 shenanigans.
2. There's also a change to the call to asn1_get_object_maybe_indefinite to call ASN1_get_object. This aligns with the original code in OpenSSL. I think we can clean up some of the changes done in cfe86a3, but I'd prefer to do so in a separate commit.

Testing:

• I've reused the BER tests in our CBB parsers here so we're confident that the functionalities 1:1. This commit is reinstating indefinite length so I've only borrowed those corresponding tests for now.
• I've generated a few new ASN1 test files with indefinite length as well. Indefinite length is more common among container types like SET and SEQUENCE, so we only pass those tests for now. Other indefinite length scenarios involve constructed form, but we don't have support for that just yet.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and the ISC license.

[codecov-commenter]

Codecov Report

Attention: Patch coverage is 83.84615% with 21 lines in your changes missing coverage. Please review.

Project coverage is 78.76%. Comparing base (dc5fe84) to head (88ee67c).
Report is 12 commits behind head on main.

Files with missing lines	Patch %	Lines
crypto/asn1/tasn_dec.c	80.00%	17 Missing ⚠️
crypto/test/test_util.h	60.00%	3 Missing and 1 partial ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #2306      +/-   ##
==========================================
+ Coverage   78.73%   78.76%   +0.02%     
==========================================
  Files         616      619       +3     
  Lines      107584   107861     +277     
  Branches    15286    15319      +33     
==========================================
+ Hits        84709    84959     +250     
- Misses      22220    22249      +29     
+ Partials      655      653       -2     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[justsmth]

OpenSSL uses a variant of this that we might want to test as well:

  const std::vector<uint8_t> zero_tag_bad_sequence = {0x31, 0x02, 0x02, 0x00};

[samuel40791765]

Ahh nice, I hadn't thought of looking into OpenSSL's tests. I'll scour for more if there's any.

[justsmth]

• OpenSSL performs an extra check here. (OpenSSL also declares expected_eoc as a uint32_t.):

    if (expected_eoc == UINT32_MAX) {
        ASN1err(ASN1_F_ASN1_FIND_END, ERR_R_NESTED_ASN1_ERROR);
        return 0;
    }

[samuel40791765]

Good catch. I was mainly focused on reverting the commit, but new changes around the code in OpenSSL definitely need to be taken note of as well. I'll look around to see if there's more.

[WillChilds-Klein]

Nice, much cleaner revert than I was expecting! Changes are looking good, just a few requests to bump up coverage.

[WillChilds-Klein]

should we also check that the error queue is populated here?

[samuel40791765]

Sure! The errors will be different for each specific circumstance, but we can check that the error type is of ASN1 here.

[WillChilds-Klein]

this is uncovered. can we add a test case that drops the 00 00 trailer?

[WillChilds-Klein]

this is uncovered. is there a nested-indefinite test SEQUENCE we can construct that will exercise this?

[WillChilds-Klein]

the true case here is uncovered. can we add a test case to exercise it?

[samuel40791765]

just a few requests to bump up coverage.

Added a couple more test cases which should add coverage against the places we were looking at!

[samuel40791765]

Sure! The errors will be different for each specific circumstance, but we can check that the error type is of ASN1 here.