Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Revert constructed #2310

Draft
wants to merge 2 commits into
base: main
Choose a base branch
from
Draft

Revert constructed #2310

wants to merge 2 commits into from

Conversation

samuel40791765
Copy link
Contributor

Issues:

Resolves CryptoAlg-3037

Description of changes:

This is the last step of trying to reinstate support for BER in our OpenSSL ASN1 macro parsers. Proper support for BER consists of two parts, "indefinite length BER" and "implicitly tagged constructed BER strings". This is being done to properly support BER in our PKCS7 parsers, as we've made the transition to switch from CBB -> ASN1 macros for PKCS7 for now: 621bceb. We were using CBS_asn1_ber_to_der to translate BER -> DER for d2i_PKCS7, but the function has a caveat with implicitly-tagged constructed strings that causes encoding translations to be incomplete. We've decided to restore BER support in the macro parsers to resolve the PKCS7 compatibility issue and provide better OpenSSL compatibility for possible applications using OpenSSL's ASN.1 functions with BER encoding.

This commit is a revert of the prior commit below. All "new logic" in crypto/asn1/tasn_dec.c was taken from this.

The only smaller new changes are the following:

  • WIP

Testing:

  • I've reused the BER tests in our CBB parsers here so we're confident that the functionalities 1:1. This commit is reinstating indefinite length so I've only borrowed those corresponding tests for now.
  • I've generated a few new ASN1 test files with indefinite length as well. Indefinite length is more common among container types like SET and SEQUENCE, so we only pass those tests for now. Other indefinite length scenarios involve constructed form, but we don't have support for that just yet.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and the ISC license.

@codecov-commenter
Copy link

codecov-commenter commented Apr 3, 2025
edited
Loading

Codecov Report

Attention: Patch coverage is 75.67568% with 45 lines in your changes missing coverage. Please review.

Project coverage is 78.72%. Comparing base (dc5fe84) to head (369254a).
Report is 10 commits behind head on main.

Files with missing lines Patch % Lines
crypto/asn1/tasn_dec.c 69.34% 42 Missing ⚠️
crypto/test/test_util.h 57.14% 2 Missing and 1 partial ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #2310      +/-   ##
==========================================
- Coverage   78.73%   78.72%   -0.02%     
==========================================
  Files         616      616              
  Lines      107584   107745     +161     
  Branches    15286    15318      +32     
==========================================
+ Hits        84709    84819     +110     
- Misses      22220    22270      +50     
- Partials      655      656       +1

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@samuel40791765 @codecov-commenter