directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Michael Osipov (Jira)" <j...@apache.org>
Subject [jira] [Closed] (DIRKRB-741) Asn1Utf8String incorrectly calculates value length
Date Wed, 27 May 2020 12:59:00 GMT

     [ https://issues.apache.org/jira/browse/DIRKRB-741?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Michael Osipov closed DIRKRB-741.
---------------------------------

> Asn1Utf8String incorrectly calculates value length
> --------------------------------------------------
>
>                 Key: DIRKRB-741
>                 URL: https://issues.apache.org/jira/browse/DIRKRB-741
>             Project: Directory Kerberos
>          Issue Type: Bug
>    Affects Versions: 2.0.0
>            Reporter: Michael Osipov
>            Assignee: Colm O hEigeartaigh
>            Priority: Critical
>             Fix For: 2.0.1
>
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> I am trying to process public CAs. Kerby ASN.1 chokes on one. Selfcontained example:
> {code:java}
> import java.io.IOException;
> import java.nio.ByteBuffer;
> import java.security.cert.CertificateException;
> import java.util.Base64;
> import org.apache.kerby.asn1.Asn1;
> import org.apache.kerby.asn1.type.Asn1Sequence;
> public class KerbyTester {
> 	private static final String CERT_1 = "MIIGSzCCBDOgAwIBAgIIamg+nFGby1MwDQYJKoZIhvcNAQELBQAwgbIxCzAJBgNV"
> 			+ "BAYTAlRSMQ8wDQYDVQQHDAZBbmthcmExQDA+BgNVBAoMN0UtVHXEn3JhIEVCRyBC"
> 			+ "aWxpxZ9pbSBUZWtub2xvamlsZXJpIHZlIEhpem1ldGxlcmkgQS7Fni4xJjAkBgNV"
> 			+ "BAsMHUUtVHVncmEgU2VydGlmaWthc3lvbiBNZXJrZXppMSgwJgYDVQQDDB9FLVR1"
> 			+ "Z3JhIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTEzMDMwNTEyMDk0OFoXDTIz"
> 			+ "MDMwMzEyMDk0OFowgbIxCzAJBgNVBAYTAlRSMQ8wDQYDVQQHDAZBbmthcmExQDA+"
> 			+ "BgNVBAoMN0UtVHXEn3JhIEVCRyBCaWxpxZ9pbSBUZWtub2xvamlsZXJpIHZlIEhp"
> 			+ "em1ldGxlcmkgQS7Fni4xJjAkBgNVBAsMHUUtVHVncmEgU2VydGlmaWthc3lvbiBN"
> 			+ "ZXJrZXppMSgwJgYDVQQDDB9FLVR1Z3JhIENlcnRpZmljYXRpb24gQXV0aG9yaXR5"
> 			+ "MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA4vU/kwVRHoViVF56C/UY"
> 			+ "B4Oufq9899SKa6VjQzm5S/fDxmSJPZQuVIBSOTkHS0vdhQd2h8y/L5VMzH2nPbxH"
> 			+ "D5hw+IyFHnSOkm0bQNGZDbt1bsipa5rAhDGvykPL6ys06I+XawGb1Q5KCKpbknSF"
> 			+ "Q9OArqGIW66z6l7LFpp3RMih9lRozt6Plyu6W0ACDGQXwLWTzeHxE2bODHnv0ZEo"
> 			+ "q1+gElIwcxmOj+GMB6LDu0rw6h8VqO4lzKRG+Bsi77MOQ7osJLjFLFzUHPhdZL3D"
> 			+ "k14opz8n8Y4e0ypQBaNV2cvnOVPAmJ6MVGKLJrD3fY185MaeZkJVgkfnsliNZvcH"
> 			+ "fC425lAcP9tDJMW/hkd5s3kc91r0E+xs+D/iWR+V7kI+ua2oMoVJl0b+SzGPWsut"
> 			+ "dEcf6ZG33ygEIqDUD13ieU/qbIWGvaimzuT6w+Gzrt48Ue7LE3wBf4QOXVGUnhMM"
> 			+ "ti6lTPk5cDZvlsouDERVxcr6XQKj39ZkjFqzAQqptQpHF//vkUAqjqFGOjGY5RH8"
> 			+ "zLtJVor8udBhmm9lbObDyz51Sf6Pp+KJxWfXnUYTTjF2OySznhFlhqt/7x3U+Lzn"
> 			+ "rFpct1pHXFXOVbQicVtbC/DP3KBhZOqp12gKY6fgDT+gr9Oq0n7vUaDmUStVkhUX"
> 			+ "U8u3Zg5mTPj5dUyQ5xJwx0UCAwEAAaNjMGEwHQYDVR0OBBYEFC7j27JJ0JxUeVz6"
> 			+ "Jyr+zE7S6E5UMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAULuPbsknQnFR5"
> 			+ "XPonKv7MTtLoTlQwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4ICAQAF"
> 			+ "Nzr0TbdF4kV1JI+2d1LoHNgQk2Xz8lkGpD4eKexd0dCrfOAKkEh47U6YA5n+KGCR"
> 			+ "HTAduGN8qOY1tfrTYXbm1gdLymmasoR6d5NFFxWfJNCYExL/u6Au/U5Mh/jOXKqY"
> 			+ "GwXgAEZKgoClM4so3O0409/lPun++1ndYYRP0lSWE2ETPo+Aab6TR7U1Q9Jauz1c"
> 			+ "77NCR807VRMGsAnb/WP2OogKmW9+4c4bU2pEZiNRCHu8W1Ki/QY3OEBhj0qWuJA3"
> 			+ "+GbHeJAAFS6LrVE1Uweoa2iu+U48BybNCAVwzDk/dr2l02cmAYamU9JgO3xDf1WK"
> 			+ "vJUawSg5TB9D0pH0clmKuVb8P7Sd2nCcdlqMQ1DujjByTd//SffGqWfZbawCEeI6"
> 			+ "FiWnWAjLb1NBnEg4R2gz0dfHj9R0IdTDBZB6/86WiLEVKV0jq9BgoRJP3vQXzTLl"
> 			+ "yb/IQ639Lo7xr+L0mPoSHyDYwKcMhcWQ9DstliaxLL5Mq+ux0orJ23gTDx4JnW2P"
> 			+ "AJ8C2sH6H3p6CcRK5ogql5+Ji/03X186zjhZhkuvcQu02PJwT58yE+Owp1fl2tpD"
> 			+ "y4Q08ijE6m30Ku/Ba3ba+367hTzSU8JNvnHhRdH9I2cNE3X7z2VnIp2usAnRCf8d"
> 			+ "NL/+I5c30jn6PQ0GC7TbO6Orb1wdtn7os4I07QZcJA==";
> 	private static final String[] CERTS = new String[] { CERT_1 };
> 	public static void main(String[] args) throws CertificateException, IOException {
> 		for (String base64Cert : CERTS) {
> 			byte[] pemCert = Base64.getDecoder().decode(base64Cert);
> 			Asn1Sequence asn1seq = (Asn1Sequence) Asn1.decode(pemCert);
> 			Asn1.dump(asn1seq);
> 			ByteBuffer buf = ByteBuffer.allocate(pemCert.length);
> 			asn1seq.encode(buf);
> 			System.out.printf("original byte length: %d, encoded length: %d, byte buffer position:
%d%n", pemCert.length, asn1seq.encodingLength(), buf.position());
> 		}
> 	}
> }
> {code}
> The ouput is:
> {noformat}
> sequence [tag=0x30, len=4+1605] 
>     sequence [tag=0x30, len=4+1069] 
>         context [0] [tag=0xA0, len=2+3] 
>             integer [tag=0x02, len=2+1] 2
>         integer [tag=0x02, len=2+8] 7667447206703254355
>         sequence [tag=0x30, len=2+13] 
>             object identifier [tag=0x06, len=2+9] 1.2.840.113549.1.1.11
>             null [tag=0x05, len=2+0] null
>         sequence [tag=0x30, len=3+175] 
>             set [tag=0x31, len=2+11] 
>                 sequence [tag=0x30, len=2+9] 
>                     object identifier [tag=0x06, len=2+3] 2.5.4.6
>                     printable string [tag=0x13, len=2+2] TR
>             set [tag=0x31, len=2+15] 
>                 sequence [tag=0x30, len=2+13] 
>                     object identifier [tag=0x06, len=2+3] 2.5.4.7
>                     utf8 string [tag=0x0C, len=2+6] Ankara
>             set [tag=0x31, len=2+61] 
>                 sequence [tag=0x30, len=2+59] 
>                     object identifier [tag=0x06, len=2+3] 2.5.4.10
>                     utf8 string [tag=0x0C, len=2+52] E-Tuğra EBG Bilişim Teknolojileri
ve Hizmetleri A.Ş.
>             set [tag=0x31, len=2+38] 
>                 sequence [tag=0x30, len=2+36] 
>                     object identifier [tag=0x06, len=2+3] 2.5.4.11
>                     utf8 string [tag=0x0C, len=2+29] E-Tugra Sertifikasyon Merkezi
>             set [tag=0x31, len=2+40] 
>                 sequence [tag=0x30, len=2+38] 
>                     object identifier [tag=0x06, len=2+3] 2.5.4.3
>                     utf8 string [tag=0x0C, len=2+31] E-Tugra Certification Authority
>         sequence [tag=0x30, len=2+30] 
>             utc time [tag=0x17, len=2+13] Tue Mar 05 13:09:48 CET 2013
>             utc time [tag=0x17, len=2+13] Fri Mar 03 13:09:48 CET 2023
>         sequence [tag=0x30, len=3+175] 
>             set [tag=0x31, len=2+11] 
>                 sequence [tag=0x30, len=2+9] 
>                     object identifier [tag=0x06, len=2+3] 2.5.4.6
>                     printable string [tag=0x13, len=2+2] TR
>             set [tag=0x31, len=2+15] 
>                 sequence [tag=0x30, len=2+13] 
>                     object identifier [tag=0x06, len=2+3] 2.5.4.7
>                     utf8 string [tag=0x0C, len=2+6] Ankara
>             set [tag=0x31, len=2+61] 
>                 sequence [tag=0x30, len=2+59] 
>                     object identifier [tag=0x06, len=2+3] 2.5.4.10
>                     utf8 string [tag=0x0C, len=2+52] E-Tuğra EBG Bilişim Teknolojileri
ve Hizmetleri A.Ş.
>             set [tag=0x31, len=2+38] 
>                 sequence [tag=0x30, len=2+36] 
>                     object identifier [tag=0x06, len=2+3] 2.5.4.11
>                     utf8 string [tag=0x0C, len=2+29] E-Tugra Sertifikasyon Merkezi
>             set [tag=0x31, len=2+40] 
>                 sequence [tag=0x30, len=2+38] 
>                     object identifier [tag=0x06, len=2+3] 2.5.4.3
>                     utf8 string [tag=0x0C, len=2+31] E-Tugra Certification Authority
>         sequence [tag=0x30, len=4+546] 
>             sequence [tag=0x30, len=2+13] 
>                 object identifier [tag=0x06, len=2+9] 1.2.840.113549.1.1.1
>                 null [tag=0x05, len=2+0] null
>             bit string [tag=0x03, len=4+527] <526 bytes>
>         context [3] [tag=0xA3, len=2+99] 
>             sequence [tag=0x30, len=2+97] 
>                 sequence [tag=0x30, len=2+29] 
>                     object identifier [tag=0x06, len=2+3] 2.5.29.14
>                     octet string [tag=0x04, len=2+22] <22 octets>
>                 sequence [tag=0x30, len=2+15] 
>                     object identifier [tag=0x06, len=2+3] 2.5.29.19
>                     boolean [tag=0x01, len=2+1] true
>                     octet string [tag=0x04, len=2+5] <5 octets>
>                 sequence [tag=0x30, len=2+31] 
>                     object identifier [tag=0x06, len=2+3] 2.5.29.35
>                     octet string [tag=0x04, len=2+24] <24 octets>
>                 sequence [tag=0x30, len=2+14] 
>                     object identifier [tag=0x06, len=2+3] 2.5.29.15
>                     boolean [tag=0x01, len=2+1] true
>                     octet string [tag=0x04, len=2+4] <4 octets>
>     sequence [tag=0x30, len=2+13] 
>         object identifier [tag=0x06, len=2+9] 1.2.840.113549.1.1.11
>         null [tag=0x05, len=2+0] null
>     bit string [tag=0x03, len=4+513] <512 bytes>
> original byte length: 1615, encoded length: 1609, byte buffer position: 1615
> {noformat}
> The lengths do to fit. The {{len=4+1605}} is wrong. 6 bytes are missing. When {{asn1seq.encode()}}
is invoked the following happens:
> {noformat}
> Exception in thread "main" java.nio.BufferOverflowException
> 	at java.base/java.nio.HeapByteBuffer.put(HeapByteBuffer.java:225)
> 	at java.base/java.nio.ByteBuffer.put(ByteBuffer.java:1031)
> 	at org.apache.kerby.asn1.type.Asn1Simple.encodeBody(Asn1Simple.java:79)
> 	at org.apache.kerby.asn1.type.Asn1Encodeable.encode(Asn1Encodeable.java:146)
> 	at org.apache.kerby.asn1.type.Asn1Constructed.encodeBody(Asn1Constructed.java:93)
> 	at org.apache.kerby.asn1.type.Asn1Encodeable.encode(Asn1Encodeable.java:146)
> 	at org.apache.kerby.asn1.type.Asn1Encodeable.encode(Asn1Encodeable.java:136)
> 	at com.siemens.dynamowerk.certdownloader.KerbyTester.main(KerbyTester.java:62)
> {noformat}
> The cert is perfectly valid obtained from Mozilla's NSS bundle.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@directory.apache.org
For additional commands, e-mail: dev-help@directory.apache.org


Mime
View raw message