[openssl.org #1687] [PATCH] ASN.1 declaration error in pk7_asn1.c

Mon, 02 Jun 2008 04:18:59 -0700 

> [EMAIL PROTECTED] - Mon Jun 02 10:49:53 2008]:
> 
> I think I've spotted a problem generating PKCS#7 DER-encoded output 
> using OpenSSL 0.9.8e
> 
> crypto/pkcs7/pk7_asn1.c has an ASN.1 definition for PKCS7_SIGNED as:
> 
> > ASN1_NDEF_SEQUENCE(PKCS7_SIGNED) = {
> >         ASN1_SIMPLE(PKCS7_SIGNED, version, ASN1_INTEGER),
> >         ASN1_SET_OF(PKCS7_SIGNED, md_algs, X509_ALGOR),
> >         ASN1_SIMPLE(PKCS7_SIGNED, contents, PKCS7),
> > -->     ASN1_IMP_SEQUENCE_OF_OPT(PKCS7_SIGNED, cert, X509, 0),
> >         ASN1_IMP_SET_OF_OPT(PKCS7_SIGNED, crl, X509_CRL, 1),
> >         ASN1_SET_OF(PKCS7_SIGNED, signer_info, PKCS7_SIGNER_INFO)
> > } ASN1_NDEF_SEQUENCE_END(PKCS7_SIGNED)
> 
> RFC 2315 defines the associated ASN.1 type as
> >    SignedData ::= SEQUENCE {
> >      version Version,
> >      digestAlgorithms DigestAlgorithmIdentifiers,
> >      contentInfo ContentInfo,
> > -->  certificates
> >         [0] IMPLICIT ExtendedCertificatesAndCertificates
> >           OPTIONAL,
> >      crls
> >        [1] IMPLICIT CertificateRevocationLists OPTIONAL,
> >      signerInfos SignerInfos }
> and defines "ExtendedCertificatesAndCertificates" as
> >    ExtendedCertificatesAndCertificates ::=
> >      SET OF ExtendedCertificateOrCertificate
> 
> 
> I think this means that the definition in pk7_asn1.c for "cert" is wrong.
>         ASN1_IMP_SEQUENCE_OF_OPT(PKCS7_SIGNED, cert, X509, 0),
> should be
>         ASN1_IMP_SET_OF_OPT(PKCS7_SIGNED, cert, X509, 0),
> 
> Without this, if you populate a PKCS7_SIGNED structure with a list of 
> certificates, they do not get DER-encoded properly (they are written in 
> the order they appear in the STACK_OF(X509), like a SEQUENCE rather than 
> sorted lexicographically, like a SET should be.)
> 
> Is the analysis correct?
> 

It is but there is a reason for it...

The PKCS7_SIGNED structure does not have to be DER and is often BER when
for example indefinite length constructed forms which OpenSSL 0.9.9-dev
can generate.

There are also some software packages which rely on the order of the
certificates, the first certificate is given a special meaning.


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [email protected]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to