Ruby » Ruby master

=begin
Hi,

I read about this bug of OpenSSL this morning: http://rt.openssl.org/Ticket/Display.html?id=2438
What struck me was the following sentence:

"The ASN1 parser should reject indefinite length primitive encodings as
that is illegal."

I tested whether Ruby (trunk) ASN.1 decoding was also affected:

require 'openssl'
require 'pp'

spec = %w{ 02 80 02 01 01 00 00 }
raw = [spec.join('')].pack('H*')
asn1 = OpenSSL::ASN1.decode(raw)
pp asn1

=>

#<OpenSSL::ASN1::Integer:0x8db2538
@infinite_length=false,
@tag=2,
@tag_class=:UNIVERSAL,
@tagging=nil,
@value=0>

This bug is a direct consequence of the bug in OpenSSL referred to above. Parsing
should fail in this case as primitive values cannot have an infinite length without
having the constructed bits set. ( A correct encoding for the above would be this:
%w{ 22 80 02 01 01 00 00 }) But fortunately this is fixed quite easy.
By applying the appended patch, above script yields this exception:

=>

test.rb:6:in decode': Infinite length for primitive value (OpenSSL::ASN1::ASN1Error) from test.rb:6:in '

Regards,
Martin
=end