Merge branch '2.0' into 3.0

This commit is contained in:
terrafrost 2021-06-24 21:45:57 -05:00
commit 927f8062a7
3 changed files with 45 additions and 1 deletions

View File

@ -238,6 +238,9 @@ abstract class ASN1
{ {
$current = ['start' => $start]; $current = ['start' => $start];
if (!isset($encoded[$encoded_pos])) {
return false;
}
$type = ord($encoded[$encoded_pos++]); $type = ord($encoded[$encoded_pos++]);
$startOffset = 1; $startOffset = 1;
@ -248,6 +251,9 @@ abstract class ASN1
$tag = 0; $tag = 0;
// process septets (since the eighth bit is ignored, it's not an octet) // process septets (since the eighth bit is ignored, it's not an octet)
do { do {
if (!isset($encoded[$encoded_pos])) {
return false;
}
$temp = ord($encoded[$encoded_pos++]); $temp = ord($encoded[$encoded_pos++]);
$startOffset++; $startOffset++;
$loop = $temp >> 7; $loop = $temp >> 7;
@ -264,6 +270,9 @@ abstract class ASN1
$start+= $startOffset; $start+= $startOffset;
// Length, as discussed in paragraph 8.1.3 of X.690-0207.pdf#page=13 // Length, as discussed in paragraph 8.1.3 of X.690-0207.pdf#page=13
if (!isset($encoded[$encoded_pos])) {
return false;
}
$length = ord($encoded[$encoded_pos++]); $length = ord($encoded[$encoded_pos++]);
$start++; $start++;
if ($length == 0x80) { // indefinite length if ($length == 0x80) { // indefinite length

View File

@ -627,7 +627,6 @@ class X509
for ($i = 0; $i < count($extensions); $i++) { for ($i = 0; $i < count($extensions); $i++) {
$id = $extensions[$i]['extnId']; $id = $extensions[$i]['extnId'];
$value = &$extensions[$i]['extnValue']; $value = &$extensions[$i]['extnValue'];
$decoded = ASN1::decodeBER($value);
/* [extnValue] contains the DER encoding of an ASN.1 value /* [extnValue] contains the DER encoding of an ASN.1 value
corresponding to the extension type identified by extnID */ corresponding to the extension type identified by extnID */
$map = $this->getMapping($id); $map = $this->getMapping($id);
@ -635,6 +634,7 @@ class X509
$decoder = $id == 'id-ce-nameConstraints' ? $decoder = $id == 'id-ce-nameConstraints' ?
[static::class, 'decodeNameConstraintIP'] : [static::class, 'decodeNameConstraintIP'] :
[static::class, 'decodeIP']; [static::class, 'decodeIP'];
$decoded = ASN1::decodeBER($value);
$mapped = ASN1::asn1map($decoded[0], $map, ['iPAddress' => $decoder]); $mapped = ASN1::asn1map($decoded[0], $map, ['iPAddress' => $decoder]);
$value = $mapped === false ? $decoded[0] : $mapped; $value = $mapped === false ? $decoded[0] : $mapped;

View File

@ -1178,6 +1178,7 @@ qzFkAKWjJj4KjfrbZX4C0Spfxw==
} }
/** /**
<<<<<<< HEAD
* @group github1586 * @group github1586
*/ */
public function testComputeKeyIdentifier() public function testComputeKeyIdentifier()
@ -1250,4 +1251,38 @@ o2UiZsxgoMYuq02T07DOknc=
$x509 = new X509; $x509 = new X509;
$x509->sign($issuer, $subject); $x509->sign($issuer, $subject);
} }
/**
* @group github1676
*/
public function testMalformedExt()
{
$a = '-----BEGIN CERTIFICATE-----
MIIDtjCCAmmgAwIBAgIUOynecffcNv1/7oqCfu98x899PhwwQgYJKoZIhvcNAQEK
MDWgDTALBglghkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogMC
ASCjAwIBATAcMRowGAYDVQQKDBFwaHBzZWNsaWIgQ0EgY2VydDAeFw0yMTA2MjUw
MTQ1MjlaFw0yMjA2MjUwMTQ1MjlaMBwxGjAYBgNVBAoMEXBocHNlY2xpYiBDQSBj
ZXJ0MIIBVzBCBgkqhkiG9w0BAQowNaANMAsGCWCGSAFlAwQCAaEaMBgGCSqGSIb3
DQEBCDALBglghkgBZQMEAgGiAwIBIKMDAgEBA4IBDwAwggEKAoIBAQCm8w3WEr4t
rbTaAHLI4uAGkZ5mJG8tgThw/qlADPZODjyJtNBZ1i39URXkHa4jdTfLMaCg8aWp
6eouRnNftUktmM4lG3j1JF6Cq2SkF93zJ2RZq3Ldpnv1jXS9qmtsndSzElria6f7
qY3c63S0YFYvNLmMd5lECPYuS3fj0DcPp1Gyy1GnfjSu6OyP34gtjOpZ3bSQmpTg
78HllRZiq6vQIAw6Svoi4Ih573PGRjVHbh/KP5/4gP0ClW+qGjR+qJinmBSOISRU
RSP3Yqh1eSo/gdqOfe+8g7ffTdsZ77xzP2nwq9wsmSyFh/jbQyG05R1cC0zGfBdo
3sDkSw5KDMQzAgMBAAGjUTBPMAsGA1UdDwQEAwIBBjAPBgNVHRMBAf8EBTADAQH/
MB0GA1UdDgQWBBTsxDp1d394JKfAJZOuA9YQSvtvWjAQBggrBgEFBQcBAQEB/wQB
ADBCBgkqhkiG9w0BAQowNaANMAsGCWCGSAFlAwQCAaEaMBgGCSqGSIb3DQEBCDAL
BglghkgBZQMEAgGiAwIBIKMDAgEBA4IBAQCF8DNkkP5z2mkHoo0SvoUpscbaSpXF
jjMpLsQwdhar1jbrEIEQpSGsZlmxpGroBj91wQLjJv7godfFC6b2T4cRcj5NZAEI
ZyoxrfZ0WU609ZAKFooYwEA2nLAG8Y4ygD5adT45MhmqKs79p4uaG5Z78zQrkUYY
d9BtBm0pyZ513s+KW/keUxVKlHnnxdV9FIis0S/d74mjass4YjPZcWnss6TBfIyD
EbQ5UK6Zu74q0lQLp7t14zSQ2B5tclVnM7jY0RiRzpLgDCq3kpbaw6KvFzH9lfPP
BbNA6tFZAwLoX18R6yEmzHAQ+R2Eliiaz7mgQ+M2d0ec6qQJFoO7aJsX
-----END CERTIFICATE-----';
$x509 = new X509();
$r = $x509->loadX509($a);
$this->assertIsArray($r);
}
} }