octoleo/phpseclib
1
0
Fork 0
mirror of https://github.com/phpseclib/phpseclib.git synced 2025-02-03 20:38:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

ASN1: limit OID length

Browse Source
This commit is contained in:
terrafrost 2024-02-24 13:07:01 -06:00
parent ad5dbdf212
commit e32531001b
3 changed files with 18 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
phpseclib/File/ASN1.php
View File

@ -1277,6 +1277,11 @@ class File_ASN1
$oid = array(); $oid = array();
$pos = 0; $pos = 0;
$len = strlen($content); $len = strlen($content);
// see https://github.com/openjdk/jdk/blob/2deb318c9f047ec5a4b160d66a4b52f93688ec42/src/java.base/share/classes/sun/security/util/ObjectIdentifier.java#L55
if ($len > 4096) {
//user_error('Object Identifier size is limited to 4096 bytes');
return false;
}
if (ord($content[$len - 1]) & 0x80) { if (ord($content[$len - 1]) & 0x80) {
return false; return false;

BIN
tests/Unit/File/ASN1/mal-cert-02.der Normal file
View File

Binary file not shown.

13
tests/Unit/File/ASN1Test.php
View File

@ -448,4 +448,17 @@ class Unit_File_ASN1Test extends PhpseclibTestCase
$decoded = $asn1->decodeBER($em); $decoded = $asn1->decodeBER($em);
$this->assertFalse($decoded[0]); $this->assertFalse($decoded[0]);
} }
public function testLongOID()
{
$cert = file_get_contents(dirname(__FILE__) . '/ASN1/mal-cert-02.der');
$asn1 = new File_ASN1();
//$this->setExpectedException('PHPUnit_Framework_Error_Notice');
$decoded = $asn1->decodeBER($cert);
$this->assertFalse($decoded[0]);
//$x509 = new X509();
//$x509->loadX509($cert);
}
} }