I would like to remove syn 1 from my dependency tree (since it's slow to build). As far as I can tell, the upgrade isn't even breaking (at least given how I use asn1-rs/der-parser/x509-parser).

Potential segfault in the time crate

Impact

Unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires an environment variable to be set in a different thread than the affected functions. This may occur without the user's knowledge, notably in a third-party library.

The affected functions from time 0.2.7 through 0.2.22 are:

• time::UtcOffset::local_offset_at
• time::UtcOffset::try_local_offset_at
• time::UtcOffset::current_local_offset
• time::UtcOffset::try_current_local_offset
• time::OffsetDateTime::now_local
• time::OffsetDateTime::try_now_local

The affected functions in time 0.1 (all versions) are:

• at
• at_utc

Non-Unix targets (including Windows and wasm) are unaffected.

Patches

Pending a proper fix, the internal method that determines the local offset has been modified to always return None on the affected operating systems. This has the effect of returning an Err on the try_* methods and UTC on the non-try_* methods.

Users and library authors with time in their dependency tree should perform cargo update, which will pull in the updated, unaffected code.

Users of time 0.1 do not have a patch and should upgrade to an unaffected version: time 0.2.23 or greater or the 0.3. series.

Workarounds

No workarounds are known.

References

time-rs/time#293

See advisory page for additional details.

Hi there,

I was trying to use this crate to serialize a SetOf data and found that the serialized tag of SetOf is 0x30, but the correct one should be 0x31 if I understand it correctly.

The issue can be demonstrated by a simple example:

let it = [2, 3, 4].iter();
let set = SetOf::from_iter(it);
let mut der = Vec::new();
set.write_der(&mut der).unwrap();

The content of der is:

30 09 02 01 02 02 01 03 02 01 04

which I think should be:

31 09 02 01 02 02 01 03 02 01 04

My wild guess is that the tag for Vec is always Tag::Sequence.

Could you please advise if this is an issue or not? Thanks.

impl<'a, T> FromDer<'a> for Option<T> has a bug where deserialization of Option<T> in a struct annotated with #[derive(DerSequence)] will fail in with DerConstraintFailed(..) in certain cases.

Example of test failure where test() here will fail with Error(DerConstraintFailed(InvalidBoolean)) from TestBool::from_der(expected).unwrap() as bool/Boolean has a strict DER constraint check on the first byte of the following field:

#[derive(DerSequence, Debug, PartialEq)]
struct TestBool {
    a: u16,
    b: Option<bool>,
    c: u32,
}

#[test]
fn test() {
    let x = TestBool {
        a: 0x1234,
        b: None,
        c: 0x5678,
    };

    let mut buffer = vec![];
    let _ = x.write_der(&mut buffer).unwrap();

    let expected = &[48, 8, 2, 2, 18, 52, 2, 2, 86, 120];
    assert_eq!(buffer, expected);

    let (_, val) = TestBool::from_der(expected).unwrap();
    assert_eq!(val, x);
}

#[test]
fn test2() {
    let x = TestBool {
        a: 0x1234,
        b: Some(true),
        c: 0x5678,
    };

    let mut buffer = vec![];
    let _ = x.write_der(&mut buffer).unwrap();

    let expected = &[48, 11, 2, 2, 18, 52, 1, 1, 255, 2, 2, 86, 120];
    assert_eq!(buffer, expected);

    let (_, val) = TestBool::from_der(expected).unwrap();
    assert_eq!(val, x);
}

A similar example where the contained type has more relaxed constraints (u32 instead of bool) works:

#[derive(DerSequence, Debug, PartialEq)]
struct TestInt {
    a: u16,
    b: Option<u32>,
    c: bool,
}

#[test]
fn test3() {
    let x = TestInt {
        a: 0x1234,
        b: None,
        c: true,
    };

    let mut buffer = vec![];
    let _ = x.write_der(&mut buffer).unwrap();

    let expected = &[48, 7, 2, 2, 18, 52, 1, 1, 255];
    assert_eq!(buffer, expected);

    let (_, val) = TestInt::from_der(expected).unwrap();
    assert_eq!(val, x);
}

#[test]
fn test4() {
    let x = TestInt {
        a: 0x1234,
        b: Some(0x5678),
        c: true,
    };

    let mut buffer = vec![];
    let _ = x.write_der(&mut buffer).unwrap();

    let expected = &[48, 11, 2, 2, 18, 52, 2, 2, 86, 120, 1, 1, 255];
    assert_eq!(buffer, expected);

    let (_, val) = TestInt::from_der(expected).unwrap();
    assert_eq!(val, x);
}

This could be fixed by accounting for Error::DerConstraintFailed in impl<'a, T> FromDer<'a> for Option<T>, but perhaps there are other edge cases to consider as well?

impl<'a, T> FromDer<'a> for Option<T>
where
    T: FromDer<'a>,
{
    fn from_der(bytes: &'a [u8]) -> ParseResult<Self> {
        if bytes.is_empty() {
            return Ok((bytes, None));
        }
        match T::from_der(bytes) {
            Ok((rem, t)) => Ok((rem, Some(t))),
            Err(nom::Err::Error(Error::UnexpectedTag { .. })) => Ok((bytes, None)),
            Err(nom::Err::Error(Error::DerConstraintFailed(..))) => Ok((bytes, None)),
            Err(e) => Err(e),
        }
    }
}

Currently, if I want to compare parsed OIDs against expected constants, the best I can do with the current API is the following:

const OID_RSA_ENCRYPTION: &str = "1.2.840.113549.1.1.1";
const OID_EC_PUBLIC_KEY: &str = "1.2.840.10045.2.1";

fn foo(oid: Oid) {
    match oid.to_string().as_str() {
        OID_RSA_ENCRYPTION => { .. },
        OID_EC_PUBLIC_KEY => { .. },
    }
}

If Oid::from was a const fn, then we could define the constants using something like:

const OID_RSA_ENCRYPTION: Oid = Oid::from(&[1, 2, 840, 113549, 1, 1, 1]);
const OID_EC_PUBLIC_KEY: Oid = Oid::from(&[1, 2, 840, 10045, 2, 1]);

fn foo(oid: Oid) {
    match oid {
        OID_RSA_ENCRYPTION => { .. },
        OID_EC_PUBLIC_KEY => { .. },
    }
}

This probably requires rusticata/der-parser#17.

This is just a abstract idea I had because I'm currently writing a serializer using this crate:

The pattern I hit right now is that to be able to calculate the final encoded length for write_der_header I have to wrap all tagged fields and resolve things like their lengths, recursively.

But I have to throw away that state directly afterwards, only to reconstruct it again in the directly following call to write_der_content.

It's not a big overhead by any means, but I was wondering if I could remove it regardless.

Is that something that'd you be interested in as well and/or would want to work on together?

An idea I had is to make ToDer have an associated type that stores what is in essence a weak normalized form. The basic idea is that the WNF can be encoded into bytes directly without conditionals and without having to allocate/wrap any fields.

That solution would however make ToDer not object-safe until GATs for trait objects land. Not sure if that is a significant usability problem though.

(Fun fact: The last time I had this issue in asnom I actually inverted encoding, writing out the bodies of fields first and the headers afterwards, making heavy use of scatter/gather-IO. But that approach was absurdly complex, hard to use, and not all that efficient in most cases anyway.)

The oid! macro in der-parser v6 accepted any number of tokens, which allowed me to construct an invocation to it in my own macro where I fed it a series of literals and periods. Trying this in v8 fails with a macro error, which appears to be due to the asn1-rs version of the macro expecting a single $items:expr arg instead of something like $($item:tt)+. This breaks my code as I construct a whole tree of oids using my own macro.

A simple reproduction looks like

// Code sample provided under the MIT license
macro_rules! foo {
  ($a:literal $b:literal $c:literal) => {
    der_parser::oid!($a.$b.$c)
  };
}

fn main() {
  dbg!(foo!(1 2 3));
}

This works just fine with der-parser v6 but fails with der-parser v8

error: unexpected token: `2`
 --> foo.rs:4:22
  |
4 |  der_parser::oid!($a.$b.$c)
  |                      ^^
...
9 |  dbg!(foo!(1 2 3));
  |       ----------- in this macro invocation
  |
  = note: this error originates in the macro `foo` (in Nightly builds, run with -Z macro-backtrace for more info)

error: no rules expected the token `2`
   --> foo.rs:4:22
    |
4   |  der_parser::oid!($a.$b.$c)
    |                      ^^ no rules expected this token in macro call
...
9   |  dbg!(foo!(1 2 3));
    |       ----------- in this macro invocation
    |
note: while trying to match meta-variable `$items:expr`
   --> /Users/lily/.cargo/registry/src/github.com-1ecc6299db9ec823/asn1-rs-0.5.2/src/asn1_types/oid.rs:462:6
    |
462 |     ($items:expr) => {
    |      ^^^^^^^^^^^
    = note: this error originates in the macro `foo` (in Nightly builds, run with -Z macro-backtrace for more info)

LICENSE-MIT and LICENSE-APACHE are missing in asn1-rs-impl-0.2.0.crate downloaded from https://crates.io/crates/asn1-rs-impl/0.2.0. Would you accept a PR similar to this one? I would like to package it as rpm for Fedora (which identifies missing license as a mistake and encourages upstream to include it) and it would make it easier. Thanks.

Hi, I have an issue regarding the encoding of large tags, particularly those that exceed the value of 0x80, where after serialization and deserialization, the tags don't match to the original.

The following code can be used to show this:

extern crate asn1_rs;
use asn1_rs::{Any, Error, FromDer, Implicit, Integer, Tag, ToDer};

fn main() {
   let tmp = Any::from_tag_and_data(Tag::from(0x41424344), &Integer::from(1).to_der_vec().unwrap())
        .to_der_vec()
        .unwrap();

    let expect = Tag::from(0x41424344);
    let actual = Any::from_der(&tmp).unwrap().1.tag();
    
    assert_eq!(expect, actual, "expected tag {expect}, found tag {actual}");
}

The above code results in the following output upon execution:

thread 'main' panicked at src/main.rs:12:5:
assertion `left == right` failed: expected tag Tag(1094861636 / 0x41424344), found tag Tag(1086473476 / 0x40c24504)
  left: Tag(1094861636)
 right: Tag(1086473476)
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace

As I understand it, the tags are to remain the same during both the serialization and deserialization steps. If not, is there a correct way to store the tags so that they can be encoded onto the proper value?

Thanks in advance!

The main readme hints at the existence of a ToBer trait:

BER/DER encoding is symmetrical to decoding, using the traits ToBer and [ToDer] traits. 

However I can't find anything about this in the code. Am I just missing something obvious?

Hi, thanks for the great work!!

I noted that the conversion from utc_datetime() don't try to guess the century. As documented in https://www.obj-sys.com/asn1tutorial/node15.html the year is just 2 chars and asn1c use 19 if the year is greater than 0x35 and 20 otherwise.

I guess that the right behavior of asn1-rs should be the same.

I can file a pull request if you are agree.

Hi Guys,

I'm trying statically compile Salvo sample server https://github.com/salvo-rs/salvo/tree/v0.37.x/examples/acme-http01
with the command but getting error.
Is it something you can fix?

$ RUSTFLAGS='-C target-feature=+crt-static' cargo build --release
error: cannot produce proc-macro for `asn1-rs-derive v0.4.0` as the target `x86_64-unknown-linux-gnu` does not support these crate types

Thank you.

When passed in a ber with an Infinite length content, it produces a der error on Infinite length (Error(DerConstraintFailed(IndefiniteLength))). This shouldn't have happened because ber has no constrains on length.

The problem is expected to be located here. I fixed to Header::from_ber and the problem is resolved.

I believe this is a typo and should be fixed.

P/S: The ber I tried to parse is from an Apple signature chain in any signed binary, and I assume it to be correct (checked using https://lapo.it/asn1js/). Using the rusticata/der-parser parse_ber function.

I have a BER schema which looks like the following :

SEQUENCE {
    typeA SEQUENCE {...}
    typeB SEQUENCE {...}
}

I try to retrieve fields that are located in typeA SEQUENCE, how can I inspect it in a way to deal with errors, i.e. is it possible to do something like the following :

let (rem, result) = Sequence::from_ber_and_then(input, |i| {
     let (rem2, a) = Sequence::from_ber_and_then(input, |j| {
          let (rem2, a) = u32::from_der(input)?;
          ....
         Ok(...)
})?;

Is it the right to do that ? I'm not able to find the correct code to write in order to run that.

Thanks in advance

Add a pretty-printer (like PrettyBer in der-parser) for Any.

This is already implemented as an example, dump-der.rs.

If a pretty-printer is embedded, it will either be simpler than the example (will not decode OID etc.), or should be moved to another crate to avoid cyclic dependencies

Potential segfault in localtime_r invocations

Impact

Unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires an environment variable to be set in a different thread than the affected functions. This may occur without the user's knowledge, notably in a third-party library.

Workarounds

No workarounds are known.

References

• time-rs/time#293

See advisory page for additional details.

NOT A CONTRIBUTION

Unlike the other string types, BmpString only implements TryFrom<Any> and not TryFrom<&Any>.

The code generated by both BerSequence and DerSequence for the TryFrom<Any> trait uses the finish function for error convertion. The issue with finish is that it can panic when the parser's result is Err(Err::Incomplete(_)). This is problematic when parsing ASN.1 structures that are corrupted.

I've found this issue while trying to use the x509-parser crate for parsing X509 certificates in Windows PE files. The files are sometimes corrupt, and make the program panic.

Consider the AlgorithmIdentifier structure:

#[derive(Clone, Debug, PartialEq, DerSequence)]
#[error(X509Error)]
pub struct AlgorithmIdentifier<'a> {
    #[map_err(|_| X509Error::InvalidAlgorithmIdentifier)]
    pub algorithm: Oid<'a>,
    #[optional]
    pub parameters: Option<Any<'a>>,
}

The code generated by DerSequence for the try_from function looks like:

fn try_from(any: Any<'ber>) -> asn1_rs::Result<Self, X509Error> {
    use asn1_rs::nom::*;
    any.tag().assert_eq(Self::TAG)?;
    let i = any.data;
    let (i, algorithm) = FromBer::from_ber(i).finish().map_err(|_| X509Error::InvalidAlgorithmIdentifier)?;
    let (i, parameters) = FromBer::from_ber(i).finish()?;
    let _ = i;
    Ok(Self {
        algorithm,
        parameters,
    })
}

Notice the use of finish after parsing both the algorithm and parameters fields. The documentation for finish says:

warning: if the result is Err(Err::Incomplete(_)), this method will panic.

“complete” parsers: It will not be an issue, Incomplete is never used
“streaming” parsers: Incomplete will be returned if there’s not enough data for the parser to decide, and you should gather more data before parsing again. Once the parser returns either Ok(), Err(Err::Error()) or Err(Err::Failure(_)), you can get out of the parsing loop and call finish() on the parser’s result

So, it looks like "streaming" parsing is being used, but I'm not sure if that's the case, or why.