PKCS12 safecontents bag type deviation from spec

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

PKCS12 safecontents bag type deviation from spec

Sands, Daniel
After noticing that a safecontents bag written to a file was in a
different order than I added them, I did some experimentation and
discovered that it's sorting the list, which led me to notice that it's
defining a safecontentsbag as a SET OF safecontents, which causes
sorting:



ASN1_ADB(PKCS12_SAFEBAG) = {
        ADB_ENTRY(NID_keyBag, ASN1_EXP(PKCS12_SAFEBAG, value.keybag,
PKCS8_PRIV_KEY_INFO, 0)),
        ADB_ENTRY(NID_pkcs8ShroudedKeyBag, ASN1_EXP(PKCS12_SAFEBAG,
value.shkeybag, X509_SIG, 0)),
        ADB_ENTRY(NID_safeContentsBag, ASN1_EXP_SET_OF(PKCS12_SAFEBAG,
value.safes, PKCS12_SAFEBAG, 0)),
        ADB_ENTRY(NID_certBag, ASN1_EXP(PKCS12_SAFEBAG, value.bag,
PKCS12_BAGS, 0)),
        ADB_ENTRY(NID_crlBag, ASN1_EXP(PKCS12_SAFEBAG, value.bag,
PKCS12_BAGS, 0)),
        ADB_ENTRY(NID_secretBag, ASN1_EXP(PKCS12_SAFEBAG, value.bag,
PKCS12_BAGS, 0))
} ASN1_ADB_END(PKCS12_SAFEBAG, 0, type, 0, &safebag_default_tt, NULL);




PKCS12 specifies that a safecontents bag is a SEQUENCE OF safecontents,
just like the top-level authsafe is:



SafeContents ::= SEQUENCE OF SafeBag

...

The sixth type of bag that can be held in a SafeBag is a
   SafeContents.




Is the deviation from the spec intentional?
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Reply | Threaded
Open this post in threaded view
|

Re: PKCS12 safecontents bag type deviation from spec

OpenSSL - Dev mailing list
OpenSSL defines it as a SET OF and the spec says it’s a SEQUENCE OF.  Ouch!  Will that cause interop problems if we change it?  (I don’t remember the DER encoding rules)



--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Reply | Threaded
Open this post in threaded view
|

Re: [EXTERNAL] Re: PKCS12 safecontents bag type deviation from spec

Sands, Daniel
On Tue, 2018-01-16 at 14:50 +0000, Salz, Rich via openssl-dev wrote:
> OpenSSL defines it as a SET OF and the spec says it’s a SEQUENCE
> OF.  Ouch!  Will that cause interop problems if we change it?  (I
> don’t remember the DER encoding rules)
>
>
>

Well, a SEQUENCE uses tag 16 while a SET uses tag 17, according to a
quick reference I found.  So that could be an interoperability concern.
 But maybe this is the first actual use of nested safecontents, since
this difference flew under the radar for so long :)
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Reply | Threaded
Open this post in threaded view
|

Re: [EXTERNAL] Re: PKCS12 safecontents bag type deviation from spec

Blumenthal, Uri - 0553 - MITLL
I think the change is justified.

Regards,
Uri

On Jan 16, 2018, at 14:31, Sands, Daniel <[hidden email]> wrote:

On Tue, 2018-01-16 at 14:50 +0000, Salz, Rich via openssl-dev wrote:
OpenSSL defines it as a SET OF and the spec says it’s a SEQUENCE
OF.  Ouch!  Will that cause interop problems if we change it?  (I
don’t remember the DER encoding rules)




Well, a SEQUENCE uses tag 16 while a SET uses tag 17, according to a
quick reference I found.  So that could be an interoperability concern.
But maybe this is the first actual use of nested safecontents, since
this difference flew under the radar for so long :)
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev


--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Reply | Threaded
Open this post in threaded view
|

Re: [EXTERNAL] Re: PKCS12 safecontents bag type deviation from spec

Tomas Mraz-2
In reply to this post by Sands, Daniel
On Tue, 2018-01-16 at 19:31 +0000, Sands, Daniel wrote:

> On Tue, 2018-01-16 at 14:50 +0000, Salz, Rich via openssl-dev wrote:
> > OpenSSL defines it as a SET OF and the spec says it’s a SEQUENCE
> > OF.  Ouch!  Will that cause interop problems if we change it?  (I
> > don’t remember the DER encoding rules)
> >
> >
> >
>
> Well, a SEQUENCE uses tag 16 while a SET uses tag 17, according to a
> quick reference I found.  So that could be an interoperability
> concern.
>  But maybe this is the first actual use of nested safecontents, since
> this difference flew under the radar for so long :)

Would it be possible to allow for loading the safecontents bag with
both correct and incorrect tag? But we should always write the correct
one.

--
Tomáš Mráz
No matter how far down the wrong road you've gone, turn back.
                                              Turkish proverb
[You'll know whether the road is wrong if you carefully listen to your
conscience.]

--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev