kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
8c2480f740
boringssl/crypto/pkcs8
History
David Benjamin 8b8d22c961 Parse PKCS#12 files more accurately. 
Mercifully, PKCS#12 does not actually make ContentInfo and SafeBag
mutually recursive. The top-level object in a PKCS#12 is a SEQUENCE of
data or encrypted data ContentInfos. Their payloads are a SEQUENCE of
SafeBags (aka SafeContents).

SafeBag is a similar structure to ContentInfo but not identical (it has
attributes in it which we ignore) and actually carries the objects.
There is only recursion if the SafeContents bag type is used, which we
do not process.

This means we don't need to manage recursion depth. This also no longer
allows trailing data after the SEQUENCE and removes the comment about
NSS. The test file still passes, so I'm guessing something else was
going on?

Change-Id: I68e2f8a5cc4b339597429d15dc3588bd39267e0a
Reviewed-on: https://boringssl-review.googlesource.com/13071
Reviewed-by: Adam Langley <agl@google.com>
2017-01-12 16:56:05 +00:00
..
CMakeLists.txt Rework PKCS{5,8,12} code. 2017-01-11 01:25:14 +00:00
internal.h Rework PKCS{5,8,12} code. 2017-01-11 01:25:14 +00:00
p5_pbev2.c Rework PKCS{5,8,12} code. 2017-01-11 01:25:14 +00:00
p8_pkey.c
pkcs8_test.cc
pkcs8.c Parse PKCS#12 files more accurately. 2017-01-12 16:56:05 +00:00
pkcs12_test.cc