diff options
author | Peter Dettman <peter.dettman@bouncycastle.org> | 2023-03-16 11:31:21 +0700 |
---|---|---|
committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2023-03-16 11:31:21 +0700 |
commit | 32ada34bce57d83a54d65c27561a5a39d0302992 (patch) | |
tree | ba930d408794632fa9395dfb065bc94339c621b6 | |
parent | Refactor EdDsaSigner (diff) | |
download | BouncyCastle.NET-ed25519-32ada34bce57d83a54d65c27561a5a39d0302992.tar.xz |
Fix non-8-aligned IPv4 netmask parsing
- see https://github.com/bcgit/bc-csharp/issues/426
-rw-r--r-- | crypto/src/asn1/x509/GeneralName.cs | 2 | ||||
-rw-r--r-- | crypto/test/src/asn1/test/GeneralNameTest.cs | 23 |
2 files changed, 19 insertions, 6 deletions
diff --git a/crypto/src/asn1/x509/GeneralName.cs b/crypto/src/asn1/x509/GeneralName.cs index 62d650df0..3f5a35d37 100644 --- a/crypto/src/asn1/x509/GeneralName.cs +++ b/crypto/src/asn1/x509/GeneralName.cs @@ -337,7 +337,7 @@ namespace Org.BouncyCastle.Asn1.X509 } if (bits > 0) { - addr[offset] = (byte)(byte.MaxValue >> (8 - bits)); + addr[offset] = (byte)(0xFF00 >> bits); } } diff --git a/crypto/test/src/asn1/test/GeneralNameTest.cs b/crypto/test/src/asn1/test/GeneralNameTest.cs index 10776c59c..76b810592 100644 --- a/crypto/test/src/asn1/test/GeneralNameTest.cs +++ b/crypto/test/src/asn1/test/GeneralNameTest.cs @@ -14,7 +14,8 @@ namespace Org.BouncyCastle.Asn1.Tests : SimpleTest { private static readonly byte[] ipv4 = Hex.Decode("87040a090800"); - private static readonly byte[] ipv4WithMask = Hex.Decode("87080a090800ffffff00"); + private static readonly byte[] ipv4WithMask24 = Hex.Decode("87080a090800ffffff00"); + private static readonly byte[] ipv4WithMask14 = Hex.Decode("87080a090800fffc0000"); private static readonly byte[] ipv6a = Hex.Decode("871020010db885a308d313198a2e03707334"); private static readonly byte[] ipv6b = Hex.Decode("871020010db885a3000013198a2e03707334"); @@ -38,19 +39,31 @@ namespace Org.BouncyCastle.Asn1.Tests Fail("ipv4 encoding failed"); } - nm = new GeneralName(GeneralName.IPAddress, "10.9.8.0/255.255.255.0"); - if (!Arrays.AreEqual(nm.GetEncoded(), ipv4WithMask)) + nm = new GeneralName(GeneralName.IPAddress, "10.9.8.0/255.255.255.0"); + if (!Arrays.AreEqual(nm.GetEncoded(), ipv4WithMask24)) { Fail("ipv4 with netmask 1 encoding failed"); } nm = new GeneralName(GeneralName.IPAddress, "10.9.8.0/24"); - if (!Arrays.AreEqual(nm.GetEncoded(), ipv4WithMask)) + if (!Arrays.AreEqual(nm.GetEncoded(), ipv4WithMask24)) { Fail("ipv4 with netmask 2 encoding failed"); } - nm = new GeneralName(GeneralName.IPAddress, "2001:0db8:85a3:08d3:1319:8a2e:0370:7334"); + nm = new GeneralName(GeneralName.IPAddress, "10.9.8.0/255.252.0.0"); + if (!Arrays.AreEqual(nm.GetEncoded(), ipv4WithMask14)) + { + Fail("ipv4 with netmask 1 encoding failed"); + } + + nm = new GeneralName(GeneralName.IPAddress, "10.9.8.0/14"); + if (!Arrays.AreEqual(nm.GetEncoded(), ipv4WithMask14)) + { + Fail("ipv4 with netmask 2 encoding failed"); + } + + nm = new GeneralName(GeneralName.IPAddress, "2001:0db8:85a3:08d3:1319:8a2e:0370:7334"); if (!Arrays.AreEqual(nm.GetEncoded(), ipv6a)) { Fail("ipv6 with netmask encoding failed"); |