diff options
author | Peter Dettman <peter.dettman@bouncycastle.org> | 2018-10-18 18:15:32 +0700 |
---|---|---|
committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2018-10-18 18:15:32 +0700 |
commit | a3ffd09890cd48bbd21040a49a2399a24f204918 (patch) | |
tree | 73baa1e3b656b83b90bfb90cc34ed96c055a62f4 /crypto/src | |
parent | Move generic "...withRSA" handler after PSSwithRSA (diff) | |
download | BouncyCastle.NET-ed25519-a3ffd09890cd48bbd21040a49a2399a24f204918.tar.xz |
Env. prop.: Org.BouncyCastle.Asn1.AllowUnsafeInteger
- set to "true" to weaken ASN.1 INTEGER checks - see https://github.com/bcgit/bc-csharp/issues/156
Diffstat (limited to 'crypto/src')
-rw-r--r-- | crypto/src/asn1/DerEnumerated.cs | 13 | ||||
-rw-r--r-- | crypto/src/asn1/DerInteger.cs | 18 | ||||
-rw-r--r-- | crypto/src/util/Platform.cs | 2 |
3 files changed, 19 insertions, 14 deletions
diff --git a/crypto/src/asn1/DerEnumerated.cs b/crypto/src/asn1/DerEnumerated.cs index db27065bb..6690feceb 100644 --- a/crypto/src/asn1/DerEnumerated.cs +++ b/crypto/src/asn1/DerEnumerated.cs @@ -62,19 +62,18 @@ namespace Org.BouncyCastle.Asn1 } public DerEnumerated( - byte[] bytes) + byte[] bytes) { if (bytes.Length > 1) { - if (bytes[0] == 0 && (bytes[1] & 0x80) == 0) + if ((bytes[0] == 0 && (bytes[1] & 0x80) == 0) + || (bytes[0] == (byte)0xff && (bytes[1] & 0x80) != 0)) { - throw new ArgumentException("malformed enumerated"); - } - if (bytes[0] == (byte)0xff && (bytes[1] & 0x80) != 0) - { - throw new ArgumentException("malformed enumerated"); + if (!DerInteger.AllowUnsafe()) + throw new ArgumentException("malformed enumerated"); } } + this.bytes = Arrays.Clone(bytes); } diff --git a/crypto/src/asn1/DerInteger.cs b/crypto/src/asn1/DerInteger.cs index 5b240d281..ae14d2a9f 100644 --- a/crypto/src/asn1/DerInteger.cs +++ b/crypto/src/asn1/DerInteger.cs @@ -8,6 +8,14 @@ namespace Org.BouncyCastle.Asn1 public class DerInteger : Asn1Object { + public const string AllowUnsafeProperty = "Org.BouncyCastle.Asn1.AllowUnsafeInteger"; + + internal static bool AllowUnsafe() + { + string allowUnsafeValue = Platform.GetEnvironmentVariable(AllowUnsafeProperty); + return allowUnsafeValue != null && Platform.EqualsIgnoreCase("true", allowUnsafeValue); + } + private readonly byte[] bytes; /** @@ -72,13 +80,11 @@ namespace Org.BouncyCastle.Asn1 { if (bytes.Length > 1) { - if (bytes[0] == 0 && (bytes[1] & 0x80) == 0) - { - throw new ArgumentException("malformed integer"); - } - if (bytes[0] == (byte)0xff && (bytes[1] & 0x80) != 0) + if ((bytes[0] == 0 && (bytes[1] & 0x80) == 0) + || (bytes[0] == (byte)0xff && (bytes[1] & 0x80) != 0)) { - throw new ArgumentException("malformed integer"); + if (!AllowUnsafe()) + throw new ArgumentException("malformed integer"); } } this.bytes = Arrays.Clone(bytes); diff --git a/crypto/src/util/Platform.cs b/crypto/src/util/Platform.cs index 86484854d..6f7a8b17b 100644 --- a/crypto/src/util/Platform.cs +++ b/crypto/src/util/Platform.cs @@ -41,7 +41,7 @@ namespace Org.BouncyCastle.Utilities #endif } -#if NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE +#if NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || (PORTABLE && !DOTNET) internal static string GetEnvironmentVariable( string variable) { |