rpms / python-cryptography

Clone
Source Code
GIT

Blame SOURCES/0005-Fixed-serialization-of-keyusage-ext-with-no-bits-693.patch

c7 c7-alt c7-beta c8 c8-beta c8-beta-stream-3.8 c8-beta-stream-3.9 c8-stream-3.8 c8-stream-3.9 c8s c8s-stream-3.8 c8s-stream-3.9 c9 c9-beta
  1.   8a5b2af5ef93662aca97032cfad6022422df5178
  2.   SOURCES
  3.   0005-Fixed-serialization-of-keyusage-ext-with-no-bits-693.patch
Blob History Raw
8a5b2a 
From 89af85f9d4fc2ef3e89ad1b2a58c751f00f54a4f Mon Sep 17 00:00:00 2001
8a5b2a 
From: Alex Gaynor <alex.gaynor@gmail.com>
8a5b2a 
Date: Thu, 3 Mar 2022 16:24:21 -0500
8a5b2a 
Subject: [PATCH 5/5] Fixed serialization of keyusage ext with no bits (#6930)
8a5b2a
8a5b2a 
fixes #6926
8a5b2a 
---
8a5b2a 
 src/rust/src/x509/extensions.rs | 17 +++++++++++------
8a5b2a 
 tests/x509/test_x509_ext.py     | 14 ++++++++++++++
8a5b2a 
 2 files changed, 25 insertions(+), 6 deletions(-)
8a5b2a
8a5b2a 
diff --git a/src/rust/src/x509/extensions.rs b/src/rust/src/x509/extensions.rs
8a5b2a 
index 606566dd9..68b9839a0 100644
8a5b2a 
--- a/src/rust/src/x509/extensions.rs
8a5b2a 
+++ b/src/rust/src/x509/extensions.rs
8a5b2a 
@@ -135,12 +135,17 @@ pub(crate) fn encode_extension(
8a5b2a 
             certificate::set_bit(&mut bs, 7, ext.getattr("encipher_only")?.is_true()?);
8a5b2a 
             certificate::set_bit(&mut bs, 8, ext.getattr("decipher_only")?.is_true()?);
8a5b2a 
         }
8a5b2a 
-        let bits = if bs[1] == 0 { &bs[..1] } else { &bs[..] };
8a5b2a 
-        let unused_bits = bits.last().unwrap().trailing_zeros() as u8;
8a5b2a 
-        Ok(Some(asn1::write_single(&asn1::BitString::new(
8a5b2a 
-            bits,
8a5b2a 
-            unused_bits,
8a5b2a 
-        ))))
8a5b2a 
+        let (bits, unused_bits) = if bs[1] == 0 {
8a5b2a 
+            if bs[0] == 0 {
8a5b2a 
+                (&[][..], 0)
8a5b2a 
+            } else {
8a5b2a 
+                (&bs[..1], bs[0].trailing_zeros() as u8)
8a5b2a 
+            }
8a5b2a 
+        } else {
8a5b2a 
+            (&bs[..], bs[1].trailing_zeros() as u8)
8a5b2a 
+        };
8a5b2a 
+        let v = asn1::BitString::new(bits, unused_bits).unwrap();
8a5b2a 
+        Ok(Some(asn1::write_single(&v)))
8a5b2a 
     } else if oid == &*oid::AUTHORITY_INFORMATION_ACCESS_OID
8a5b2a 
         || oid == &*oid::SUBJECT_INFORMATION_ACCESS_OID
8a5b2a 
     {
8a5b2a 
diff --git a/tests/x509/test_x509_ext.py b/tests/x509/test_x509_ext.py
8a5b2a 
index 66ac43d95..2bbba8ec6 100644
8a5b2a 
--- a/tests/x509/test_x509_ext.py
8a5b2a 
+++ b/tests/x509/test_x509_ext.py
8a5b2a 
@@ -1137,6 +1137,20 @@ class TestKeyUsage(object):
8a5b2a 
                 ),
8a5b2a 
                 b"\x03\x02\x02\x94",
8a5b2a 
             ),
8a5b2a 
+            (
8a5b2a 
+                x509.KeyUsage(
8a5b2a 
+                    digital_signature=False,
8a5b2a 
+                    content_commitment=False,
8a5b2a 
+                    key_encipherment=False,
8a5b2a 
+                    data_encipherment=False,
8a5b2a 
+                    key_agreement=False,
8a5b2a 
+                    key_cert_sign=False,
8a5b2a 
+                    crl_sign=False,
8a5b2a 
+                    encipher_only=False,
8a5b2a 
+                    decipher_only=False,
8a5b2a 
+                ),
8a5b2a 
+                b"\x03\x01\x00",
8a5b2a 
+            ),
8a5b2a 
         ],
8a5b2a 
     )
8a5b2a 
     def test_public_bytes(self, ext, serialized):
8a5b2a 
--
8a5b2a 
2.35.1
8a5b2a

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation