Skip to content

der: Provide from_der that doesn't error on trailing data #1278

Closed
Closed
der: Provide from_der that doesn't error on trailing data#1278
@NWPlayer123

Description

@NWPlayer123
NWPlayer123
opened on Dec 13, 2023

Hello, I'm currently trying to implement parsing of a certificate blob that Panda3D uses, and it's proving rather difficult with RustCrypto's implementation.

Basically, the format doesn't store the length so I have no way of determining how long each certificate in the blob is without actually parsing it, and the default way that from_der works is it calls SliceReader::finish which returns an error about TrailingData instead of the finished certificate and all leftover data, which means I can't make a nice loop to parse through like I could with d2i_X509 (which is what the original implementation uses).

For now, I've implemented it by creating my own Certificate that just keeps the remaining length as part of the struct:

use x509_cert::certificate::{CertificateInner, Rfc5280};
use der::{Decode, Reader, Result, SliceReader, Length};

#[derive(Debug)]
pub struct Certificate {
    pub certificate: CertificateInner<Rfc5280>,
    pub remaining_len: Length,
}

impl<'a> Decode<'a> for Certificate {
    fn decode<R: Reader<'a>>(reader: &mut R) -> Result<Self> {
        let inner = CertificateInner::<Rfc5280>::decode(reader)?;
        Ok(Certificate { certificate: inner, remaining_len: Length::new(0) })
    }

    fn from_der(bytes: &'a [u8]) -> Result<Self> {
        let mut reader = SliceReader::new(bytes)?;
        let mut result = Self::decode(&mut reader)?;
        result.remaining_len = reader.remaining_len();
        Ok(result)
    }
}

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions