Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ASN1BitString.kt BooleanArray constructor may miscalculate numUnusedBits #838

Open
kdeus opened this issue Jan 7, 2025 · 1 comment
Open

ASN1BitString.kt BooleanArray constructor may miscalculate numUnusedBits #838

kdeus opened this issue Jan 7, 2025 · 1 comment
Assignees
@davidz25

Comments

@kdeus
Copy link
Contributor

kdeus commented Jan 7, 2025

In the new identity/src/commonMain/kotlin/com/android/identity/asn1/ASN1BitString.kt implementation, it looks like there's a bug in the BooleanArray constructor when it's calculating numUnusedBits:

    constructor(booleanValues: BooleanArray):
            this(
                if (booleanValues.size == 0) 0 else (8 - (booleanValues.size % 8)),

If booleanValues.size % 8 == 0, then numUnusedBits is set to 8, while the standard expects it to be from 0-7. In the parsing code, if numUnusedBits is set to 8, we may end up skipping a byte.

That calculation looks like it should be: ((8 - (booleanValues.size % 8)) & 0x07)
Or, equivalently: ((8 - (booleanValues.size % 8)) % 8)
@kdeus kdeus mentioned this issue Jan 7, 2025
Merged
@kdeus
Copy link
Contributor Author

kdeus commented Jan 7, 2025

And we should have a unit test covering this case...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@davidz25 davidz25

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@kdeus @davidz25