RustCrypto
cms: Added a test for BER-CMS
This is my real-world test of a BER encoded CMS message using indefinite lengths. I removed the content, but kept the structure. This kind of messages is sent by EJBCA when certificates are enrolled using SCEP protocol.
You can use hex! btw
https://github.com/RustCrypto/formats/blob/9ca99ba5ee29e59473171b7a4ab9fcf048d4b6ce/der/tests/derive.rs#L800-L804
I think the inside SignedData does not decode as intended.
[Spoiler] pretty-printing ContentInfo
let content_info = ContentInfo::from_ber(EXAMPLE_BER).unwrap();
// using der feature `clarify`
use der::{ClarifyFlavor, EncodeClarifyExt};
let clarified = content_info.to_der_clarify(ClarifyFlavor::RustHex).unwrap();
println!("clarified: {clarified}");
I could not decode it:
let signed_data = SignedData::from_ber(content_info.content.value()).unwrap();
assert!(signed_data.certificates.iter().nth(1).is_some());
gives a tag error.
hex!(
"30 37" // tag: SEQUENCE len: 55 type: ContentInfo
"06 09" // tag: OBJECT IDENTIFIER type: ObjectIdentifier
"2A 86 48 86 F7 0D 01 07 02"
"A0 2A" // tag: CONTEXT-SPECIFIC [0] (constructed) len: 42 type: ContextSpecificRef<Any>
"30 28" // tag: SEQUENCE len: 40 type: Any
"02 01 01 31 00 30 0B 06 09 2A 86 48 86 F7 0D 01
07 01 A0 80 30 06 30 00 30 00 30 00 30 06 30 00
30 00 30 00 00 00 31 00"
"" // end: Any
"" // end: ContextSpecificRef<Any>
"" // end: ContentInfo
)
The EXAMPLE_BER is not a valid CMS message. I used it to test, if my own preliminary BER-to-DER converter works on nested indefinite length structures (ignoring the content).