diff --git a/certs/ca-key-pkcs8-attribute.der b/certs/ca-key-pkcs8-attribute.der new file mode 100644 index 000000000..692a8cccf Binary files /dev/null and b/certs/ca-key-pkcs8-attribute.der differ diff --git a/certs/include.am b/certs/include.am index dd87e3265..d4417fe8e 100644 --- a/certs/include.am +++ b/certs/include.am @@ -6,6 +6,7 @@ EXTRA_DIST += \ certs/ca-cert-chain.der \ certs/ca-cert.pem \ certs/ca-key.pem \ + certs/ca-key-pkcs8-attribute.der \ certs/client-cert.pem \ certs/client-keyEnc.pem \ certs/client-key.pem \ diff --git a/tests/api.c b/tests/api.c index 65b6d2e7a..b1afc1b0a 100644 --- a/tests/api.c +++ b/tests/api.c @@ -74549,6 +74549,7 @@ static int test_wc_GetPkcs8TraditionalOffset(void) int derSz = 0; word32 inOutIdx; const char* path = "./certs/server-keyPkcs8.der"; + const char* pathAttributes = "./certs/ca-key-pkcs8-attribute.der"; XFILE file = XBADFILE; byte der[2048]; @@ -74577,6 +74578,16 @@ static int test_wc_GetPkcs8TraditionalOffset(void) inOutIdx = 0; ExpectIntEQ(length = wc_GetPkcs8TraditionalOffset(der, &inOutIdx, (word32)derSz), WC_NO_ERR_TRACE(ASN_PARSE_E)); + + /* test parsing with attributes */ + ExpectTrue((file = XFOPEN(pathAttributes, "rb")) != XBADFILE); + ExpectIntGT(derSz = (int)XFREAD(der, 1, sizeof(der), file), 0); + if (file != XBADFILE) + XFCLOSE(file); + + inOutIdx = 0; + ExpectIntGT(length = wc_GetPkcs8TraditionalOffset(der, &inOutIdx, + (word32)derSz), 0); #endif /* NO_ASN */ return EXPECT_RESULT(); } diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index d41f8cbe4..1510dbec8 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -6882,8 +6882,9 @@ static const ASNItem pkcs8KeyASN[] = { /* PKEY_ALGO_PARAM_SEQ */ { 2, ASN_SEQUENCE, 1, 0, 1 }, #endif /* PKEY_DATA */ { 1, ASN_OCTET_STRING, 0, 0, 0 }, - /* attributes [0] Attributes OPTIONAL */ - /* [[2: publicKey [1] PublicKey OPTIONAL ]] */ +/* OPTIONAL Attributes IMPLICIT [0] */ + { 1, ASN_CONTEXT_SPECIFIC | 0, 1, 0, 1 }, +/* [[2: publicKey [1] PublicKey OPTIONAL ]] */ }; enum { PKCS8KEYASN_IDX_SEQ = 0,