add parsing over optional PKCS8 attributes

Author: JacobBarthelmeh

certs/ca-key-pkcs8-attribute.der

@@ -6,6 +6,7 @@ EXTRA_DIST += \
              certs/ca-cert-chain.der \
              certs/ca-cert.pem \
              certs/ca-key.pem \
+             certs/ca-key-pkcs8-attribute.der \
              certs/client-cert.pem \
              certs/client-keyEnc.pem \
              certs/client-key.pem \

certs/include.am

@@ -74549,6 +74549,7 @@ static int test_wc_GetPkcs8TraditionalOffset(void)
     int derSz = 0;
     word32 inOutIdx;
     const char* path = "./certs/server-keyPkcs8.der";
+    const char* pathAttributes = "./certs/ca-key-pkcs8-attribute.der";
     XFILE file = XBADFILE;
     byte der[2048];
 
@@ -74577,6 +74578,16 @@ static int test_wc_GetPkcs8TraditionalOffset(void)
     inOutIdx = 0;
     ExpectIntEQ(length = wc_GetPkcs8TraditionalOffset(der, &inOutIdx, (word32)derSz),
         WC_NO_ERR_TRACE(ASN_PARSE_E));
+
+    /* test parsing with attributes */
+    ExpectTrue((file = XFOPEN(pathAttributes, "rb")) != XBADFILE);
+    ExpectIntGT(derSz = (int)XFREAD(der, 1, sizeof(der), file), 0);
+    if (file != XBADFILE)
+        XFCLOSE(file);
+
+    inOutIdx = 0;
+    ExpectIntGT(length = wc_GetPkcs8TraditionalOffset(der, &inOutIdx,
+        (word32)derSz), 0);
 #endif /* NO_ASN */
     return EXPECT_RESULT();
 }

tests/api.c

@@ -6882,8 +6882,9 @@ static const ASNItem pkcs8KeyASN[] = {
 /*  PKEY_ALGO_PARAM_SEQ */            { 2, ASN_SEQUENCE, 1, 0, 1 },
 #endif
 /*  PKEY_DATA           */        { 1, ASN_OCTET_STRING, 0, 0, 0 },
-                /* attributes            [0] Attributes OPTIONAL */
-                /* [[2: publicKey        [1] PublicKey OPTIONAL ]] */
+/*  OPTIONAL Attributes IMPLICIT [0] */
+                                  { 1, ASN_CONTEXT_SPECIFIC | 0, 1, 0, 1 },
+/* [[2: publicKey        [1] PublicKey OPTIONAL ]] */
 };
 enum {
     PKCS8KEYASN_IDX_SEQ = 0,