From: job Date: Thu, 13 Oct 2022 04:43:32 +0000 (+0000) Subject: All of ROA, MFT, ASPA, and RSC define their respective 'version' field X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=889cefa2dd73940fc1ac6d42ea5bbf53805f1692;p=openbsd All of ROA, MFT, ASPA, and RSC define their respective 'version' field in ASN.1 as following: "version [0] INTEGER DEFAULT 0,". Each object profile preamble contains "DEFINITIONS EXPLICIT TAGS ::=". We didn't bump into any issue yet, because all Signed Objects are at version 0, which means the field is entirely omitted (including the tag, be it implicit or explicit). (From X.690 section 11.5: "The encoding of a set value or a sequence value shall not include an encoding for any component value which is equal to its default value.") OK tb@ --- diff --git a/usr.sbin/rpki-client/aspa.c b/usr.sbin/rpki-client/aspa.c index f3ca518353b..c23054bc863 100644 --- a/usr.sbin/rpki-client/aspa.c +++ b/usr.sbin/rpki-client/aspa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: aspa.c,v 1.4 2022/09/05 18:07:04 tb Exp $ */ +/* $OpenBSD: aspa.c,v 1.5 2022/10/13 04:43:32 job Exp $ */ /* * Copyright (c) 2022 Job Snijders * Copyright (c) 2022 Theo Buehler @@ -71,7 +71,7 @@ typedef struct { } ASProviderAttestation; ASN1_SEQUENCE(ASProviderAttestation) = { - ASN1_IMP_OPT(ASProviderAttestation, version, ASN1_INTEGER, 0), + ASN1_EXP_OPT(ASProviderAttestation, version, ASN1_INTEGER, 0), ASN1_SIMPLE(ASProviderAttestation, customerASID, ASN1_INTEGER), ASN1_SEQUENCE_OF(ASProviderAttestation, providers, ProviderAS), } ASN1_SEQUENCE_END(ASProviderAttestation); diff --git a/usr.sbin/rpki-client/mft.c b/usr.sbin/rpki-client/mft.c index 8631071e753..69f14bb30e7 100644 --- a/usr.sbin/rpki-client/mft.c +++ b/usr.sbin/rpki-client/mft.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mft.c,v 1.74 2022/08/30 18:56:49 job Exp $ */ +/* $OpenBSD: mft.c,v 1.75 2022/10/13 04:43:32 job Exp $ */ /* * Copyright (c) 2022 Theo Buehler * Copyright (c) 2019 Kristaps Dzonsons @@ -78,7 +78,7 @@ ASN1_SEQUENCE(FileAndHash) = { } ASN1_SEQUENCE_END(FileAndHash); ASN1_SEQUENCE(Manifest) = { - ASN1_IMP_OPT(Manifest, version, ASN1_INTEGER, 0), + ASN1_EXP_OPT(Manifest, version, ASN1_INTEGER, 0), ASN1_SIMPLE(Manifest, manifestNumber, ASN1_INTEGER), ASN1_SIMPLE(Manifest, thisUpdate, ASN1_GENERALIZEDTIME), ASN1_SIMPLE(Manifest, nextUpdate, ASN1_GENERALIZEDTIME), diff --git a/usr.sbin/rpki-client/roa.c b/usr.sbin/rpki-client/roa.c index 4846d6fe26a..93a7cdabf72 100644 --- a/usr.sbin/rpki-client/roa.c +++ b/usr.sbin/rpki-client/roa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: roa.c,v 1.52 2022/09/03 14:40:09 job Exp $ */ +/* $OpenBSD: roa.c,v 1.53 2022/10/13 04:43:32 job Exp $ */ /* * Copyright (c) 2022 Theo Buehler * Copyright (c) 2019 Kristaps Dzonsons @@ -86,7 +86,7 @@ ASN1_SEQUENCE(ROAIPAddressFamily) = { } ASN1_SEQUENCE_END(ROAIPAddressFamily); ASN1_SEQUENCE(RouteOriginAttestation) = { - ASN1_IMP_OPT(RouteOriginAttestation, version, ASN1_INTEGER, 0), + ASN1_EXP_OPT(RouteOriginAttestation, version, ASN1_INTEGER, 0), ASN1_SIMPLE(RouteOriginAttestation, asid, ASN1_INTEGER), ASN1_SEQUENCE_OF(RouteOriginAttestation, ipAddrBlocks, ROAIPAddressFamily), diff --git a/usr.sbin/rpki-client/rsc.c b/usr.sbin/rpki-client/rsc.c index 6725287ea63..edc727527c2 100644 --- a/usr.sbin/rpki-client/rsc.c +++ b/usr.sbin/rpki-client/rsc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsc.c,v 1.15 2022/09/03 14:40:09 job Exp $ */ +/* $OpenBSD: rsc.c,v 1.16 2022/10/13 04:43:32 job Exp $ */ /* * Copyright (c) 2022 Theo Buehler * Copyright (c) 2022 Job Snijders @@ -114,7 +114,7 @@ typedef struct { } RpkiSignedChecklist; ASN1_SEQUENCE(RpkiSignedChecklist) = { - ASN1_IMP_OPT(RpkiSignedChecklist, version, ASN1_INTEGER, 0), + ASN1_EXP_OPT(RpkiSignedChecklist, version, ASN1_INTEGER, 0), ASN1_SIMPLE(RpkiSignedChecklist, resources, ResourceBlock), ASN1_SIMPLE(RpkiSignedChecklist, digestAlgorithm, X509_ALGOR), ASN1_SEQUENCE_OF(RpkiSignedChecklist, checkList, FileNameAndHash),