[Mono-bugs] [Bug 487520] New: Incorrect key usage encoding in Mono.Security.X509.Extensions.KeyUsageExtension

bugzilla_noreply at novell.com bugzilla_noreply at novell.com
Fri Mar 20 19:55:13 EDT 2009


           Summary: Incorrect key usage encoding in
    Classification: Mono
           Product: Mono: Runtime
           Version: 2.2.x
          Platform: 32bit
        OS/Version: Windows Server 2003
            Status: NEW
          Severity: Normal
          Priority: P5 - None
         Component: misc
        AssignedTo: mono-bugs at lists.ximian.com
        ReportedBy: muncho at mail.ru
         QAContact: mono-bugs at lists.ximian.com
          Found By: ---

Created an attachment (id=281034)
 --> (https://bugzilla.novell.com/attachment.cgi?id=281034)
Bug demonstration

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:
Gecko/2009021910 Firefox/3.0.7 (.NET CLR 3.5.30729)

The KeyUsageExtension.Encode method incorrectly counts the number of unused
bits in the key usage value.

Instead of 

byte unused = 16;
if (ku > 0) {
    // count the unused bits
    for (unused = 15; unused > 0; unused--) {
        if ((ku & 0x8000) == 0x8000)
        ku <<= 1;

the code should be

byte unused = 0;
if (ku > 0) {
    // count the unused bits
    for (unused = 0; unused < 16; unused++)
        if ((ku & 1) == 1)
        ku >>= 1;

That conforms to the result produced by the Microsoft implementation of .NET.

The effect of the error is incorrect key usage saved in the certificate.

Reproducible: Always

Steps to Reproduce:
1. Compile and run MonoBug.cs
Actual Results:  
Key usage is reported to be
Digital Signature (80)

Expected Results:  
Key usage should be

Digital Signature, Key Encipherment, Data Encipherment, Key Agreement,
Certificate Signing (bc)

Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.
You are the assignee for the bug.

More information about the mono-bugs mailing list