From 486fc0177068277a51235c7794660b238e70d622 Mon Sep 17 00:00:00 2001
From: Aaron Gable <aaron@letsencrypt.org>
Date: Tue, 28 Jun 2022 15:28:21 -0700
Subject: [PATCH] crypto/x509: correctly parse CRL entry extensions

When checking to see if a CRL entry has any extensions, attempt to read
them from the individual revokedCertificate, rather than from the parent
TBSCertList.

Additionally, crlEntryExtensions is not an EXPLICIT field (c.f.
crlExtension and Certificate extensions), so do not perform an extra
layer of unwrapping when parsing the field.

The added test case fails without the accompanying changes.

Fixes #53592

Change-Id: Icc00e4c911f196aef77e3248117de64ddc5ea27f
Reviewed-on: https://go-review.googlesource.com/c/go/+/414877
Reviewed-by: Damien Neil <dneil@google.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Run-TryBot: Roland Shoemaker <roland@golang.org>
Auto-Submit: Roland Shoemaker <roland@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
---
 src/crypto/x509/parser.go    |  5 +----
 src/crypto/x509/x509_test.go | 28 ++++++++++++++++++++++++++++
 2 files changed, 29 insertions(+), 4 deletions(-)

diff --git a/src/crypto/x509/parser.go b/src/crypto/x509/parser.go
index cd87044d17..a2d3d80964 100644
--- a/src/crypto/x509/parser.go
+++ b/src/crypto/x509/parser.go
@@ -1106,13 +1106,10 @@ func ParseRevocationList(der []byte) (*RevocationList, error) {
 			}
 			var extensions cryptobyte.String
 			var present bool
-			if !tbs.ReadOptionalASN1(&extensions, &present, cryptobyte_asn1.SEQUENCE) {
+			if !certSeq.ReadOptionalASN1(&extensions, &present, cryptobyte_asn1.SEQUENCE) {
 				return nil, errors.New("x509: malformed extensions")
 			}
 			if present {
-				if !extensions.ReadASN1(&extensions, cryptobyte_asn1.SEQUENCE) {
-					return nil, errors.New("x509: malformed extensions")
-				}
 				for !extensions.Empty() {
 					var extension cryptobyte.String
 					if !extensions.ReadASN1(&extension, cryptobyte_asn1.SEQUENCE) {
diff --git a/src/crypto/x509/x509_test.go b/src/crypto/x509/x509_test.go
index 594ee1dceb..cddad1e246 100644
--- a/src/crypto/x509/x509_test.go
+++ b/src/crypto/x509/x509_test.go
@@ -2524,6 +2524,34 @@ func TestCreateRevocationList(t *testing.T) {
 				NextUpdate: time.Time{}.Add(time.Hour * 48),
 			},
 		},
+		{
+			name: "valid, extra entry extension",
+			key:  ec256Priv,
+			issuer: &Certificate{
+				KeyUsage: KeyUsageCRLSign,
+				Subject: pkix.Name{
+					CommonName: "testing",
+				},
+				SubjectKeyId: []byte{1, 2, 3},
+			},
+			template: &RevocationList{
+				RevokedCertificates: []pkix.RevokedCertificate{
+					{
+						SerialNumber:   big.NewInt(2),
+						RevocationTime: time.Time{}.Add(time.Hour),
+						Extensions: []pkix.Extension{
+							{
+								Id:    []int{2, 5, 29, 99},
+								Value: []byte{5, 0},
+							},
+						},
+					},
+				},
+				Number:     big.NewInt(5),
+				ThisUpdate: time.Time{}.Add(time.Hour * 24),
+				NextUpdate: time.Time{}.Add(time.Hour * 48),
+			},
+		},
 		{
 			name: "valid, Ed25519 key",
 			key:  ed25519Priv,
-- 
2.50.0