bouncycastle/0001-CVE-2023-33201-added-filter-encode-to-search.patch

From e8c409a8389c815ea3fda5e8b94c92fdfe583bcc Mon Sep 17 00:00:00 2001
From: royb <roy.basmacier@primekey.com>
Date: Tue, 25 Apr 2023 23:11:52 -0400
Subject: [PATCH] added filter encode to search

---
 .../jce/provider/X509LDAPCertStoreSpi.java    | 89 +++++++++++++++----
 1 file changed, 73 insertions(+), 16 deletions(-)

diff --git a/prov/src/main/java/org/bouncycastle/jce/provider/X509LDAPCertStoreSpi.java b/prov/src/main/java/org/bouncycastle/jce/provider/X509LDAPCertStoreSpi.java
index f526994..d9a2090 100644
--- a/prov/src/main/java/org/bouncycastle/jce/provider/X509LDAPCertStoreSpi.java
+++ b/prov/src/main/java/org/bouncycastle/jce/provider/X509LDAPCertStoreSpi.java
@@ -50,21 +50,22 @@
 public class X509LDAPCertStoreSpi
     extends CertStoreSpi
 {
-    private X509LDAPCertStoreParameters params;
-
-    public X509LDAPCertStoreSpi(CertStoreParameters params)
-        throws InvalidAlgorithmParameterException
+    private static String[] FILTER_ESCAPE_TABLE = new String['\\' + 1];
+    static        
     {
-        super(params);
-
-        if (!(params instanceof X509LDAPCertStoreParameters))
+        // Filter encoding table -------------------------------------
+        // fill with char itself
+        for (char c = 0; c < FILTER_ESCAPE_TABLE.length; c++)
         {
-            throw new InvalidAlgorithmParameterException(
-                X509LDAPCertStoreSpi.class.getName() + ": parameter must be a " + X509LDAPCertStoreParameters.class.getName() + " object\n"
-                    + params.toString());
+            FILTER_ESCAPE_TABLE[c] = String.valueOf(c);
         }
 
-        this.params = (X509LDAPCertStoreParameters)params;
+        // escapes (RFC2254)
+        FILTER_ESCAPE_TABLE['*'] = "\\2a";
+        FILTER_ESCAPE_TABLE['('] = "\\28";
+        FILTER_ESCAPE_TABLE[')'] = "\\29";
+        FILTER_ESCAPE_TABLE['\\'] = "\\5c";
+        FILTER_ESCAPE_TABLE[0] = "\\00";
     }
 
     /**
@@ -86,8 +87,26 @@ public X509LDAPCertStoreSpi(CertStoreParameters params)
      * Package Prefix for loading URL context factories.
      */
     private static final String URL_CONTEXT_PREFIX = "com.sun.jndi.url";
+    private X509LDAPCertStoreParameters params;
+
+    public X509LDAPCertStoreSpi(CertStoreParameters params)
+        throws InvalidAlgorithmParameterException
+    {
+        super(params);
+
+        if (!(params instanceof X509LDAPCertStoreParameters))
+        {
+            throw new InvalidAlgorithmParameterException(
+                X509LDAPCertStoreSpi.class.getName() + ": parameter must be a " + X509LDAPCertStoreParameters.class.getName() + " object\n"
+                    + params.toString());
+        }
 
-    private DirContext connectLDAP() throws NamingException
+        this.params = (X509LDAPCertStoreParameters)params;
+    }
+
+
+    private DirContext connectLDAP() 
+        throws NamingException
     {
         Properties props = new Properties();
         props.setProperty(Context.INITIAL_CONTEXT_FACTORY, LDAP_PROVIDER);
@@ -137,7 +156,7 @@ private String parseDN(String subject, String subjectAttributeName)
         {
             temp = temp.substring(0, temp.length() - 1);
         }
-        return temp;
+        return filterEncode(temp);
     }
 
     public Collection engineGetCertificates(CertSelector selector)
@@ -195,7 +214,7 @@ public Collection engineGetCertificates(CertSelector selector)
                 {
 
                 }
-                for (Iterator it2 = bytesList.iterator(); it2.hasNext();)
+                for (Iterator it2 = bytesList.iterator(); it2.hasNext(); )
                 {
                     ByteArrayInputStream bIn = new ByteArrayInputStream(
                         (byte[])it2.next());
@@ -346,7 +365,7 @@ public Collection engineGetCRLs(CRLSelector selector)
         if (xselector.getIssuerNames() != null)
         {
             for (Iterator it = xselector.getIssuerNames().iterator(); it
-                .hasNext();)
+                .hasNext(); )
             {
                 Object o = it.next();
                 String attrValue = null;
@@ -396,6 +415,42 @@ public Collection engineGetCRLs(CRLSelector selector)
         return crlSet;
     }
 
+     /**
+     * Escape a value for use in a filter.
+     *
+     * @param value the value to escape.
+     * @return a properly escaped representation of the supplied value.
+     */
+    private String filterEncode(String value)
+    {
+        if (value == null)
+        {
+            return null;
+        }
+
+        // make buffer roomy
+        StringBuilder encodedValue = new StringBuilder(value.length() * 2);
+
+        int length = value.length();
+
+        for (int i = 0; i < length; i++)
+        {
+            char c = value.charAt(i);
+
+            if (c < FILTER_ESCAPE_TABLE.length)
+            {
+                encodedValue.append(FILTER_ESCAPE_TABLE[c]);
+            }
+            else
+            {
+                // default: add the char
+                encodedValue.append(c);
+            }
+        }
+
+        return encodedValue.toString();
+    }
+
     /**
      * Returns a Set of byte arrays with the certificate or CRL encodings.
      *
@@ -406,9 +461,11 @@ public Collection engineGetCRLs(CRLSelector selector)
      * @return Set of byte arrays with the certificate encodings.
      */
     private Set search(String attributeName, String attributeValue,
-                       String[] attrs) throws CertStoreException
+                       String[] attrs) 
+        throws CertStoreException
     {
         String filter = attributeName + "=" + attributeValue;
+//      System.out.println(filter);
         if (attributeName == null)
         {
             filter = null;
-- 
2.39.2