Negative test case for recursively constructed octet string

ASN.1 BER specification valid, but chosen as unsupported.

Author: dwhjames

der/src/asn1/octet_string.rs

@@ -489,4 +489,25 @@ mod tests {
 
         assert_eq!(decoded.as_bytes(), b"Hello, world");
     }
+
+    #[test]
+    #[cfg(all(feature = "alloc", feature = "ber"))]
+    fn decode_ber_recursive_unsupported() {
+        use crate::{Decode, Error, ErrorKind, Length, asn1::OctetString};
+        use hex_literal::hex;
+
+        const EXAMPLE_BER: &[u8] = &hex!(
+            "2480" // Constructed indefinite length OCTET STRING
+                "2480" // Constructed indefinite length OCTET STRING
+                    "040648656c6c6f2c" // Segment containing "Hello,"
+                    "040620776f726c64" // Segment containing " world"
+                "0000" // End-of-contents marker
+                "040620776f726c64" // Segment containing " world"
+            "0000" // End-of-contents marker
+        );
+
+        let err = OctetString::from_ber(EXAMPLE_BER).err().unwrap();
+        let expected = Error::new(ErrorKind::IndefiniteLength, Length::new(4));
+        assert_eq!(expected, err);
+    }
 }

der/src/length/indefinite.rs

@@ -90,7 +90,13 @@ pub(crate) fn read_constructed_vec<'r, R: Reader<'r>>(
         let h = Header::decode(reader)?;
         h.tag().assert_eq(inner_tag)?;
 
-        // Indefinite length headers can't be indefinite
+        // This constructed string is ‘recursively constructed’
+        // as one of its segments is itself encoded with
+        // constructed, indefinite-length method.
+        // This is currently chosen to be unsupported.
+        //
+        // See discussion:
+        //   - https://github.com/RustCrypto/formats/issues/779#issuecomment-3049589340
         if h.length().is_indefinite() {
             return Err(reader.error(ErrorKind::IndefiniteLength));
         }