• Registered: 2018-11-26
  • Posts: 1

Topic: Not able to parse rsassa-pss signed x.509v3 certificate

Hello,

I am Tobias and I am trying to verify a certificate chain, separate from an SSL/TLS connection using the wolfSSL certmanager. When I call the wolfSSL_CertManagerLoadCABuffer function I get the following Error:

wolfSSL_CertManagerLoadCABuffer() failed (-140): ASN parsing error, invalid input
wolfSSL Entering wolfSSL_CertManagerNew
wolfSSL Entering wolfSSL_CertManagerLoadCABuffer
wolfSSL Entering TLSv1_1_client_method_ex
wolfSSL Entering wolfSSL_CTX_new_ex
wolfSSL Entering wolfSSL_CertManagerNew
wolfSSL Leaving WOLFSSL_CTX_new, return 0
wolfSSL Entering wolfSSL_CertManagerFree
wolfSSL Entering wolfSSL_CTX_load_verify_buffer
Processing CA PEM file
wolfSSL Entering PemToDer
Adding a CA
wolfSSL Entering GetExplicitVersion
wolfSSL Entering GetSerialNumber
Got Cert Header
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Algo ID
Getting Cert Name
Cert name lacks set header, trying sequence
    Parsed new CA
    No key size check done on CA
    Freeing Parsed CA
    Freeing der CA
        OK Freeing der CA
wolfSSL Leaving AddCA, return -140
wolfSSL error occurred, error = -140
CA Parse failed, with progress in file.
Search for other certs in file
wolfSSL Entering SSL_CTX_free
CTX ref count down to 0, doing full free
wolfSSL Entering wolfSSL_CertManagerFree
wolfSSL Leaving SSL_CTX_free, return 0
wolfSSL Entering wolfSSL_CertManagerFree

My modification of the wolfssl-examples/certmanager/certloadverifybuffer.c Code:

#include <stdio.h>
//#include <stdlib.h>

#include <wolfssl/options.h>
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/ssl.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
//#include <wolfssl/certs_test.h>

#ifdef CERTTEST

#define FOLD
#ifdef FOLD

static const byte authCert[] = "\
-----BEGIN CERTIFICATE-----\n\
MIIFazCCBCKgAwIBAgIJAKmJV6cI/tYpMD4GCSqGSIb3DQEBCjAxoAswCQYFKw4D\n\
AhoFAKEYMBYGCSqGSIb3DQEBCDAJBgUrDgMCGgUAogMCARSjAwIBATCBszELMAkG\n\
A1UEBhMCREUxDzANBgNVBAgTBkhlc3NlbjESMBAGA1UEBxMJRnJhbmtmdXJ0MR4w\n\
HAYDVQQKExVQU1MgdGVzdCBjZXJ0aWZpY2F0ZXMxOTA3BgNVBAsTMGNyZWF0ZWQg\n\
YnkgTWFydGluIEthaXNlciAoaHR0cDovL3d3dy5rYWlzZXIuY3gvKTEkMCIGA1UE\n\
AxMbUFNTIHRlc3RSb290IENBIENlcnRpZmljYXRlMB4XDTEwMDcxMzE5NTc1NVoX\n\
DTE2MDEwMzE5NTc1NVowgbMxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZIZXNzZW4x\n\
EjAQBgNVBAcTCUZyYW5rZnVydDEeMBwGA1UEChMVUFNTIHRlc3QgY2VydGlmaWNh\n\
dGVzMTkwNwYDVQQLEzBjcmVhdGVkIGJ5IE1hcnRpbiBLYWlzZXIgKGh0dHA6Ly93\n\
d3cua2Fpc2VyLmN4LykxJDAiBgNVBAMTG1BTUyB0ZXN0Um9vdCBDQSBDZXJ0aWZp\n\
Y2F0ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMZnLiVdh/4aR2Gj\n\
FKBiDmuNe8o6NJSgNRMXv+zweb1CQRUQ4HzdiZDRBTxAGM+83/ofeD3ALUyDGniX\n\
fbjxv05QyPGnJDjJYpdQ3ilM4MXoEYz7ZfB4/AVh1zvqELFR3a2TZ78oQGYJBeF3\n\
vAmVuDwCrZ8J7xddABt7ceqDtzhhNcvOWDZxXtzK5yDtb4N/RMJZtbK6ZNsLV/+J\n\
OMHT+22xycE6tE2gMCqUUC2b2MpnW71GqtkKxaA36VXl/c4Z0IhNE2Zx3qy5NVsU\n\
Z+NYw6JrWtEw+kf2j0bKj5w0LMlERKbNib4kofcMJ8qPEIvk1u6T30vKUb7HQdU7\n\
2OuTWQ8CAwEAAaOCARwwggEYMB0GA1UdDgQWBBTfH+IBoj70+Wn4OseW1pkNL7bO\n\
MzCB6AYDVR0jBIHgMIHdgBTfH+IBoj70+Wn4OseW1pkNL7bOM6GBuaSBtjCBszEL\n\
MAkGA1UEBhMCREUxDzANBgNVBAgTBkhlc3NlbjESMBAGA1UEBxMJRnJhbmtmdXJ0\n\
MR4wHAYDVQQKExVQU1MgdGVzdCBjZXJ0aWZpY2F0ZXMxOTA3BgNVBAsTMGNyZWF0\n\
ZWQgYnkgTWFydGluIEthaXNlciAoaHR0cDovL3d3dy5rYWlzZXIuY3gvKTEkMCIG\n\
A1UEAxMbUFNTIHRlc3RSb290IENBIENlcnRpZmljYXRlggkAqYlXpwj+1ikwDAYD\n\
VR0TBAUwAwEB/zA+BgkqhkiG9w0BAQowMaALMAkGBSsOAwIaBQChGDAWBgkqhkiG\n\
9w0BAQgwCQYFKw4DAhoFAKIDAgEUowMCAQEDggEBAJ8GcFT/Jdhz65JK0c9EFdAq\n\
8FKa9VWX7QDQlIuu0UbZaHYaFmY1NbXcxlvTOD1ArByCHpFQ8+wrXgLrxedlm/fI\n\
9WkvFsyvC1kSeV88C90E3mh+w9i2Qsz0Gjj2RjD98cPsqqQO7q/7uvKNcHMN5nKi\n\
VuIPMr5fisx0C/IBQAunBfzBfdGmjoNaahDBYCKiyAaU7A+dYorRbMJF7SxBhTr1\n\
WI/N3LlBKLF5mvtDYg7sXx6ULR/xAKKkVeUTIgGMYq/s46ZMP11QrfRHx4zNAwP9\n\
aARZeUz1X0/LM6LgaQvVIhZqbyB637eZhusOP3226TDn7hGx/UdS0UxSwfjrzS8=\n\
-----END CERTIFICATE-----\n";

static const byte verifyCert[] = "\
-----BEGIN CERTIFICATE-----\n\
MIIEvDCCA3OgAwIBAgICEAEwPgYJKoZIhvcNAQEKMDGgCzAJBgUrDgMCGgUAoRgw\n\
FgYJKoZIhvcNAQEIMAkGBSsOAwIaBQCiAwIBFKMDAgEBMIGzMQswCQYDVQQGEwJE\n\
RTEPMA0GA1UECBMGSGVzc2VuMRIwEAYDVQQHEwlGcmFua2Z1cnQxHjAcBgNVBAoT\n\
FVBTUyB0ZXN0IGNlcnRpZmljYXRlczE5MDcGA1UECxMwY3JlYXRlZCBieSBNYXJ0\n\
aW4gS2Fpc2VyIChodHRwOi8vd3d3LmthaXNlci5jeC8pMSQwIgYDVQQDExtQU1Mg\n\
dGVzdFJvb3QgQ0EgQ2VydGlmaWNhdGUwHhcNMTAwNzEzMTk1ODI1WhcNMTYwMTAz\n\
MTk1ODI1WjCBrjELMAkGA1UEBhMCREUxDzANBgNVBAgTBkhlc3NlbjESMBAGA1UE\n\
BxMJRnJhbmtmdXJ0MR4wHAYDVQQKExVQU1MgdGVzdCBjZXJ0aWZpY2F0ZXMxOTA3\n\
BgNVBAsTMGNyZWF0ZWQgYnkgTWFydGluIEthaXNlciAoaHR0cDovL3d3dy5rYWlz\n\
ZXIuY3gvKTEfMB0GA1UEAxMWUFNTIENsaWVudCBDZXJ0aWZpY2F0ZTCCASIwDQYJ\n\
KoZIhvcNAQEBBQADggEPADCCAQoCggEBANkLrMSIIRkN3xdaGievqVyBzyAsdQoi\n\
i1+gJkMDTVOL7b8f3esH8yDgNkQOa8tCtdNxFhq/cZsldSJuZXFb4gUtQZc1DwLo\n\
4GIw6L8uk+CCCt9NeaJeTab31SZG18JRRHRRvb9C4q0QeaNfspKELXeV0KFnrh4K\n\
69v5i/AN8GK/RQWYxqlLgY8v2YwIWwPmqFAhJrVXJHEzcHdVHIfpcuTuH4Nvrxmb\n\
H6XvSX4uraHlneGYMsPePhfGunbOfXQgdLQMyM5Sj2LXmkxr8pVz7V6KJQIVAl0r\n\
4oA34lAB0zKYfkJJDPyghBCemwhCe0tEUx0fitrj1rBoENI8NP7AZvkCAwEAAaN7\n\
MHkwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQg\n\
Q2VydGlmaWNhdGUwHQYDVR0OBBYEFCjZAcd3fo5Rjx8u3PHUNIp5ZbQ7MB8GA1Ud\n\
IwQYMBaAFN8f4gGiPvT5afg6x5bWmQ0vts4zMD4GCSqGSIb3DQEBCjAxoAswCQYF\n\
Kw4DAhoFAKEYMBYGCSqGSIb3DQEBCDAJBgUrDgMCGgUAogMCARSjAwIBAQOCAQEA\n\
rO3xdxs9GkamZwXImt+wRWwYs+MpPEVFyMFq5CY2gmbuKKNb/x15MxmXg6ic9VzM\n\
SC/flOVlcN+4e305FApeR4yhkf5oYC5b52jXsD2Vozt7jELeXFdiw3Ylfe1G1vcZ\n\
vVSHngekonYIVFxMw0IXiEVphwX7SmfjTjgzhN0n+1LOppdktpbx69Yv66Yr6K2a\n\
8joa1Sguz1LJmzwDUtAaVQkZv7W3O41GpRSXk5Kahv5DgeN/1U+caHiNLK9tKfNE\n\
xD0kXtALc/VKdhsOTrv6i2X/HopFPwEifSPxwp32KePtnb93Ueqkc3jFMm0lxvy2\n\
Hgwyk/rtCq5eH32tODWomw==\n\
-----END CERTIFICATE-----\n";
#endif

int main(void){

    int ret = 42;

       WOLFSSL_CERT_MANAGER* cm = NULL;

       wolfSSL_Init();

    #ifdef DEBUG_WOLFSSL
        wolfSSL_Debugging_ON();
    #endif

        cm = wolfSSL_CertManagerNew();
        if (cm == NULL) {
               printf("wolfSSL_CertManagerNew() failed\n");
            return -1;
      }

        ret = wolfSSL_CertManagerLoadCABuffer(cm, authCert, sizeof(authCert), SSL_FILETYPE_PEM);
        if (ret != SSL_SUCCESS) {
               printf("wolfSSL_CertManagerLoadCABuffer() failed (%d): %s\n",
                    ret, wolfSSL_ERR_reason_error_string(ret));
               ret = -1; goto exit;
    }


        ret = wolfSSL_CertManagerVerifyBuffer(cm, verifyCert, sizeof(verifyCert), SSL_FILETYPE_PEM);
        if (ret != SSL_SUCCESS) {
               printf("wolfSSL_CertManagerVerify() failed (%d): %s\n",
                ret, wolfSSL_ERR_reason_error_string(ret));
            ret = -1; goto exit;
        }
       printf("Verification Successful!\n");


exit:
    wolfSSL_CertManagerFree(cm);
    #ifdef DEBUG_WOLFSSL
        wolfSSL_Debugging_OFF();
    #endif
        wolfSSL_Cleanup();    

    return ret;
}

#endif

I downloaded the certificates from here: https://www.kaiser.cx/x509Pss.html
They produce the same error-code as my certificate.

The patch that is described in the following topic couldn't solve my problem.
https://www.wolfssl.com/forums/topic139 … ecert.html

Could you give me a short explanation of the following error message as well?
Cert name lacks set header, trying sequence

Thanks & Regards,
Tobias

Share

  • From: Bozeman
  • Registered: 2014-05-09
  • Posts: 777

Re: Not able to parse rsassa-pss signed x.509v3 certificate

Hi Tobias01,

Thank you for contacting wolfSSL via the forums with your questions!

Unfortunately wolfSSL does not yet support parsing of RsaPSS certificates and the certs in your test program are using RsaPSS! Have you tried testing with other signature algorithms?

RsaPSS certs are not common by any means in fact this is the first time I personally have seen an inquiry about them in my 4 years working here at wolfSSL! Could you tell us what it is your are working on and how you came about testing these certs? What are the end goals for your project and what will your product do?

The error code you've encountered "Cert name lacks set header, trying sequence" is due to the ASN fields present in an RsaPSS cert that are not present in certificates that use signature algorithms supported by wolfSSL. Here is the contents of an RsaPSS Signature Algorithm cert:

    SEQUENCE (2 elem)
      OBJECT IDENTIFIER 1.2.840.113549.1.1.10 rsaPSS (PKCS #1)
      SEQUENCE (4 elem)
        [0] (1 elem)
          SEQUENCE (2 elem)
            OBJECT IDENTIFIER 1.3.14.3.2.26 sha1 (OIW)
            NULL
        [1] (1 elem)
          SEQUENCE (2 elem)
            OBJECT IDENTIFIER 1.2.840.113549.1.1.8 pkcs1-MGF (PKCS #1)
            SEQUENCE (2 elem)
              OBJECT IDENTIFIER 1.3.14.3.2.26 sha1 (OIW)
              NULL
        [2] (1 elem)
          INTEGER 20
        [3] (1 elem)
          INTEGER 1
    SEQUENCE (6 elem) <--- START OF CERT NAME
      SET (1 elem)
        SEQUENCE (2 elem)
          OBJECT IDENTIFIER 2.5.4.6 countryName (X.520 DN component)
          PrintableString DE

and here is what the ASN1 syntax is for the signature algorithms supported by wolfSSL:

    SEQUENCE (2 elem)
      OBJECT IDENTIFIER 1.2.840.113549.1.1.11 sha256WithRSAEncryption (PKCS #1)
      NULL
    SEQUENCE (7 elem) <--- START OF CERT NAME
      SET (1 elem)
        SEQUENCE (2 elem)
          OBJECT IDENTIFIER 2.5.4.6 countryName (X.520 DN component)
          PrintableString US

So you can see in the RsaPSS certificate you sent there are several more Sequences in the cert that would need to be processed before reaching the cert name field unlike in the certificate types supported by wolfSSL which expect only a single sequence followed by the cert name.

If you would like we could add a feature request on your behalf? IE: "Add support for RsaPSS signature algorithm certificates".

Feature requests are worked on when we have spare time and there is no timeline associated with them unless a customer has a need and wishes to fund the effort in order to accelerate the timeline. Let me know if you would like me to add it to our feature request list or if this is just something you happened across and were curious why it didn't work.

Warm Regards,

K

Kaleb J. Himes's Website

Share