CSR verify failure

classic Classic list List threaded Threaded
11 messages Options
Reply | Threaded
Open this post in threaded view
|

CSR verify failure

Jon Uriarte
Hi folks,

I'm hitting some issues when trying to create SSL certificates and was wondering if any around could help with this.
I can create a CSR and sign it with a newly created key:

  $ openssl req -out CSR.csr -new -newkey rsa:2048 -nodes -keyout privateKey.key
  Generating a 2048 bit RSA private key
  ........................................+++
  .....+++
  writing new private key to 'privateKey.key'
  -----
  (enter CSR data)
  ...

But just after CSR creation, its verification fails:

  $ openssl req -text -noout -verify -in CSR.csr
  verify failure
  139886616864656:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01:rsa_pk1.c:103:
  139886616864656:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed:rsa_eay.c:773:
  139886616864656:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib:a_verify.c:249:
  Certificate Request:
      Data:
          Version: 0 (0x0)
          Subject: C=ES, L=Default City, O=Default Company Ltd

  ...

At this point, if I try to create a certificate from the CSR, it creates an empty certificate.

Private key check returns ok:

  $ openssl rsa -in privateKey.key -check
  RSA key ok
  writing RSA key
  -----BEGIN RSA PRIVATE KEY-----
  ...
  -----END RSA PRIVATE KEY-----

The public key can be read from the CSR:

  $ openssl req -in CSR.csr -noout -pubkey
  -----BEGIN PUBLIC KEY-----
  ...
  -----END PUBLIC KEY-----

I am working on a RHEL machine, with this openssl version:

  $ rpm -qa | grep openssl                                          
  openssl-libs-1.0.2k-12.el7.x86_64
  openssl-1.0.2k-12.el7.x86_64


Don't know if could be related to a missing library, and have tried to find out the root cause of the issue in internet and mailing lists but didn't get to it.

Any help would be very much appreciated.


Thanks!
Jon


--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: CSR verify failure

Felipe Gasper-2
Can you paste one of the CSRs that fails verification?

-Felipe

> On Mar 26, 2018, at 11:19 AM, Jon Uriarte <[hidden email]> wrote:
>
> Hi folks,
>
> I'm hitting some issues when trying to create SSL certificates and was wondering if any around could help with this.
> I can create a CSR and sign it with a newly created key:
>
>   $ openssl req -out CSR.csr -new -newkey rsa:2048 -nodes -keyout privateKey.key
>   Generating a 2048 bit RSA private key
>   ........................................+++
>   .....+++
>   writing new private key to 'privateKey.key'
>   -----
>   (enter CSR data)
>   ...
>
> But just after CSR creation, its verification fails:
>
>   $ openssl req -text -noout -verify -in CSR.csr
>   verify failure
>   139886616864656:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01:rsa_pk1.c:103:
>   139886616864656:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed:rsa_eay.c:773:
>   139886616864656:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib:a_verify.c:249:
>   Certificate Request:
>       Data:
>           Version: 0 (0x0)
>           Subject: C=ES, L=Default City, O=Default Company Ltd
>   ...
>
> At this point, if I try to create a certificate from the CSR, it creates an empty certificate.
>
> Private key check returns ok:
>
>   $ openssl rsa -in privateKey.key -check
>   RSA key ok
>   writing RSA key
>   -----BEGIN RSA PRIVATE KEY-----
>   ...
>   -----END RSA PRIVATE KEY-----
>
> The public key can be read from the CSR:
>
>   $ openssl req -in CSR.csr -noout -pubkey
>   -----BEGIN PUBLIC KEY-----
>   ...
>   -----END PUBLIC KEY-----
>
> I am working on a RHEL machine, with this openssl version:
>
>   $ rpm -qa | grep openssl                                          
>   openssl-libs-1.0.2k-12.el7.x86_64
>   openssl-1.0.2k-12.el7.x86_64
>
> Don't know if could be related to a missing library, and have tried to find out the root cause of the issue in internet and mailing lists but didn't get to it.
>
> Any help would be very much appreciated.
>
>
> Thanks!
> Jon
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: CSR verify failure

Michael Wojcik
In reply to this post by Jon Uriarte
I just tried the same commands on my system, using 1.0.2n, and didn't have any problems (as I'd expect).

What's the output of openssl asn1parse -dump -in CSR.csr?

--
Michael Wojcik
Distinguished Engineer, Micro Focus


--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: CSR verify failure

Jon Uriarte
Thanks for your replies.

I'm creating the CSR with the default values.

$ openssl req -noout -text -in CSR.csr
Certificate Request:
    Data:
        Version: 0 (0x0)
        Subject: C=XX, L=Default City, O=Default Company Ltd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:e2:6e:84:97:0e:d5:ea:ad:18:4f:18:73:b3:f8:
                    71:28:12:c2:5c:32:b8:07:bc:01:8c:ec:78:60:aa:
                    c0:01:18:5c:75:5d:01:76:8f:b2:92:5c:47:23:f6:
                    9d:dc:f6:02:66:1f:ca:d3:cf:a2:01:44:58:f9:df:
                    f3:a5:8a:c9:a3:47:a7:80:1a:9f:62:c4:a3:46:77:
                    e3:96:6a:85:bf:06:ac:0a:51:ea:1a:9d:03:2a:80:
                    4c:63:6b:81:87:21:b5:56:4d:a3:52:4d:d9:b4:60:
                    63:f3:14:5e:a7:6e:9d:f4:b7:5b:7d:cb:10:9c:20:
                    d1:be:ed:7f:82:81:1c:f2:f0:94:ea:a4:c9:6a:3b:
                    e7:1b:cc:44:e7:0c:21:24:57:fa:4e:4d:6d:c9:00:
                    b1:79:17:e4:7e:76:96:bc:98:42:b8:ab:ce:a8:07:
                    47:c0:bc:06:a7:b8:a7:36:07:2e:ca:80:d9:2c:3a:
                    17:e7:a6:7c:ec:53:1a:6a:a1:37:a3:b6:59:00:6b:
                    c8:fe:7f:f4:2a:72:48:74:93:d6:81:b9:c0:3b:4f:
                    a9:9d:84:84:4d:60:76:97:90:0c:f8:c7:46:26:94:
                    90:84:c1:95:cb:00:41:8d:0b:35:41:2a:a8:a9:ea:
                    73:fd:08:81:92:46:03:1a:1c:c5:18:5b:87:dd:3c:
                    a3:0d
                Exponent: 65537 (0x10001)
        Attributes:
            a0:00
    Signature Algorithm: sha256WithRSAEncryption
         71:86:f1:88:7e:4b:c9:66:36:6a:07:f0:76:64:4b:55:70:e0:
         e3:fc:18:5f:99:28:d4:95:c4:3b:e0:d7:52:64:2e:42:52:c9:
         5c:cb:ba:33:25:08:80:5e:24:62:6d:a1:8e:70:f9:9e:20:66:
         3a:14:d6:cb:10:25:93:fc:5a:f6:79:c8:a8:ce:f6:9d:0c:cf:
         8a:96:9f:76:72:a4:f7:66:8c:2e:4a:35:f4:51:5f:b5:cd:fc:
         b6:a6:ee:4e:06:d2:9f:6c:6b:34:a4:19:6c:0b:a6:cb:2b:25:
         47:da:ce:32:a1:89:6e:04:47:86:46:e5:6f:eb:d1:e6:65:73:
         86:13:a1:f4:4a:f1:e3:2c:e5:76:a6:e1:24:c2:d6:5c:33:fc:
         6a:d2:eb:33:0c:77:ca:56:b6:cb:a7:e9:13:fa:6d:0e:22:03:
         51:50:39:e0:91:ca:5d:a7:d3:f5:5b:cb:4c:2d:56:39:9b:c6:
         ab:87:c7:9b:54:6c:55:17:b6:6d:62:28:62:e8:b3:d5:69:17:
         09:80:dc:a8:6b:09:ed:c6:18:62:5f:fd:eb:9b:3a:b7:a5:ab:
         db:72:bc:55:df:e8:fa:ad:22:f1:bf:0d:b3:79:e1:d2:09:4e:
         a3:4e:61:5b:28:af:ca:3d:1f:53:52:52:72:71:e9:73:28:fd:
         73:01:90:95



$ openssl asn1parse -dump -in CSR.csr
    0:d=0  hl=4 l= 647 cons: SEQUENCE         
    4:d=1  hl=4 l= 367 cons: SEQUENCE         
    8:d=2  hl=2 l=   1 prim: INTEGER           :00
   11:d=2  hl=2 l=  66 cons: SEQUENCE         
   13:d=3  hl=2 l=  11 cons: SET              
   15:d=4  hl=2 l=   9 cons: SEQUENCE         
   17:d=5  hl=2 l=   3 prim: OBJECT            :countryName
   22:d=5  hl=2 l=   2 prim: PRINTABLESTRING   :XX
   26:d=3  hl=2 l=  21 cons: SET              
   28:d=4  hl=2 l=  19 cons: SEQUENCE         
   30:d=5  hl=2 l=   3 prim: OBJECT            :localityName
   35:d=5  hl=2 l=  12 prim: UTF8STRING        :Default City
   49:d=3  hl=2 l=  28 cons: SET              
   51:d=4  hl=2 l=  26 cons: SEQUENCE         
   53:d=5  hl=2 l=   3 prim: OBJECT            :organizationName
   58:d=5  hl=2 l=  19 prim: UTF8STRING        :Default Company Ltd
   79:d=2  hl=4 l= 290 cons: SEQUENCE         
   83:d=3  hl=2 l=  13 cons: SEQUENCE         
   85:d=4  hl=2 l=   9 prim: OBJECT            :rsaEncryption
   96:d=4  hl=2 l=   0 prim: NULL             
   98:d=3  hl=4 l= 271 prim: BIT STRING       
      0000 - 00 30 82 01 0a 02 82 01-01 00 e2 6e 84 97 0e d5   .0.........n....
      0010 - ea ad 18 4f 18 73 b3 f8-71 28 12 c2 5c 32 b8 07   ...O.s..q(..\2..
      0020 - bc 01 8c ec 78 60 aa c0-01 18 5c 75 5d 01 76 8f   ....x`....\u].v.
      0030 - b2 92 5c 47 23 f6 9d dc-f6 02 66 1f ca d3 cf a2   ..\G#.....f.....
      0040 - 01 44 58 f9 df f3 a5 8a-c9 a3 47 a7 80 1a 9f 62   .DX.......G....b
      0050 - c4 a3 46 77 e3 96 6a 85-bf 06 ac 0a 51 ea 1a 9d   ..Fw..j.....Q...
      0060 - 03 2a 80 4c 63 6b 81 87-21 b5 56 4d a3 52 4d d9   .*.Lck..!.VM.RM.
      0070 - b4 60 63 f3 14 5e a7 6e-9d f4 b7 5b 7d cb 10 9c   .`c..^.n...[}...
      0080 - 20 d1 be ed 7f 82 81 1c-f2 f0 94 ea a4 c9 6a 3b    .............j;
      0090 - e7 1b cc 44 e7 0c 21 24-57 fa 4e 4d 6d c9 00 b1   ...D..!$W.NMm...
      00a0 - 79 17 e4 7e 76 96 bc 98-42 b8 ab ce a8 07 47 c0   y..~v...B.....G.
      00b0 - bc 06 a7 b8 a7 36 07 2e-ca 80 d9 2c 3a 17 e7 a6   .....6.....,:...
      00c0 - 7c ec 53 1a 6a a1 37 a3-b6 59 00 6b c8 fe 7f f4   |.S.j.7..Y.k....
      00d0 - 2a 72 48 74 93 d6 81 b9-c0 3b 4f a9 9d 84 84 4d   *rHt.....;O....M
      00e0 - 60 76 97 90 0c f8 c7 46-26 94 90 84 c1 95 cb 00   `v.....F&.......
      00f0 - 41 8d 0b 35 41 2a a8 a9-ea 73 fd 08 81 92 46 03   A..5A*...s....F.
      0100 - 1a 1c c5 18 5b 87 dd 3c-a3 0d 02 03 01 00 01      ....[..<.......
  373:d=2  hl=2 l=   0 cons: cont [ 0 ]       
  375:d=1  hl=2 l=  13 cons: SEQUENCE         
  377:d=2  hl=2 l=   9 prim: OBJECT            :sha256WithRSAEncryption
  388:d=2  hl=2 l=   0 prim: NULL             
  390:d=1  hl=4 l= 257 prim: BIT STRING       
      0000 - 00 71 86 f1 88 7e 4b c9-66 36 6a 07 f0 76 64 4b   .q...~K.f6j..vdK
      0010 - 55 70 e0 e3 fc 18 5f 99-28 d4 95 c4 3b e0 d7 52   Up...._.(...;..R
      0020 - 64 2e 42 52 c9 5c cb ba-33 25 08 80 5e 24 62 6d   d.BR.\..3%..^$bm
      0030 - a1 8e 70 f9 9e 20 66 3a-14 d6 cb 10 25 93 fc 5a   ..p.. f:....%..Z
      0040 - f6 79 c8 a8 ce f6 9d 0c-cf 8a 96 9f 76 72 a4 f7   .y..........vr..
      0050 - 66 8c 2e 4a 35 f4 51 5f-b5 cd fc b6 a6 ee 4e 06   f..J5.Q_......N.
      0060 - d2 9f 6c 6b 34 a4 19 6c-0b a6 cb 2b 25 47 da ce   ..lk4..l...+%G..
      0070 - 32 a1 89 6e 04 47 86 46-e5 6f eb d1 e6 65 73 86   2..n.G.F.o...es.
      0080 - 13 a1 f4 4a f1 e3 2c e5-76 a6 e1 24 c2 d6 5c 33   ...J..,.v..$..\3
      0090 - fc 6a d2 eb 33 0c 77 ca-56 b6 cb a7 e9 13 fa 6d   .j..3.w.V......m
      00a0 - 0e 22 03 51 50 39 e0 91-ca 5d a7 d3 f5 5b cb 4c   .".QP9...]...[.L
      00b0 - 2d 56 39 9b c6 ab 87 c7-9b 54 6c 55 17 b6 6d 62   -V9......TlU..mb
      00c0 - 28 62 e8 b3 d5 69 17 09-80 dc a8 6b 09 ed c6 18   (b...i.....k....
      00d0 - 62 5f fd eb 9b 3a b7 a5-ab db 72 bc 55 df e8 fa   b_...:....r.U...
      00e0 - ad 22 f1 bf 0d b3 79 e1-d2 09 4e a3 4e 61 5b 28   ."....y...N.Na[(
      00f0 - af ca 3d 1f 53 52 52 72-71 e9 73 28 fd 73 01 90   ..=.SRRrq.s(.s..
      0100 - 95           
                                     .


Jon

On Mon, Mar 26, 2018 at 5:36 PM, Michael Wojcik <[hidden email]> wrote:
I just tried the same commands on my system, using 1.0.2n, and didn't have any problems (as I'd expect).

What's the output of openssl asn1parse -dump -in CSR.csr?

--
Michael Wojcik
Distinguished Engineer, Micro Focus


--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users


--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: CSR verify failure

Felipe Gasper-2
But what is the actual PEM of the CSR?

It should look like:

-----BEGIN CERTIFICATE REQUEST-----
...
-----END CERTIFICATE REQUEST-----

-FG

> On Mar 26, 2018, at 11:47 AM, Jon Uriarte <[hidden email]> wrote:
>
> Thanks for your replies.
>
> I'm creating the CSR with the default values.
>
> $ openssl req -noout -text -in CSR.csr
> Certificate Request:
>     Data:
>         Version: 0 (0x0)
>         Subject: C=XX, L=Default City, O=Default Company Ltd
>         Subject Public Key Info:
>             Public Key Algorithm: rsaEncryption
>                 Public-Key: (2048 bit)
>                 Modulus:
>                     00:e2:6e:84:97:0e:d5:ea:ad:18:4f:18:73:b3:f8:
>                     71:28:12:c2:5c:32:b8:07:bc:01:8c:ec:78:60:aa:
>                     c0:01:18:5c:75:5d:01:76:8f:b2:92:5c:47:23:f6:
>                     9d:dc:f6:02:66:1f:ca:d3:cf:a2:01:44:58:f9:df:
>                     f3:a5:8a:c9:a3:47:a7:80:1a:9f:62:c4:a3:46:77:
>                     e3:96:6a:85:bf:06:ac:0a:51:ea:1a:9d:03:2a:80:
>                     4c:63:6b:81:87:21:b5:56:4d:a3:52:4d:d9:b4:60:
>                     63:f3:14:5e:a7:6e:9d:f4:b7:5b:7d:cb:10:9c:20:
>                     d1:be:ed:7f:82:81:1c:f2:f0:94:ea:a4:c9:6a:3b:
>                     e7:1b:cc:44:e7:0c:21:24:57:fa:4e:4d:6d:c9:00:
>                     b1:79:17:e4:7e:76:96:bc:98:42:b8:ab:ce:a8:07:
>                     47:c0:bc:06:a7:b8:a7:36:07:2e:ca:80:d9:2c:3a:
>                     17:e7:a6:7c:ec:53:1a:6a:a1:37:a3:b6:59:00:6b:
>                     c8:fe:7f:f4:2a:72:48:74:93:d6:81:b9:c0:3b:4f:
>                     a9:9d:84:84:4d:60:76:97:90:0c:f8:c7:46:26:94:
>                     90:84:c1:95:cb:00:41:8d:0b:35:41:2a:a8:a9:ea:
>                     73:fd:08:81:92:46:03:1a:1c:c5:18:5b:87:dd:3c:
>                     a3:0d
>                 Exponent: 65537 (0x10001)
>         Attributes:
>             a0:00
>     Signature Algorithm: sha256WithRSAEncryption
>          71:86:f1:88:7e:4b:c9:66:36:6a:07:f0:76:64:4b:55:70:e0:
>          e3:fc:18:5f:99:28:d4:95:c4:3b:e0:d7:52:64:2e:42:52:c9:
>          5c:cb:ba:33:25:08:80:5e:24:62:6d:a1:8e:70:f9:9e:20:66:
>          3a:14:d6:cb:10:25:93:fc:5a:f6:79:c8:a8:ce:f6:9d:0c:cf:
>          8a:96:9f:76:72:a4:f7:66:8c:2e:4a:35:f4:51:5f:b5:cd:fc:
>          b6:a6:ee:4e:06:d2:9f:6c:6b:34:a4:19:6c:0b:a6:cb:2b:25:
>          47:da:ce:32:a1:89:6e:04:47:86:46:e5:6f:eb:d1:e6:65:73:
>          86:13:a1:f4:4a:f1:e3:2c:e5:76:a6:e1:24:c2:d6:5c:33:fc:
>          6a:d2:eb:33:0c:77:ca:56:b6:cb:a7:e9:13:fa:6d:0e:22:03:
>          51:50:39:e0:91:ca:5d:a7:d3:f5:5b:cb:4c:2d:56:39:9b:c6:
>          ab:87:c7:9b:54:6c:55:17:b6:6d:62:28:62:e8:b3:d5:69:17:
>          09:80:dc:a8:6b:09:ed:c6:18:62:5f:fd:eb:9b:3a:b7:a5:ab:
>          db:72:bc:55:df:e8:fa:ad:22:f1:bf:0d:b3:79:e1:d2:09:4e:
>          a3:4e:61:5b:28:af:ca:3d:1f:53:52:52:72:71:e9:73:28:fd:
>          73:01:90:95
>
>
> $ openssl asn1parse -dump -in CSR.csr
>     0:d=0  hl=4 l= 647 cons: SEQUENCE          
>     4:d=1  hl=4 l= 367 cons: SEQUENCE          
>     8:d=2  hl=2 l=   1 prim: INTEGER           :00
>    11:d=2  hl=2 l=  66 cons: SEQUENCE          
>    13:d=3  hl=2 l=  11 cons: SET              
>    15:d=4  hl=2 l=   9 cons: SEQUENCE          
>    17:d=5  hl=2 l=   3 prim: OBJECT            :countryName
>    22:d=5  hl=2 l=   2 prim: PRINTABLESTRING   :XX
>    26:d=3  hl=2 l=  21 cons: SET              
>    28:d=4  hl=2 l=  19 cons: SEQUENCE          
>    30:d=5  hl=2 l=   3 prim: OBJECT            :localityName
>    35:d=5  hl=2 l=  12 prim: UTF8STRING        :Default City
>    49:d=3  hl=2 l=  28 cons: SET              
>    51:d=4  hl=2 l=  26 cons: SEQUENCE          
>    53:d=5  hl=2 l=   3 prim: OBJECT            :organizationName
>    58:d=5  hl=2 l=  19 prim: UTF8STRING        :Default Company Ltd
>    79:d=2  hl=4 l= 290 cons: SEQUENCE          
>    83:d=3  hl=2 l=  13 cons: SEQUENCE          
>    85:d=4  hl=2 l=   9 prim: OBJECT            :rsaEncryption
>    96:d=4  hl=2 l=   0 prim: NULL              
>    98:d=3  hl=4 l= 271 prim: BIT STRING        
>       0000 - 00 30 82 01 0a 02 82 01-01 00 e2 6e 84 97 0e d5   .0.........n....
>       0010 - ea ad 18 4f 18 73 b3 f8-71 28 12 c2 5c 32 b8 07   ...O.s..q(..\2..
>       0020 - bc 01 8c ec 78 60 aa c0-01 18 5c 75 5d 01 76 8f   ....x`....\u].v.
>       0030 - b2 92 5c 47 23 f6 9d dc-f6 02 66 1f ca d3 cf a2   ..\G#.....f.....
>       0040 - 01 44 58 f9 df f3 a5 8a-c9 a3 47 a7 80 1a 9f 62   .DX.......G....b
>       0050 - c4 a3 46 77 e3 96 6a 85-bf 06 ac 0a 51 ea 1a 9d   ..Fw..j.....Q...
>       0060 - 03 2a 80 4c 63 6b 81 87-21 b5 56 4d a3 52 4d d9   .*.Lck..!.VM.RM.
>       0070 - b4 60 63 f3 14 5e a7 6e-9d f4 b7 5b 7d cb 10 9c   .`c..^.n...[}...
>       0080 - 20 d1 be ed 7f 82 81 1c-f2 f0 94 ea a4 c9 6a 3b    .............j;
>       0090 - e7 1b cc 44 e7 0c 21 24-57 fa 4e 4d 6d c9 00 b1   ...D..!$W.NMm...
>       00a0 - 79 17 e4 7e 76 96 bc 98-42 b8 ab ce a8 07 47 c0   y..~v...B.....G.
>       00b0 - bc 06 a7 b8 a7 36 07 2e-ca 80 d9 2c 3a 17 e7 a6   .....6.....,:...
>       00c0 - 7c ec 53 1a 6a a1 37 a3-b6 59 00 6b c8 fe 7f f4   |.S.j.7..Y.k....
>       00d0 - 2a 72 48 74 93 d6 81 b9-c0 3b 4f a9 9d 84 84 4d   *rHt.....;O....M
>       00e0 - 60 76 97 90 0c f8 c7 46-26 94 90 84 c1 95 cb 00   `v.....F&.......
>       00f0 - 41 8d 0b 35 41 2a a8 a9-ea 73 fd 08 81 92 46 03   A..5A*...s....F.
>       0100 - 1a 1c c5 18 5b 87 dd 3c-a3 0d 02 03 01 00 01      ....[..<.......
>   373:d=2  hl=2 l=   0 cons: cont [ 0 ]        
>   375:d=1  hl=2 l=  13 cons: SEQUENCE          
>   377:d=2  hl=2 l=   9 prim: OBJECT            :sha256WithRSAEncryption
>   388:d=2  hl=2 l=   0 prim: NULL              
>   390:d=1  hl=4 l= 257 prim: BIT STRING        
>       0000 - 00 71 86 f1 88 7e 4b c9-66 36 6a 07 f0 76 64 4b   .q...~K.f6j..vdK
>       0010 - 55 70 e0 e3 fc 18 5f 99-28 d4 95 c4 3b e0 d7 52   Up...._.(...;..R
>       0020 - 64 2e 42 52 c9 5c cb ba-33 25 08 80 5e 24 62 6d   d.BR.\..3%..^$bm
>       0030 - a1 8e 70 f9 9e 20 66 3a-14 d6 cb 10 25 93 fc 5a   ..p.. f:....%..Z
>       0040 - f6 79 c8 a8 ce f6 9d 0c-cf 8a 96 9f 76 72 a4 f7   .y..........vr..
>       0050 - 66 8c 2e 4a 35 f4 51 5f-b5 cd fc b6 a6 ee 4e 06   f..J5.Q_......N.
>       0060 - d2 9f 6c 6b 34 a4 19 6c-0b a6 cb 2b 25 47 da ce   ..lk4..l...+%G..
>       0070 - 32 a1 89 6e 04 47 86 46-e5 6f eb d1 e6 65 73 86   2..n.G.F.o...es.
>       0080 - 13 a1 f4 4a f1 e3 2c e5-76 a6 e1 24 c2 d6 5c 33   ...J..,.v..$..\3
>       0090 - fc 6a d2 eb 33 0c 77 ca-56 b6 cb a7 e9 13 fa 6d   .j..3.w.V......m
>       00a0 - 0e 22 03 51 50 39 e0 91-ca 5d a7 d3 f5 5b cb 4c   .".QP9...]...[.L
>       00b0 - 2d 56 39 9b c6 ab 87 c7-9b 54 6c 55 17 b6 6d 62   -V9......TlU..mb
>       00c0 - 28 62 e8 b3 d5 69 17 09-80 dc a8 6b 09 ed c6 18   (b...i.....k....
>       00d0 - 62 5f fd eb 9b 3a b7 a5-ab db 72 bc 55 df e8 fa   b_...:....r.U...
>       00e0 - ad 22 f1 bf 0d b3 79 e1-d2 09 4e a3 4e 61 5b 28   ."....y...N.Na[(
>       00f0 - af ca 3d 1f 53 52 52 72-71 e9 73 28 fd 73 01 90   ..=.SRRrq.s(.s..
>       0100 - 95                                                .
>
>
> Jon
>
> On Mon, Mar 26, 2018 at 5:36 PM, Michael Wojcik <[hidden email]> wrote:
> I just tried the same commands on my system, using 1.0.2n, and didn't have any problems (as I'd expect).
>
> What's the output of openssl asn1parse -dump -in CSR.csr?
>
> --
> Michael Wojcik
> Distinguished Engineer, Micro Focus
>
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: CSR verify failure

Jon Uriarte
Sure, here it is:

$ cat CSR.csr
-----BEGIN CERTIFICATE REQUEST-----
MIIChzCCAW8CAQAwQjELMAkGA1UEBhMCWFgxFTATBgNVBAcMDERlZmF1bHQgQ2l0
eTEcMBoGA1UECgwTRGVmYXVsdCBDb21wYW55IEx0ZDCCASIwDQYJKoZIhvcNAQEB
BQADggEPADCCAQoCggEBAOJuhJcO1eqtGE8Yc7P4cSgSwlwyuAe8AYzseGCqwAEY
XHVdAXaPspJcRyP2ndz2AmYfytPPogFEWPnf86WKyaNHp4Aan2LEo0Z345Zqhb8G
rApR6hqdAyqATGNrgYchtVZNo1JN2bRgY/MUXqdunfS3W33LEJwg0b7tf4KBHPLw
lOqkyWo75xvMROcMISRX+k5NbckAsXkX5H52lryYQrirzqgHR8C8Bqe4pzYHLsqA
2Sw6F+emfOxTGmqhN6O2WQBryP5/9CpySHST1oG5wDtPqZ2EhE1gdpeQDPjHRiaU
kITBlcsAQY0LNUEqqKnqc/0IgZJGAxocxRhbh908ow0CAwEAAaAAMA0GCSqGSIb3
DQEBCwUAA4IBAQBxhvGIfkvJZjZqB/B2ZEtVcODj/BhfmSjUlcQ74NdSZC5CUslc
y7ozJQiAXiRibaGOcPmeIGY6FNbLECWT/Fr2eciozvadDM+Klp92cqT3ZowuSjX0
UV+1zfy2pu5OBtKfbGs0pBlsC6bLKyVH2s4yoYluBEeGRuVv69HmZXOGE6H0SvHj
LOV2puEkwtZcM/xq0uszDHfKVrbLp+kT+m0OIgNRUDngkcpdp9P1W8tMLVY5m8ar
h8ebVGxVF7ZtYihi6LPVaRcJgNyoawntxhhiX/3rmzq3pavbcrxV3+j6rSLxvw2z
eeHSCU6jTmFbKK/KPR9TUlJycelzKP1zAZCV
-----END CERTIFICATE REQUEST-----



Jon

On Mon, Mar 26, 2018 at 5:49 PM, Felipe Gasper <[hidden email]> wrote:
But what is the actual PEM of the CSR?

It should look like:

-----BEGIN CERTIFICATE REQUEST-----
...
-----END CERTIFICATE REQUEST-----

-FG

> On Mar 26, 2018, at 11:47 AM, Jon Uriarte <[hidden email]> wrote:
>
> Thanks for your replies.
>
> I'm creating the CSR with the default values.
>
> $ openssl req -noout -text -in CSR.csr
> Certificate Request:
>     Data:
>         Version: 0 (0x0)
>         Subject: C=XX, L=Default City, O=Default Company Ltd
>         Subject Public Key Info:
>             Public Key Algorithm: rsaEncryption
>                 Public-Key: (2048 bit)
>                 Modulus:
>                     00:e2:6e:84:97:0e:d5:ea:ad:18:4f:18:73:b3:f8:
>                     71:28:12:c2:5c:32:b8:07:bc:01:8c:ec:78:60:aa:
>                     c0:01:18:5c:75:5d:01:76:8f:b2:92:5c:47:23:f6:
>                     9d:dc:f6:02:66:1f:ca:d3:cf:a2:01:44:58:f9:df:
>                     f3:a5:8a:c9:a3:47:a7:80:1a:9f:62:c4:a3:46:77:
>                     e3:96:6a:85:bf:06:ac:0a:51:ea:1a:9d:03:2a:80:
>                     4c:63:6b:81:87:21:b5:56:4d:a3:52:4d:d9:b4:60:
>                     63:f3:14:5e:a7:6e:9d:f4:b7:5b:7d:cb:10:9c:20:
>                     d1:be:ed:7f:82:81:1c:f2:f0:94:ea:a4:c9:6a:3b:
>                     e7:1b:cc:44:e7:0c:21:24:57:fa:4e:4d:6d:c9:00:
>                     b1:79:17:e4:7e:76:96:bc:98:42:b8:ab:ce:a8:07:
>                     47:c0:bc:06:a7:b8:a7:36:07:2e:ca:80:d9:2c:3a:
>                     17:e7:a6:7c:ec:53:1a:6a:a1:37:a3:b6:59:00:6b:
>                     c8:fe:7f:f4:2a:72:48:74:93:d6:81:b9:c0:3b:4f:
>                     a9:9d:84:84:4d:60:76:97:90:0c:f8:c7:46:26:94:
>                     90:84:c1:95:cb:00:41:8d:0b:35:41:2a:a8:a9:ea:
>                     73:fd:08:81:92:46:03:1a:1c:c5:18:5b:87:dd:3c:
>                     a3:0d
>                 Exponent: 65537 (0x10001)
>         Attributes:
>             a0:00
>     Signature Algorithm: sha256WithRSAEncryption
>          71:86:f1:88:7e:4b:c9:66:36:6a:07:f0:76:64:4b:55:70:e0:
>          e3:fc:18:5f:99:28:d4:95:c4:3b:e0:d7:52:64:2e:42:52:c9:
>          5c:cb:ba:33:25:08:80:5e:24:62:6d:a1:8e:70:f9:9e:20:66:
>          3a:14:d6:cb:10:25:93:fc:5a:f6:79:c8:a8:ce:f6:9d:0c:cf:
>          8a:96:9f:76:72:a4:f7:66:8c:2e:4a:35:f4:51:5f:b5:cd:fc:
>          b6:a6:ee:4e:06:d2:9f:6c:6b:34:a4:19:6c:0b:a6:cb:2b:25:
>          47:da:ce:32:a1:89:6e:04:47:86:46:e5:6f:eb:d1:e6:65:73:
>          86:13:a1:f4:4a:f1:e3:2c:e5:76:a6:e1:24:c2:d6:5c:33:fc:
>          6a:d2:eb:33:0c:77:ca:56:b6:cb:a7:e9:13:fa:6d:0e:22:03:
>          51:50:39:e0:91:ca:5d:a7:d3:f5:5b:cb:4c:2d:56:39:9b:c6:
>          ab:87:c7:9b:54:6c:55:17:b6:6d:62:28:62:e8:b3:d5:69:17:
>          09:80:dc:a8:6b:09:ed:c6:18:62:5f:fd:eb:9b:3a:b7:a5:ab:
>          db:72:bc:55:df:e8:fa:ad:22:f1:bf:0d:b3:79:e1:d2:09:4e:
>          a3:4e:61:5b:28:af:ca:3d:1f:53:52:52:72:71:e9:73:28:fd:
>          73:01:90:95
>
>
> $ openssl asn1parse -dump -in CSR.csr
>     0:d=0  hl=4 l= 647 cons: SEQUENCE
>     4:d=1  hl=4 l= 367 cons: SEQUENCE
>     8:d=2  hl=2 l=   1 prim: INTEGER           :00
>    11:d=2  hl=2 l=  66 cons: SEQUENCE
>    13:d=3  hl=2 l=  11 cons: SET
>    15:d=4  hl=2 l=   9 cons: SEQUENCE
>    17:d=5  hl=2 l=   3 prim: OBJECT            :countryName
>    22:d=5  hl=2 l=   2 prim: PRINTABLESTRING   :XX
>    26:d=3  hl=2 l=  21 cons: SET
>    28:d=4  hl=2 l=  19 cons: SEQUENCE
>    30:d=5  hl=2 l=   3 prim: OBJECT            :localityName
>    35:d=5  hl=2 l=  12 prim: UTF8STRING        :Default City
>    49:d=3  hl=2 l=  28 cons: SET
>    51:d=4  hl=2 l=  26 cons: SEQUENCE
>    53:d=5  hl=2 l=   3 prim: OBJECT            :organizationName
>    58:d=5  hl=2 l=  19 prim: UTF8STRING        :Default Company Ltd
>    79:d=2  hl=4 l= 290 cons: SEQUENCE
>    83:d=3  hl=2 l=  13 cons: SEQUENCE
>    85:d=4  hl=2 l=   9 prim: OBJECT            :rsaEncryption
>    96:d=4  hl=2 l=   0 prim: NULL
>    98:d=3  hl=4 l= 271 prim: BIT STRING
>       0000 - 00 30 82 01 0a 02 82 01-01 00 e2 6e 84 97 0e d5   .0.........n....
>       0010 - ea ad 18 4f 18 73 b3 f8-71 28 12 c2 5c 32 b8 07   ...O.s..q(..\2..
>       0020 - bc 01 8c ec 78 60 aa c0-01 18 5c 75 5d 01 76 8f   ....x`....\u].v.
>       0030 - b2 92 5c 47 23 f6 9d dc-f6 02 66 1f ca d3 cf a2   ..\G#.....f.....
>       0040 - 01 44 58 f9 df f3 a5 8a-c9 a3 47 a7 80 1a 9f 62   .DX.......G....b
>       0050 - c4 a3 46 77 e3 96 6a 85-bf 06 ac 0a 51 ea 1a 9d   ..Fw..j.....Q...
>       0060 - 03 2a 80 4c 63 6b 81 87-21 b5 56 4d a3 52 4d d9   .*.Lck..!.VM.RM.
>       0070 - b4 60 63 f3 14 5e a7 6e-9d f4 b7 5b 7d cb 10 9c   .`c..^.n...[}...
>       0080 - 20 d1 be ed 7f 82 81 1c-f2 f0 94 ea a4 c9 6a 3b    .............j;
>       0090 - e7 1b cc 44 e7 0c 21 24-57 fa 4e 4d 6d c9 00 b1   ...D..!$W.NMm...
>       00a0 - 79 17 e4 7e 76 96 bc 98-42 b8 ab ce a8 07 47 c0   y..~v...B.....G.
>       00b0 - bc 06 a7 b8 a7 36 07 2e-ca 80 d9 2c 3a 17 e7 a6   .....6.....,:...
>       00c0 - 7c ec 53 1a 6a a1 37 a3-b6 59 00 6b c8 fe 7f f4   |.S.j.7..Y.k....
>       00d0 - 2a 72 48 74 93 d6 81 b9-c0 3b 4f a9 9d 84 84 4d   *rHt.....;O....M
>       00e0 - 60 76 97 90 0c f8 c7 46-26 94 90 84 c1 95 cb 00   `v.....F&.......
>       00f0 - 41 8d 0b 35 41 2a a8 a9-ea 73 fd 08 81 92 46 03   A..5A*...s....F.
>       0100 - 1a 1c c5 18 5b 87 dd 3c-a3 0d 02 03 01 00 01      ....[..<.......
>   373:d=2  hl=2 l=   0 cons: cont [ 0 ]
>   375:d=1  hl=2 l=  13 cons: SEQUENCE
>   377:d=2  hl=2 l=   9 prim: OBJECT            :sha256WithRSAEncryption
>   388:d=2  hl=2 l=   0 prim: NULL
>   390:d=1  hl=4 l= 257 prim: BIT STRING
>       0000 - 00 71 86 f1 88 7e 4b c9-66 36 6a 07 f0 76 64 4b   .q...~K.f6j..vdK
>       0010 - 55 70 e0 e3 fc 18 5f 99-28 d4 95 c4 3b e0 d7 52   Up...._.(...;..R
>       0020 - 64 2e 42 52 c9 5c cb ba-33 25 08 80 5e 24 62 6d   d.BR.\..3%..^$bm
>       0030 - a1 8e 70 f9 9e 20 66 3a-14 d6 cb 10 25 93 fc 5a   ..p.. f:....%..Z
>       0040 - f6 79 c8 a8 ce f6 9d 0c-cf 8a 96 9f 76 72 a4 f7   .y..........vr..
>       0050 - 66 8c 2e 4a 35 f4 51 5f-b5 cd fc b6 a6 ee 4e 06   f..J5.Q_......N.
>       0060 - d2 9f 6c 6b 34 a4 19 6c-0b a6 cb 2b 25 47 da ce   ..lk4..l...+%G..
>       0070 - 32 a1 89 6e 04 47 86 46-e5 6f eb d1 e6 65 73 86   2..n.G.F.o...es.
>       0080 - 13 a1 f4 4a f1 e3 2c e5-76 a6 e1 24 c2 d6 5c 33   ...J..,.v..$..\3
>       0090 - fc 6a d2 eb 33 0c 77 ca-56 b6 cb a7 e9 13 fa 6d   .j..3.w.V......m
>       00a0 - 0e 22 03 51 50 39 e0 91-ca 5d a7 d3 f5 5b cb 4c   .".QP9...]...[.L
>       00b0 - 2d 56 39 9b c6 ab 87 c7-9b 54 6c 55 17 b6 6d 62   -V9......TlU..mb
>       00c0 - 28 62 e8 b3 d5 69 17 09-80 dc a8 6b 09 ed c6 18   (b...i.....k....
>       00d0 - 62 5f fd eb 9b 3a b7 a5-ab db 72 bc 55 df e8 fa   b_...:....r.U...
>       00e0 - ad 22 f1 bf 0d b3 79 e1-d2 09 4e a3 4e 61 5b 28   ."....y...N.Na[(
>       00f0 - af ca 3d 1f 53 52 52 72-71 e9 73 28 fd 73 01 90   ..=.SRRrq.s(.s..
>       0100 - 95                                                .
>
>
> Jon
>
> On Mon, Mar 26, 2018 at 5:36 PM, Michael Wojcik <[hidden email]> wrote:
> I just tried the same commands on my system, using 1.0.2n, and didn't have any problems (as I'd expect).
>
> What's the output of openssl asn1parse -dump -in CSR.csr?
>
> --
> Michael Wojcik
> Distinguished Engineer, Micro Focus
>
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users


--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: CSR verify failure

Felipe Gasper-2
I see the same errors with 1.0.2n.

Going by posts I see out-and-about about this error, there seem to be two possibilities:

1) There’s an RSA padding scheme mismatch. Maybe your openssl.cnf has something nonstandard, e.g., raw padding rather than PKCS1?

2) The signature is simply incorrect. It’s been a while since I did this, but I *believe* you could check this by extracting the bytes for the first-nested SEQUENCE from the ASN.1 structure, get the signature for that blob against your private key, then compare that to the CSR’s stored signature. They should be the same.

Also, did you verify that the modulus and exponent as stored in the CSR match up against your private key file?

-F

> On Mar 26, 2018, at 11:55 AM, Jon Uriarte <[hidden email]> wrote:
>
> Sure, here it is:
>
> $ cat CSR.csr
> -----BEGIN CERTIFICATE REQUEST-----
> MIIChzCCAW8CAQAwQjELMAkGA1UEBhMCWFgxFTATBgNVBAcMDERlZmF1bHQgQ2l0
> eTEcMBoGA1UECgwTRGVmYXVsdCBDb21wYW55IEx0ZDCCASIwDQYJKoZIhvcNAQEB
> BQADggEPADCCAQoCggEBAOJuhJcO1eqtGE8Yc7P4cSgSwlwyuAe8AYzseGCqwAEY
> XHVdAXaPspJcRyP2ndz2AmYfytPPogFEWPnf86WKyaNHp4Aan2LEo0Z345Zqhb8G
> rApR6hqdAyqATGNrgYchtVZNo1JN2bRgY/MUXqdunfS3W33LEJwg0b7tf4KBHPLw
> lOqkyWo75xvMROcMISRX+k5NbckAsXkX5H52lryYQrirzqgHR8C8Bqe4pzYHLsqA
> 2Sw6F+emfOxTGmqhN6O2WQBryP5/9CpySHST1oG5wDtPqZ2EhE1gdpeQDPjHRiaU
> kITBlcsAQY0LNUEqqKnqc/0IgZJGAxocxRhbh908ow0CAwEAAaAAMA0GCSqGSIb3
> DQEBCwUAA4IBAQBxhvGIfkvJZjZqB/B2ZEtVcODj/BhfmSjUlcQ74NdSZC5CUslc
> y7ozJQiAXiRibaGOcPmeIGY6FNbLECWT/Fr2eciozvadDM+Klp92cqT3ZowuSjX0
> UV+1zfy2pu5OBtKfbGs0pBlsC6bLKyVH2s4yoYluBEeGRuVv69HmZXOGE6H0SvHj
> LOV2puEkwtZcM/xq0uszDHfKVrbLp+kT+m0OIgNRUDngkcpdp9P1W8tMLVY5m8ar
> h8ebVGxVF7ZtYihi6LPVaRcJgNyoawntxhhiX/3rmzq3pavbcrxV3+j6rSLxvw2z
> eeHSCU6jTmFbKK/KPR9TUlJycelzKP1zAZCV
> -----END CERTIFICATE REQUEST-----
>
>
> Jon
>
> On Mon, Mar 26, 2018 at 5:49 PM, Felipe Gasper <[hidden email]> wrote:
> But what is the actual PEM of the CSR?
>
> It should look like:
>
> -----BEGIN CERTIFICATE REQUEST-----
> ...
> -----END CERTIFICATE REQUEST-----
>
> -FG
>
> > On Mar 26, 2018, at 11:47 AM, Jon Uriarte <[hidden email]> wrote:
> >
> > Thanks for your replies.
> >
> > I'm creating the CSR with the default values.
> >
> > $ openssl req -noout -text -in CSR.csr
> > Certificate Request:
> >     Data:
> >         Version: 0 (0x0)
> >         Subject: C=XX, L=Default City, O=Default Company Ltd
> >         Subject Public Key Info:
> >             Public Key Algorithm: rsaEncryption
> >                 Public-Key: (2048 bit)
> >                 Modulus:
> >                     00:e2:6e:84:97:0e:d5:ea:ad:18:4f:18:73:b3:f8:
> >                     71:28:12:c2:5c:32:b8:07:bc:01:8c:ec:78:60:aa:
> >                     c0:01:18:5c:75:5d:01:76:8f:b2:92:5c:47:23:f6:
> >                     9d:dc:f6:02:66:1f:ca:d3:cf:a2:01:44:58:f9:df:
> >                     f3:a5:8a:c9:a3:47:a7:80:1a:9f:62:c4:a3:46:77:
> >                     e3:96:6a:85:bf:06:ac:0a:51:ea:1a:9d:03:2a:80:
> >                     4c:63:6b:81:87:21:b5:56:4d:a3:52:4d:d9:b4:60:
> >                     63:f3:14:5e:a7:6e:9d:f4:b7:5b:7d:cb:10:9c:20:
> >                     d1:be:ed:7f:82:81:1c:f2:f0:94:ea:a4:c9:6a:3b:
> >                     e7:1b:cc:44:e7:0c:21:24:57:fa:4e:4d:6d:c9:00:
> >                     b1:79:17:e4:7e:76:96:bc:98:42:b8:ab:ce:a8:07:
> >                     47:c0:bc:06:a7:b8:a7:36:07:2e:ca:80:d9:2c:3a:
> >                     17:e7:a6:7c:ec:53:1a:6a:a1:37:a3:b6:59:00:6b:
> >                     c8:fe:7f:f4:2a:72:48:74:93:d6:81:b9:c0:3b:4f:
> >                     a9:9d:84:84:4d:60:76:97:90:0c:f8:c7:46:26:94:
> >                     90:84:c1:95:cb:00:41:8d:0b:35:41:2a:a8:a9:ea:
> >                     73:fd:08:81:92:46:03:1a:1c:c5:18:5b:87:dd:3c:
> >                     a3:0d
> >                 Exponent: 65537 (0x10001)
> >         Attributes:
> >             a0:00
> >     Signature Algorithm: sha256WithRSAEncryption
> >          71:86:f1:88:7e:4b:c9:66:36:6a:07:f0:76:64:4b:55:70:e0:
> >          e3:fc:18:5f:99:28:d4:95:c4:3b:e0:d7:52:64:2e:42:52:c9:
> >          5c:cb:ba:33:25:08:80:5e:24:62:6d:a1:8e:70:f9:9e:20:66:
> >          3a:14:d6:cb:10:25:93:fc:5a:f6:79:c8:a8:ce:f6:9d:0c:cf:
> >          8a:96:9f:76:72:a4:f7:66:8c:2e:4a:35:f4:51:5f:b5:cd:fc:
> >          b6:a6:ee:4e:06:d2:9f:6c:6b:34:a4:19:6c:0b:a6:cb:2b:25:
> >          47:da:ce:32:a1:89:6e:04:47:86:46:e5:6f:eb:d1:e6:65:73:
> >          86:13:a1:f4:4a:f1:e3:2c:e5:76:a6:e1:24:c2:d6:5c:33:fc:
> >          6a:d2:eb:33:0c:77:ca:56:b6:cb:a7:e9:13:fa:6d:0e:22:03:
> >          51:50:39:e0:91:ca:5d:a7:d3:f5:5b:cb:4c:2d:56:39:9b:c6:
> >          ab:87:c7:9b:54:6c:55:17:b6:6d:62:28:62:e8:b3:d5:69:17:
> >          09:80:dc:a8:6b:09:ed:c6:18:62:5f:fd:eb:9b:3a:b7:a5:ab:
> >          db:72:bc:55:df:e8:fa:ad:22:f1:bf:0d:b3:79:e1:d2:09:4e:
> >          a3:4e:61:5b:28:af:ca:3d:1f:53:52:52:72:71:e9:73:28:fd:
> >          73:01:90:95
> >
> >
> > $ openssl asn1parse -dump -in CSR.csr
> >     0:d=0  hl=4 l= 647 cons: SEQUENCE
> >     4:d=1  hl=4 l= 367 cons: SEQUENCE
> >     8:d=2  hl=2 l=   1 prim: INTEGER           :00
> >    11:d=2  hl=2 l=  66 cons: SEQUENCE
> >    13:d=3  hl=2 l=  11 cons: SET
> >    15:d=4  hl=2 l=   9 cons: SEQUENCE
> >    17:d=5  hl=2 l=   3 prim: OBJECT            :countryName
> >    22:d=5  hl=2 l=   2 prim: PRINTABLESTRING   :XX
> >    26:d=3  hl=2 l=  21 cons: SET
> >    28:d=4  hl=2 l=  19 cons: SEQUENCE
> >    30:d=5  hl=2 l=   3 prim: OBJECT            :localityName
> >    35:d=5  hl=2 l=  12 prim: UTF8STRING        :Default City
> >    49:d=3  hl=2 l=  28 cons: SET
> >    51:d=4  hl=2 l=  26 cons: SEQUENCE
> >    53:d=5  hl=2 l=   3 prim: OBJECT            :organizationName
> >    58:d=5  hl=2 l=  19 prim: UTF8STRING        :Default Company Ltd
> >    79:d=2  hl=4 l= 290 cons: SEQUENCE
> >    83:d=3  hl=2 l=  13 cons: SEQUENCE
> >    85:d=4  hl=2 l=   9 prim: OBJECT            :rsaEncryption
> >    96:d=4  hl=2 l=   0 prim: NULL
> >    98:d=3  hl=4 l= 271 prim: BIT STRING
> >       0000 - 00 30 82 01 0a 02 82 01-01 00 e2 6e 84 97 0e d5   .0.........n....
> >       0010 - ea ad 18 4f 18 73 b3 f8-71 28 12 c2 5c 32 b8 07   ...O.s..q(..\2..
> >       0020 - bc 01 8c ec 78 60 aa c0-01 18 5c 75 5d 01 76 8f   ....x`....\u].v.
> >       0030 - b2 92 5c 47 23 f6 9d dc-f6 02 66 1f ca d3 cf a2   ..\G#.....f.....
> >       0040 - 01 44 58 f9 df f3 a5 8a-c9 a3 47 a7 80 1a 9f 62   .DX.......G....b
> >       0050 - c4 a3 46 77 e3 96 6a 85-bf 06 ac 0a 51 ea 1a 9d   ..Fw..j.....Q...
> >       0060 - 03 2a 80 4c 63 6b 81 87-21 b5 56 4d a3 52 4d d9   .*.Lck..!.VM.RM.
> >       0070 - b4 60 63 f3 14 5e a7 6e-9d f4 b7 5b 7d cb 10 9c   .`c..^.n...[}...
> >       0080 - 20 d1 be ed 7f 82 81 1c-f2 f0 94 ea a4 c9 6a 3b    .............j;
> >       0090 - e7 1b cc 44 e7 0c 21 24-57 fa 4e 4d 6d c9 00 b1   ...D..!$W.NMm...
> >       00a0 - 79 17 e4 7e 76 96 bc 98-42 b8 ab ce a8 07 47 c0   y..~v...B.....G.
> >       00b0 - bc 06 a7 b8 a7 36 07 2e-ca 80 d9 2c 3a 17 e7 a6   .....6.....,:...
> >       00c0 - 7c ec 53 1a 6a a1 37 a3-b6 59 00 6b c8 fe 7f f4   |.S.j.7..Y.k....
> >       00d0 - 2a 72 48 74 93 d6 81 b9-c0 3b 4f a9 9d 84 84 4d   *rHt.....;O....M
> >       00e0 - 60 76 97 90 0c f8 c7 46-26 94 90 84 c1 95 cb 00   `v.....F&.......
> >       00f0 - 41 8d 0b 35 41 2a a8 a9-ea 73 fd 08 81 92 46 03   A..5A*...s....F.
> >       0100 - 1a 1c c5 18 5b 87 dd 3c-a3 0d 02 03 01 00 01      ....[..<.......
> >   373:d=2  hl=2 l=   0 cons: cont [ 0 ]
> >   375:d=1  hl=2 l=  13 cons: SEQUENCE
> >   377:d=2  hl=2 l=   9 prim: OBJECT            :sha256WithRSAEncryption
> >   388:d=2  hl=2 l=   0 prim: NULL
> >   390:d=1  hl=4 l= 257 prim: BIT STRING
> >       0000 - 00 71 86 f1 88 7e 4b c9-66 36 6a 07 f0 76 64 4b   .q...~K.f6j..vdK
> >       0010 - 55 70 e0 e3 fc 18 5f 99-28 d4 95 c4 3b e0 d7 52   Up...._.(...;..R
> >       0020 - 64 2e 42 52 c9 5c cb ba-33 25 08 80 5e 24 62 6d   d.BR.\..3%..^$bm
> >       0030 - a1 8e 70 f9 9e 20 66 3a-14 d6 cb 10 25 93 fc 5a   ..p.. f:....%..Z
> >       0040 - f6 79 c8 a8 ce f6 9d 0c-cf 8a 96 9f 76 72 a4 f7   .y..........vr..
> >       0050 - 66 8c 2e 4a 35 f4 51 5f-b5 cd fc b6 a6 ee 4e 06   f..J5.Q_......N.
> >       0060 - d2 9f 6c 6b 34 a4 19 6c-0b a6 cb 2b 25 47 da ce   ..lk4..l...+%G..
> >       0070 - 32 a1 89 6e 04 47 86 46-e5 6f eb d1 e6 65 73 86   2..n.G.F.o...es.
> >       0080 - 13 a1 f4 4a f1 e3 2c e5-76 a6 e1 24 c2 d6 5c 33   ...J..,.v..$..\3
> >       0090 - fc 6a d2 eb 33 0c 77 ca-56 b6 cb a7 e9 13 fa 6d   .j..3.w.V......m
> >       00a0 - 0e 22 03 51 50 39 e0 91-ca 5d a7 d3 f5 5b cb 4c   .".QP9...]...[.L
> >       00b0 - 2d 56 39 9b c6 ab 87 c7-9b 54 6c 55 17 b6 6d 62   -V9......TlU..mb
> >       00c0 - 28 62 e8 b3 d5 69 17 09-80 dc a8 6b 09 ed c6 18   (b...i.....k....
> >       00d0 - 62 5f fd eb 9b 3a b7 a5-ab db 72 bc 55 df e8 fa   b_...:....r.U...
> >       00e0 - ad 22 f1 bf 0d b3 79 e1-d2 09 4e a3 4e 61 5b 28   ."....y...N.Na[(
> >       00f0 - af ca 3d 1f 53 52 52 72-71 e9 73 28 fd 73 01 90   ..=.SRRrq.s(.s..
> >       0100 - 95                                                .
> >
> >
> > Jon
> >
> > On Mon, Mar 26, 2018 at 5:36 PM, Michael Wojcik <[hidden email]> wrote:
> > I just tried the same commands on my system, using 1.0.2n, and didn't have any problems (as I'd expect).
> >
> > What's the output of openssl asn1parse -dump -in CSR.csr?
> >
> > --
> > Michael Wojcik
> > Distinguished Engineer, Micro Focus
> >
> >
> > --
> > openssl-users mailing list
> > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
> >
> > --
> > openssl-users mailing list
> > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: CSR verify failure

Michael Wojcik
In reply to this post by Jon Uriarte
OK, I see the verify error with the CSR you sent, so it's an issue with creating the CSR, not with verifying it.

Beyond that I don't see the issue, but I'd have to debug it (or decrypt the signature manually) to see what exactly the problem is. OpenSSL is complaining that it expects the signature to use PKCS#1 type 1 padding, but the block-type byte doesn't have value 1, i.e. PKCS#1 v1.5 padding.

I don't know why openssl req -new on your system might have generated a signature with some other type of padding. openssl req doesn't appear to honor -sigopt rsa_padding_mode, for example; I just tried it, and it didn't produce an error, but didn't seem to have any effect either.

--
Michael Wojcik
Distinguished Engineer, Micro Focus



--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: CSR verify failure

Jon Uriarte
In reply to this post by Felipe Gasper-2

On Mon, Mar 26, 2018 at 6:15 PM, Felipe Gasper <[hidden email]> wrote:
I see the same errors with 1.0.2n.

Going by posts I see out-and-about about this error, there seem to be two possibilities:

1) There’s an RSA padding scheme mismatch. Maybe your openssl.cnf has something nonstandard, e.g., raw padding rather than PKCS1?

I paste the openssl.cnf file [1]

2) The signature is simply incorrect. It’s been a while since I did this, but I *believe* you could check this by extracting the bytes for the first-nested SEQUENCE from the ASN.1 structure, get the signature for that blob against your private key, then compare that to the CSR’s stored signature. They should be the same.

I'm not completely sure about how to check this, but I see that some data in the ASN.1 structure matches the modulus in the CSR's key modulus.

      0000 - 00 30 82 01 0a 02 82 01-01 00 e2 6e 84 97 0e d5   .0.........n....
      0010 - ea ad 18 4f 18 73 b3 f8-71 28 12 c2 5c 32 b8 07   ...O.s..q(..\2..
      0020 - bc 01 8c ec 78 60 aa c0-01 18 5c 75 5d 01 76 8f   ....x`....\u].v.
      0030 - b2 92 5c 47 23 f6 9d dc-f6 02 66 1f ca d3 cf a2   ..\G#.....f.....
      0040 - 01 44 58 f9 df f3 a5 8a-c9 a3 47 a7 80 1a 9f 62   .DX.......G....b
      0050 - c4 a3 46 77 e3 96 6a 85-bf 06 ac 0a 51 ea 1a 9d   ..Fw..j.....Q...
      0060 - 03 2a 80 4c 63 6b 81 87-21 b5 56 4d a3 52 4d d9   .*.Lck..!.VM.RM.
      0070 - b4 60 63 f3 14 5e a7 6e-9d f4 b7 5b 7d cb 10 9c   .`c..^.n...[}...
      0080 - 20 d1 be ed 7f 82 81 1c-f2 f0 94 ea a4 c9 6a 3b    .............j;
      0090 - e7 1b cc 44 e7 0c 21 24-57 fa 4e 4d 6d c9 00 b1   ...D..!$W.NMm...
      00a0 - 79 17 e4 7e 76 96 bc 98-42 b8 ab ce a8 07 47 c0   y..~v...B.....G.
      00b0 - bc 06 a7 b8 a7 36 07 2e-ca 80 d9 2c 3a 17 e7 a6   .....6.....,:...
      00c0 - 7c ec 53 1a 6a a1 37 a3-b6 59 00 6b c8 fe 7f f4   |.S.j.7..Y.k....
      00d0 - 2a 72 48 74 93 d6 81 b9-c0 3b 4f a9 9d 84 84 4d   *rHt.....;O....M
      00e0 - 60 76 97 90 0c f8 c7 46-26 94 90 84 c1 95 cb 00   `v.....F&.......
      00f0 - 41 8d 0b 35 41 2a a8 a9-ea 73 fd 08 81 92 46 03   A..5A*...s....F.
      0100 - 1a 1c c5 18 5b 87 dd 3c-a3 0d 02 03 01 00 01      ....[..<.......

                Modulus:
                    00:e2:6e:84:97:0e:d5:ea:ad:18:4f:18:73:b3:f8:
                    71:28:12:c2:5c:32:b8:07:bc:01:8c:ec:78:60:aa:
                    c0:01:18:5c:75:5d:01:76:8f:b2:92:5c:47:23:f6:
                    9d:dc:f6:02:66:1f:ca:d3:cf:a2:01:44:58:f9:df:
                    f3:a5:8a:c9:a3:47:a7:80:1a:9f:62:c4:a3:46:77:
                    e3:96:6a:85:bf:06:ac:0a:51:ea:1a:9d:03:2a:80:
                    4c:63:6b:81:87:21:b5:56:4d:a3:52:4d:d9:b4:60:
                    63:f3:14:5e:a7:6e:9d:f4:b7:5b:7d:cb:10:9c:20:
                    d1:be:ed:7f:82:81:1c:f2:f0:94:ea:a4:c9:6a:3b:
                    e7:1b:cc:44:e7:0c:21:24:57:fa:4e:4d:6d:c9:00:
                    b1:79:17:e4:7e:76:96:bc:98:42:b8:ab:ce:a8:07:
                    47:c0:bc:06:a7:b8:a7:36:07:2e:ca:80:d9:2c:3a:
                    17:e7:a6:7c:ec:53:1a:6a:a1:37:a3:b6:59:00:6b:
                    c8:fe:7f:f4:2a:72:48:74:93:d6:81:b9:c0:3b:4f:
                    a9:9d:84:84:4d:60:76:97:90:0c:f8:c7:46:26:94:
                    90:84:c1:95:cb:00:41:8d:0b:35:41:2a:a8:a9:ea:
                    73:fd:08:81:92:46:03:1a:1c:c5:18:5b:87:dd:3c:
                    a3:0d


Also, did you verify that the modulus and exponent as stored in the CSR match up against your private key file?

They match:

$ openssl req -noout -text -in CSR.csr                                                                                                                                                 
   ...
                Exponent: 65537 (0x10001)

$ openssl rsa -noout -text -in privateKey.key                                                                                                                                          
Private-Key: (2048 bit)
modulus:
   ...
publicExponent: 65537 (0x10001)

$ openssl req -noout -modulus -in CSR.csr                                                                                                                                              
Modulus=E26E84970ED5EAAD184F1873B3F8712812C25C32B807BC018CEC7860AAC001185C755D01768FB2925C4723F69DDCF602661FCAD3C
FA2014458F9DFF3A58AC9A347A7801A9F62C4A34677E3966A85BF06AC0A51EA1A9D032A804C636B818721B5564DA3524DD9B46063F3145EA7
6E9DF4B75B7DCB109C20D1BEED7F82811CF2F094EAA4C96A3BE71BCC44E70C212457FA4E4D6DC900B17917E47E7696BC9842B8ABCEA80747C
0BC06A7B8A736072ECA80D92C3A17E7A67CEC531A6AA137A3B659006BC8FE7FF42A72487493D681B9C03B4FA99D84844D607697900CF8C746
26949084C195CB00418D0B35412AA8A9EA73FD08819246031A1CC5185B87DD3CA30D
$ openssl rsa -noout -modulus -in privateKey.key
Modulus=E26E84970ED5EAAD184F1873B3F8712812C25C32B807BC018CEC7860AAC001185C755D01768FB2925C4723F69DDCF602661FCAD3C
FA2014458F9DFF3A58AC9A347A7801A9F62C4A34677E3966A85BF06AC0A51EA1A9D032A804C636B818721B5564DA3524DD9B46063F3145EA7
6E9DF4B75B7DCB109C20D1BEED7F82811CF2F094EAA4C96A3BE71BCC44E70C212457FA4E4D6DC900B17917E47E7696BC9842B8ABCEA80747C
0BC06A7B8A736072ECA80D92C3A17E7A67CEC531A6AA137A3B659006BC8FE7FF42A72487493D681B9C03B4FA99D84844D607697900CF8C746
26949084C195CB00418D0B35412AA8A9EA73FD08819246031A1CC5185B87DD3CA30D
$ openssl rsa -noout -modulus -in privateKey.key | openssl md5
(stdin)= 7eeda89fc0dcc018e8039af089d28609
$ openssl req -noout -modulus -in CSR.csr | openssl md5                                                                                                                                
(stdin)= 7eeda89fc0dcc018e8039af089d28609



-F



Thank you

Jon


> On Mar 26, 2018, at 11:55 AM, Jon Uriarte <[hidden email]> wrote:
>
> Sure, here it is:
>
> $ cat CSR.csr
> -----BEGIN CERTIFICATE REQUEST-----
> MIIChzCCAW8CAQAwQjELMAkGA1UEBhMCWFgxFTATBgNVBAcMDERlZmF1bHQgQ2l0
> eTEcMBoGA1UECgwTRGVmYXVsdCBDb21wYW55IEx0ZDCCASIwDQYJKoZIhvcNAQEB
> BQADggEPADCCAQoCggEBAOJuhJcO1eqtGE8Yc7P4cSgSwlwyuAe8AYzseGCqwAEY
> XHVdAXaPspJcRyP2ndz2AmYfytPPogFEWPnf86WKyaNHp4Aan2LEo0Z345Zqhb8G
> rApR6hqdAyqATGNrgYchtVZNo1JN2bRgY/MUXqdunfS3W33LEJwg0b7tf4KBHPLw
> lOqkyWo75xvMROcMISRX+k5NbckAsXkX5H52lryYQrirzqgHR8C8Bqe4pzYHLsqA
> 2Sw6F+emfOxTGmqhN6O2WQBryP5/9CpySHST1oG5wDtPqZ2EhE1gdpeQDPjHRiaU
> kITBlcsAQY0LNUEqqKnqc/0IgZJGAxocxRhbh908ow0CAwEAAaAAMA0GCSqGSIb3
> DQEBCwUAA4IBAQBxhvGIfkvJZjZqB/B2ZEtVcODj/BhfmSjUlcQ74NdSZC5CUslc
> y7ozJQiAXiRibaGOcPmeIGY6FNbLECWT/Fr2eciozvadDM+Klp92cqT3ZowuSjX0
> UV+1zfy2pu5OBtKfbGs0pBlsC6bLKyVH2s4yoYluBEeGRuVv69HmZXOGE6H0SvHj
> LOV2puEkwtZcM/xq0uszDHfKVrbLp+kT+m0OIgNRUDngkcpdp9P1W8tMLVY5m8ar
> h8ebVGxVF7ZtYihi6LPVaRcJgNyoawntxhhiX/3rmzq3pavbcrxV3+j6rSLxvw2z
> eeHSCU6jTmFbKK/KPR9TUlJycelzKP1zAZCV
> -----END CERTIFICATE REQUEST-----
>
>
> Jon
>
> On Mon, Mar 26, 2018 at 5:49 PM, Felipe Gasper <[hidden email]> wrote:
> But what is the actual PEM of the CSR?
>
> It should look like:
>
> -----BEGIN CERTIFICATE REQUEST-----
> ...
> -----END CERTIFICATE REQUEST-----
>
> -FG
>
> > On Mar 26, 2018, at 11:47 AM, Jon Uriarte <[hidden email]> wrote:
> >
> > Thanks for your replies.
> >
> > I'm creating the CSR with the default values.
> >
> > $ openssl req -noout -text -in CSR.csr
> > Certificate Request:
> >     Data:
> >         Version: 0 (0x0)
> >         Subject: C=XX, L=Default City, O=Default Company Ltd
> >         Subject Public Key Info:
> >             Public Key Algorithm: rsaEncryption
> >                 Public-Key: (2048 bit)
> >                 Modulus:
> >                     00:e2:6e:84:97:0e:d5:ea:ad:18:4f:18:73:b3:f8:
> >                     71:28:12:c2:5c:32:b8:07:bc:01:8c:ec:78:60:aa:
> >                     c0:01:18:5c:75:5d:01:76:8f:b2:92:5c:47:23:f6:
> >                     9d:dc:f6:02:66:1f:ca:d3:cf:a2:01:44:58:f9:df:
> >                     f3:a5:8a:c9:a3:47:a7:80:1a:9f:62:c4:a3:46:77:
> >                     e3:96:6a:85:bf:06:ac:0a:51:ea:1a:9d:03:2a:80:
> >                     4c:63:6b:81:87:21:b5:56:4d:a3:52:4d:d9:b4:60:
> >                     63:f3:14:5e:a7:6e:9d:f4:b7:5b:7d:cb:10:9c:20:
> >                     d1:be:ed:7f:82:81:1c:f2:f0:94:ea:a4:c9:6a:3b:
> >                     e7:1b:cc:44:e7:0c:21:24:57:fa:4e:4d:6d:c9:00:
> >                     b1:79:17:e4:7e:76:96:bc:98:42:b8:ab:ce:a8:07:
> >                     47:c0:bc:06:a7:b8:a7:36:07:2e:ca:80:d9:2c:3a:
> >                     17:e7:a6:7c:ec:53:1a:6a:a1:37:a3:b6:59:00:6b:
> >                     c8:fe:7f:f4:2a:72:48:74:93:d6:81:b9:c0:3b:4f:
> >                     a9:9d:84:84:4d:60:76:97:90:0c:f8:c7:46:26:94:
> >                     90:84:c1:95:cb:00:41:8d:0b:35:41:2a:a8:a9:ea:
> >                     73:fd:08:81:92:46:03:1a:1c:c5:18:5b:87:dd:3c:
> >                     a3:0d
> >                 Exponent: 65537 (0x10001)
> >         Attributes:
> >             a0:00
> >     Signature Algorithm: sha256WithRSAEncryption
> >          71:86:f1:88:7e:4b:c9:66:36:6a:07:f0:76:64:4b:55:70:e0:
> >          e3:fc:18:5f:99:28:d4:95:c4:3b:e0:d7:52:64:2e:42:52:c9:
> >          5c:cb:ba:33:25:08:80:5e:24:62:6d:a1:8e:70:f9:9e:20:66:
> >          3a:14:d6:cb:10:25:93:fc:5a:f6:79:c8:a8:ce:f6:9d:0c:cf:
> >          8a:96:9f:76:72:a4:f7:66:8c:2e:4a:35:f4:51:5f:b5:cd:fc:
> >          b6:a6:ee:4e:06:d2:9f:6c:6b:34:a4:19:6c:0b:a6:cb:2b:25:
> >          47:da:ce:32:a1:89:6e:04:47:86:46:e5:6f:eb:d1:e6:65:73:
> >          86:13:a1:f4:4a:f1:e3:2c:e5:76:a6:e1:24:c2:d6:5c:33:fc:
> >          6a:d2:eb:33:0c:77:ca:56:b6:cb:a7:e9:13:fa:6d:0e:22:03:
> >          51:50:39:e0:91:ca:5d:a7:d3:f5:5b:cb:4c:2d:56:39:9b:c6:
> >          ab:87:c7:9b:54:6c:55:17:b6:6d:62:28:62:e8:b3:d5:69:17:
> >          09:80:dc:a8:6b:09:ed:c6:18:62:5f:fd:eb:9b:3a:b7:a5:ab:
> >          db:72:bc:55:df:e8:fa:ad:22:f1:bf:0d:b3:79:e1:d2:09:4e:
> >          a3:4e:61:5b:28:af:ca:3d:1f:53:52:52:72:71:e9:73:28:fd:
> >          73:01:90:95
> >
> >
> > $ openssl asn1parse -dump -in CSR.csr
> >     0:d=0  hl=4 l= 647 cons: SEQUENCE
> >     4:d=1  hl=4 l= 367 cons: SEQUENCE
> >     8:d=2  hl=2 l=   1 prim: INTEGER           :00
> >    11:d=2  hl=2 l=  66 cons: SEQUENCE
> >    13:d=3  hl=2 l=  11 cons: SET
> >    15:d=4  hl=2 l=   9 cons: SEQUENCE
> >    17:d=5  hl=2 l=   3 prim: OBJECT            :countryName
> >    22:d=5  hl=2 l=   2 prim: PRINTABLESTRING   :XX
> >    26:d=3  hl=2 l=  21 cons: SET
> >    28:d=4  hl=2 l=  19 cons: SEQUENCE
> >    30:d=5  hl=2 l=   3 prim: OBJECT            :localityName
> >    35:d=5  hl=2 l=  12 prim: UTF8STRING        :Default City
> >    49:d=3  hl=2 l=  28 cons: SET
> >    51:d=4  hl=2 l=  26 cons: SEQUENCE
> >    53:d=5  hl=2 l=   3 prim: OBJECT            :organizationName
> >    58:d=5  hl=2 l=  19 prim: UTF8STRING        :Default Company Ltd
> >    79:d=2  hl=4 l= 290 cons: SEQUENCE
> >    83:d=3  hl=2 l=  13 cons: SEQUENCE
> >    85:d=4  hl=2 l=   9 prim: OBJECT            :rsaEncryption
> >    96:d=4  hl=2 l=   0 prim: NULL
> >    98:d=3  hl=4 l= 271 prim: BIT STRING
> >       0000 - 00 30 82 01 0a 02 82 01-01 00 e2 6e 84 97 0e d5   .0.........n....
> >       0010 - ea ad 18 4f 18 73 b3 f8-71 28 12 c2 5c 32 b8 07   ...O.s..q(..\2..
> >       0020 - bc 01 8c ec 78 60 aa c0-01 18 5c 75 5d 01 76 8f   ....x`....\u].v.
> >       0030 - b2 92 5c 47 23 f6 9d dc-f6 02 66 1f ca d3 cf a2   ..\G#.....f.....
> >       0040 - 01 44 58 f9 df f3 a5 8a-c9 a3 47 a7 80 1a 9f 62   .DX.......G....b
> >       0050 - c4 a3 46 77 e3 96 6a 85-bf 06 ac 0a 51 ea 1a 9d   ..Fw..j.....Q...
> >       0060 - 03 2a 80 4c 63 6b 81 87-21 b5 56 4d a3 52 4d d9   .*.Lck..!.VM.RM.
> >       0070 - b4 60 63 f3 14 5e a7 6e-9d f4 b7 5b 7d cb 10 9c   .`c..^.n...[}...
> >       0080 - 20 d1 be ed 7f 82 81 1c-f2 f0 94 ea a4 c9 6a 3b    .............j;
> >       0090 - e7 1b cc 44 e7 0c 21 24-57 fa 4e 4d 6d c9 00 b1   ...D..!$W.NMm...
> >       00a0 - 79 17 e4 7e 76 96 bc 98-42 b8 ab ce a8 07 47 c0   y..~v...B.....G.
> >       00b0 - bc 06 a7 b8 a7 36 07 2e-ca 80 d9 2c 3a 17 e7 a6   .....6.....,:...
> >       00c0 - 7c ec 53 1a 6a a1 37 a3-b6 59 00 6b c8 fe 7f f4   |.S.j.7..Y.k....
> >       00d0 - 2a 72 48 74 93 d6 81 b9-c0 3b 4f a9 9d 84 84 4d   *rHt.....;O....M
> >       00e0 - 60 76 97 90 0c f8 c7 46-26 94 90 84 c1 95 cb 00   `v.....F&.......
> >       00f0 - 41 8d 0b 35 41 2a a8 a9-ea 73 fd 08 81 92 46 03   A..5A*...s....F.
> >       0100 - 1a 1c c5 18 5b 87 dd 3c-a3 0d 02 03 01 00 01      ....[..<.......
> >   373:d=2  hl=2 l=   0 cons: cont [ 0 ]
> >   375:d=1  hl=2 l=  13 cons: SEQUENCE
> >   377:d=2  hl=2 l=   9 prim: OBJECT            :sha256WithRSAEncryption
> >   388:d=2  hl=2 l=   0 prim: NULL
> >   390:d=1  hl=4 l= 257 prim: BIT STRING
> >       0000 - 00 71 86 f1 88 7e 4b c9-66 36 6a 07 f0 76 64 4b   .q...~K.f6j..vdK
> >       0010 - 55 70 e0 e3 fc 18 5f 99-28 d4 95 c4 3b e0 d7 52   Up...._.(...;..R
> >       0020 - 64 2e 42 52 c9 5c cb ba-33 25 08 80 5e 24 62 6d   d.BR.\..3%..^$bm
> >       0030 - a1 8e 70 f9 9e 20 66 3a-14 d6 cb 10 25 93 fc 5a   ..p.. f:....%..Z
> >       0040 - f6 79 c8 a8 ce f6 9d 0c-cf 8a 96 9f 76 72 a4 f7   .y..........vr..
> >       0050 - 66 8c 2e 4a 35 f4 51 5f-b5 cd fc b6 a6 ee 4e 06   f..J5.Q_......N.
> >       0060 - d2 9f 6c 6b 34 a4 19 6c-0b a6 cb 2b 25 47 da ce   ..lk4..l...+%G..
> >       0070 - 32 a1 89 6e 04 47 86 46-e5 6f eb d1 e6 65 73 86   2..n.G.F.o...es.
> >       0080 - 13 a1 f4 4a f1 e3 2c e5-76 a6 e1 24 c2 d6 5c 33   ...J..,.v..$..\3
> >       0090 - fc 6a d2 eb 33 0c 77 ca-56 b6 cb a7 e9 13 fa 6d   .j..3.w.V......m
> >       00a0 - 0e 22 03 51 50 39 e0 91-ca 5d a7 d3 f5 5b cb 4c   .".QP9...]...[.L
> >       00b0 - 2d 56 39 9b c6 ab 87 c7-9b 54 6c 55 17 b6 6d 62   -V9......TlU..mb
> >       00c0 - 28 62 e8 b3 d5 69 17 09-80 dc a8 6b 09 ed c6 18   (b...i.....k....
> >       00d0 - 62 5f fd eb 9b 3a b7 a5-ab db 72 bc 55 df e8 fa   b_...:....r.U...
> >       00e0 - ad 22 f1 bf 0d b3 79 e1-d2 09 4e a3 4e 61 5b 28   ."....y...N.Na[(
> >       00f0 - af ca 3d 1f 53 52 52 72-71 e9 73 28 fd 73 01 90   ..=.SRRrq.s(.s..
> >       0100 - 95                                                .
> >
> >
> > Jon
> >
> > On Mon, Mar 26, 2018 at 5:36 PM, Michael Wojcik <[hidden email]> wrote:
> > I just tried the same commands on my system, using 1.0.2n, and didn't have any problems (as I'd expect).
> >
> > What's the output of openssl asn1parse -dump -in CSR.csr?
> >
> > --
> > Michael Wojcik
> > Distinguished Engineer, Micro Focus
> >
> >
> > --
> > openssl-users mailing list
> > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
> >
> > --
> > openssl-users mailing list
> > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users


--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: CSR verify failure

Dave Coombs
In reply to this post by Felipe Gasper-2
Yeah, it looks like the signature is just wrong.  Even setting aside the question of padding, I used rsautl -verify -raw on the signature using the CSR's public key, and I would expect to see a pair of sequence tags (0x30) with sensible lengths somewhere inside, and I don't.

hulk:/tmp $ openssl req -in CSR.pem -pubkey -noout -out pubkey.pem

(not shown: asn1parse to find the offset of the start of the signature)

hulk:/tmp $ openssl asn1parse -in CSR.pem -i -strparse 390 -out /tmp/sig.bin > /dev/null 2>&1

hulk:/tmp $ openssl rsautl -verify -pubin -inkey pubkey.pem -in sig.bin -raw | xxd
00000000: def6 b025 c8eb d0b0 02b4 dd99 cfe6 81fa  ...%............
00000010: 12cb 3085 5102 aa40 84c6 d510 222b 8648  ..0.Q..@...."+.H
00000020: c891 03eb 7440 0ced d43b 4fcf 498b ae80  ....t@...;O.I...
00000030: 0822 3ad1 d77c 3f45 db41 c0ce 6fe4 7390  .":..|?E.A..o.s.
00000040: 4b87 db0a b87a 688a 1f5f 1061 e7cd 3b44  K....zh.._.a..;D
00000050: a4eb cca6 d4b4 7a8e eb4e 3642 309b 7101  ......z..N6B0.q.
00000060: 81fb fbfb 44a5 5b81 8d61 38ec 7785 aced  ....D.[..a8.w...
00000070: 9035 add7 b1d6 1ffd a0dc 58ec 700c 8ae9  .5........X.p...
00000080: f994 33c5 ffa8 70be 1db2 dc86 0587 b70c  ..3...p.........
00000090: 185d 7b61 226e 939a 0e6a 41ca 3fa0 ff74  .]{a"n...jA.?..t
000000a0: 1ca1 1abd 9203 91a1 0750 07d4 a8da 1114  .........P......
000000b0: 80f9 2cf8 9d22 309c 203c c92e 6e20 4bd3  ..,.."0. <..n K.
000000c0: 2a98 f1e4 9d9a f0c2 5411 2a0d 9931 1ca8  *.......T.*..1..
000000d0: 5f14 ec51 cbe1 e37f 5d6e 683e 2dab b4ed  _..Q....]nh>-...
000000e0: 21c5 8632 4b03 af1a 2b66 35f7 9e2a c326  !..2K...+f5..*.&
000000f0: 0ebc 84ad 664f b882 83eb 8c5a dc03 6eb4  ....fO.....Z..n.

Contrast with what I pulled out from a known-good sha256WithRSAEncryption CSR:

hulk:/tmp $ openssl rsautl -verify -pubin -inkey pubkey2.pem -in sig2.bin -raw | xxd
00000000: 0001 ffff ffff ffff ffff ffff ffff ffff  ................
00000010: ffff ffff ffff ffff ffff ffff ffff ffff  ................
00000020: ffff ffff ffff ffff ffff ffff ffff ffff  ................
00000030: ffff ffff ffff ffff ffff ffff ffff ffff  ................
00000040: ffff ffff ffff ffff ffff ffff ffff ffff  ................
00000050: ffff ffff ffff ffff ffff ffff ffff ffff  ................
00000060: ffff ffff ffff ffff ffff ffff ffff ffff  ................
00000070: ffff ffff ffff ffff ffff ffff ffff ffff  ................
00000080: ffff ffff ffff ffff ffff ffff ffff ffff  ................
00000090: ffff ffff ffff ffff ffff ffff ffff ffff  ................
000000a0: ffff ffff ffff ffff ffff ffff ffff ffff  ................
000000b0: ffff ffff ffff ffff ffff ffff ffff ffff  ................
000000c0: ffff ffff ffff ffff ffff ffff 0030 3130  .............010
000000d0: 0d06 0960 8648 0165 0304 0201 0500 0420  ...`.H.e.......
000000e0: 52fc 1687 6e70 15a1 7c40 1e1a e083 0c74  R...np..|@.....t
000000f0: f6bb 761b 9656 4df7 5edd 02ac f414 bd5b  ..v..VM.^......[

Where you can clearly see the two sequence tags after the end of the padding.

hulk:/tmp $ openssl rsautl -verify -pubin -inkey pubkey2.pem -in sig2.bin | openssl asn1parse -inform der -i
    0:d=0  hl=2 l=  49 cons: SEQUENCE
    2:d=1  hl=2 l=  13 cons:  SEQUENCE
    4:d=2  hl=2 l=   9 prim:   OBJECT            :sha256
   15:d=2  hl=2 l=   0 prim:   NULL
   17:d=1  hl=2 l=  32 prim:  OCTET STRING      [HEX DUMP]:52FC16876E7015A17C401E1AE0830C74F6BB761B96564DF75EDD02ACF414BD5B

As to how this *happened*, I'm afraid I've no idea.

  -Dave



> On Mar 26, 2018, at 12:15, Felipe Gasper <[hidden email]> wrote:
>
> I see the same errors with 1.0.2n.
>
> Going by posts I see out-and-about about this error, there seem to be two possibilities:
>
> 1) There’s an RSA padding scheme mismatch. Maybe your openssl.cnf has something nonstandard, e.g., raw padding rather than PKCS1?
>
> 2) The signature is simply incorrect. It’s been a while since I did this, but I *believe* you could check this by extracting the bytes for the first-nested SEQUENCE from the ASN.1 structure, get the signature for that blob against your private key, then compare that to the CSR’s stored signature. They should be the same.
>
> Also, did you verify that the modulus and exponent as stored in the CSR match up against your private key file?
>
> -F
>
>> On Mar 26, 2018, at 11:55 AM, Jon Uriarte <[hidden email]> wrote:
>>
>> Sure, here it is:
>>
>> $ cat CSR.csr
>> -----BEGIN CERTIFICATE REQUEST-----
>> MIIChzCCAW8CAQAwQjELMAkGA1UEBhMCWFgxFTATBgNVBAcMDERlZmF1bHQgQ2l0
>> eTEcMBoGA1UECgwTRGVmYXVsdCBDb21wYW55IEx0ZDCCASIwDQYJKoZIhvcNAQEB
>> BQADggEPADCCAQoCggEBAOJuhJcO1eqtGE8Yc7P4cSgSwlwyuAe8AYzseGCqwAEY
>> XHVdAXaPspJcRyP2ndz2AmYfytPPogFEWPnf86WKyaNHp4Aan2LEo0Z345Zqhb8G
>> rApR6hqdAyqATGNrgYchtVZNo1JN2bRgY/MUXqdunfS3W33LEJwg0b7tf4KBHPLw
>> lOqkyWo75xvMROcMISRX+k5NbckAsXkX5H52lryYQrirzqgHR8C8Bqe4pzYHLsqA
>> 2Sw6F+emfOxTGmqhN6O2WQBryP5/9CpySHST1oG5wDtPqZ2EhE1gdpeQDPjHRiaU
>> kITBlcsAQY0LNUEqqKnqc/0IgZJGAxocxRhbh908ow0CAwEAAaAAMA0GCSqGSIb3
>> DQEBCwUAA4IBAQBxhvGIfkvJZjZqB/B2ZEtVcODj/BhfmSjUlcQ74NdSZC5CUslc
>> y7ozJQiAXiRibaGOcPmeIGY6FNbLECWT/Fr2eciozvadDM+Klp92cqT3ZowuSjX0
>> UV+1zfy2pu5OBtKfbGs0pBlsC6bLKyVH2s4yoYluBEeGRuVv69HmZXOGE6H0SvHj
>> LOV2puEkwtZcM/xq0uszDHfKVrbLp+kT+m0OIgNRUDngkcpdp9P1W8tMLVY5m8ar
>> h8ebVGxVF7ZtYihi6LPVaRcJgNyoawntxhhiX/3rmzq3pavbcrxV3+j6rSLxvw2z
>> eeHSCU6jTmFbKK/KPR9TUlJycelzKP1zAZCV
>> -----END CERTIFICATE REQUEST-----
>>
>>
>> Jon
>>
>> On Mon, Mar 26, 2018 at 5:49 PM, Felipe Gasper <[hidden email]> wrote:
>> But what is the actual PEM of the CSR?
>>
>> It should look like:
>>
>> -----BEGIN CERTIFICATE REQUEST-----
>> ...
>> -----END CERTIFICATE REQUEST-----
>>
>> -FG
>>
>>> On Mar 26, 2018, at 11:47 AM, Jon Uriarte <[hidden email]> wrote:
>>>
>>> Thanks for your replies.
>>>
>>> I'm creating the CSR with the default values.
>>>
>>> $ openssl req -noout -text -in CSR.csr
>>> Certificate Request:
>>>    Data:
>>>        Version: 0 (0x0)
>>>        Subject: C=XX, L=Default City, O=Default Company Ltd
>>>        Subject Public Key Info:
>>>            Public Key Algorithm: rsaEncryption
>>>                Public-Key: (2048 bit)
>>>                Modulus:
>>>                    00:e2:6e:84:97:0e:d5:ea:ad:18:4f:18:73:b3:f8:
>>>                    71:28:12:c2:5c:32:b8:07:bc:01:8c:ec:78:60:aa:
>>>                    c0:01:18:5c:75:5d:01:76:8f:b2:92:5c:47:23:f6:
>>>                    9d:dc:f6:02:66:1f:ca:d3:cf:a2:01:44:58:f9:df:
>>>                    f3:a5:8a:c9:a3:47:a7:80:1a:9f:62:c4:a3:46:77:
>>>                    e3:96:6a:85:bf:06:ac:0a:51:ea:1a:9d:03:2a:80:
>>>                    4c:63:6b:81:87:21:b5:56:4d:a3:52:4d:d9:b4:60:
>>>                    63:f3:14:5e:a7:6e:9d:f4:b7:5b:7d:cb:10:9c:20:
>>>                    d1:be:ed:7f:82:81:1c:f2:f0:94:ea:a4:c9:6a:3b:
>>>                    e7:1b:cc:44:e7:0c:21:24:57:fa:4e:4d:6d:c9:00:
>>>                    b1:79:17:e4:7e:76:96:bc:98:42:b8:ab:ce:a8:07:
>>>                    47:c0:bc:06:a7:b8:a7:36:07:2e:ca:80:d9:2c:3a:
>>>                    17:e7:a6:7c:ec:53:1a:6a:a1:37:a3:b6:59:00:6b:
>>>                    c8:fe:7f:f4:2a:72:48:74:93:d6:81:b9:c0:3b:4f:
>>>                    a9:9d:84:84:4d:60:76:97:90:0c:f8:c7:46:26:94:
>>>                    90:84:c1:95:cb:00:41:8d:0b:35:41:2a:a8:a9:ea:
>>>                    73:fd:08:81:92:46:03:1a:1c:c5:18:5b:87:dd:3c:
>>>                    a3:0d
>>>                Exponent: 65537 (0x10001)
>>>        Attributes:
>>>            a0:00
>>>    Signature Algorithm: sha256WithRSAEncryption
>>>         71:86:f1:88:7e:4b:c9:66:36:6a:07:f0:76:64:4b:55:70:e0:
>>>         e3:fc:18:5f:99:28:d4:95:c4:3b:e0:d7:52:64:2e:42:52:c9:
>>>         5c:cb:ba:33:25:08:80:5e:24:62:6d:a1:8e:70:f9:9e:20:66:
>>>         3a:14:d6:cb:10:25:93:fc:5a:f6:79:c8:a8:ce:f6:9d:0c:cf:
>>>         8a:96:9f:76:72:a4:f7:66:8c:2e:4a:35:f4:51:5f:b5:cd:fc:
>>>         b6:a6:ee:4e:06:d2:9f:6c:6b:34:a4:19:6c:0b:a6:cb:2b:25:
>>>         47:da:ce:32:a1:89:6e:04:47:86:46:e5:6f:eb:d1:e6:65:73:
>>>         86:13:a1:f4:4a:f1:e3:2c:e5:76:a6:e1:24:c2:d6:5c:33:fc:
>>>         6a:d2:eb:33:0c:77:ca:56:b6:cb:a7:e9:13:fa:6d:0e:22:03:
>>>         51:50:39:e0:91:ca:5d:a7:d3:f5:5b:cb:4c:2d:56:39:9b:c6:
>>>         ab:87:c7:9b:54:6c:55:17:b6:6d:62:28:62:e8:b3:d5:69:17:
>>>         09:80:dc:a8:6b:09:ed:c6:18:62:5f:fd:eb:9b:3a:b7:a5:ab:
>>>         db:72:bc:55:df:e8:fa:ad:22:f1:bf:0d:b3:79:e1:d2:09:4e:
>>>         a3:4e:61:5b:28:af:ca:3d:1f:53:52:52:72:71:e9:73:28:fd:
>>>         73:01:90:95
>>>
>>>
>>> $ openssl asn1parse -dump -in CSR.csr
>>>    0:d=0  hl=4 l= 647 cons: SEQUENCE
>>>    4:d=1  hl=4 l= 367 cons: SEQUENCE
>>>    8:d=2  hl=2 l=   1 prim: INTEGER           :00
>>>   11:d=2  hl=2 l=  66 cons: SEQUENCE
>>>   13:d=3  hl=2 l=  11 cons: SET
>>>   15:d=4  hl=2 l=   9 cons: SEQUENCE
>>>   17:d=5  hl=2 l=   3 prim: OBJECT            :countryName
>>>   22:d=5  hl=2 l=   2 prim: PRINTABLESTRING   :XX
>>>   26:d=3  hl=2 l=  21 cons: SET
>>>   28:d=4  hl=2 l=  19 cons: SEQUENCE
>>>   30:d=5  hl=2 l=   3 prim: OBJECT            :localityName
>>>   35:d=5  hl=2 l=  12 prim: UTF8STRING        :Default City
>>>   49:d=3  hl=2 l=  28 cons: SET
>>>   51:d=4  hl=2 l=  26 cons: SEQUENCE
>>>   53:d=5  hl=2 l=   3 prim: OBJECT            :organizationName
>>>   58:d=5  hl=2 l=  19 prim: UTF8STRING        :Default Company Ltd
>>>   79:d=2  hl=4 l= 290 cons: SEQUENCE
>>>   83:d=3  hl=2 l=  13 cons: SEQUENCE
>>>   85:d=4  hl=2 l=   9 prim: OBJECT            :rsaEncryption
>>>   96:d=4  hl=2 l=   0 prim: NULL
>>>   98:d=3  hl=4 l= 271 prim: BIT STRING
>>>      0000 - 00 30 82 01 0a 02 82 01-01 00 e2 6e 84 97 0e d5   .0.........n....
>>>      0010 - ea ad 18 4f 18 73 b3 f8-71 28 12 c2 5c 32 b8 07   ...O.s..q(..\2..
>>>      0020 - bc 01 8c ec 78 60 aa c0-01 18 5c 75 5d 01 76 8f   ....x`....\u].v.
>>>      0030 - b2 92 5c 47 23 f6 9d dc-f6 02 66 1f ca d3 cf a2   ..\G#.....f.....
>>>      0040 - 01 44 58 f9 df f3 a5 8a-c9 a3 47 a7 80 1a 9f 62   .DX.......G....b
>>>      0050 - c4 a3 46 77 e3 96 6a 85-bf 06 ac 0a 51 ea 1a 9d   ..Fw..j.....Q...
>>>      0060 - 03 2a 80 4c 63 6b 81 87-21 b5 56 4d a3 52 4d d9   .*.Lck..!.VM.RM.
>>>      0070 - b4 60 63 f3 14 5e a7 6e-9d f4 b7 5b 7d cb 10 9c   .`c..^.n...[}...
>>>      0080 - 20 d1 be ed 7f 82 81 1c-f2 f0 94 ea a4 c9 6a 3b    .............j;
>>>      0090 - e7 1b cc 44 e7 0c 21 24-57 fa 4e 4d 6d c9 00 b1   ...D..!$W.NMm...
>>>      00a0 - 79 17 e4 7e 76 96 bc 98-42 b8 ab ce a8 07 47 c0   y..~v...B.....G.
>>>      00b0 - bc 06 a7 b8 a7 36 07 2e-ca 80 d9 2c 3a 17 e7 a6   .....6.....,:...
>>>      00c0 - 7c ec 53 1a 6a a1 37 a3-b6 59 00 6b c8 fe 7f f4   |.S.j.7..Y.k....
>>>      00d0 - 2a 72 48 74 93 d6 81 b9-c0 3b 4f a9 9d 84 84 4d   *rHt.....;O....M
>>>      00e0 - 60 76 97 90 0c f8 c7 46-26 94 90 84 c1 95 cb 00   `v.....F&.......
>>>      00f0 - 41 8d 0b 35 41 2a a8 a9-ea 73 fd 08 81 92 46 03   A..5A*...s....F.
>>>      0100 - 1a 1c c5 18 5b 87 dd 3c-a3 0d 02 03 01 00 01      ....[..<.......
>>>  373:d=2  hl=2 l=   0 cons: cont [ 0 ]
>>>  375:d=1  hl=2 l=  13 cons: SEQUENCE
>>>  377:d=2  hl=2 l=   9 prim: OBJECT            :sha256WithRSAEncryption
>>>  388:d=2  hl=2 l=   0 prim: NULL
>>>  390:d=1  hl=4 l= 257 prim: BIT STRING
>>>      0000 - 00 71 86 f1 88 7e 4b c9-66 36 6a 07 f0 76 64 4b   .q...~K.f6j..vdK
>>>      0010 - 55 70 e0 e3 fc 18 5f 99-28 d4 95 c4 3b e0 d7 52   Up...._.(...;..R
>>>      0020 - 64 2e 42 52 c9 5c cb ba-33 25 08 80 5e 24 62 6d   d.BR.\..3%..^$bm
>>>      0030 - a1 8e 70 f9 9e 20 66 3a-14 d6 cb 10 25 93 fc 5a   ..p.. f:....%..Z
>>>      0040 - f6 79 c8 a8 ce f6 9d 0c-cf 8a 96 9f 76 72 a4 f7   .y..........vr..
>>>      0050 - 66 8c 2e 4a 35 f4 51 5f-b5 cd fc b6 a6 ee 4e 06   f..J5.Q_......N.
>>>      0060 - d2 9f 6c 6b 34 a4 19 6c-0b a6 cb 2b 25 47 da ce   ..lk4..l...+%G..
>>>      0070 - 32 a1 89 6e 04 47 86 46-e5 6f eb d1 e6 65 73 86   2..n.G.F.o...es.
>>>      0080 - 13 a1 f4 4a f1 e3 2c e5-76 a6 e1 24 c2 d6 5c 33   ...J..,.v..$..\3
>>>      0090 - fc 6a d2 eb 33 0c 77 ca-56 b6 cb a7 e9 13 fa 6d   .j..3.w.V......m
>>>      00a0 - 0e 22 03 51 50 39 e0 91-ca 5d a7 d3 f5 5b cb 4c   .".QP9...]...[.L
>>>      00b0 - 2d 56 39 9b c6 ab 87 c7-9b 54 6c 55 17 b6 6d 62   -V9......TlU..mb
>>>      00c0 - 28 62 e8 b3 d5 69 17 09-80 dc a8 6b 09 ed c6 18   (b...i.....k....
>>>      00d0 - 62 5f fd eb 9b 3a b7 a5-ab db 72 bc 55 df e8 fa   b_...:....r.U...
>>>      00e0 - ad 22 f1 bf 0d b3 79 e1-d2 09 4e a3 4e 61 5b 28   ."....y...N.Na[(
>>>      00f0 - af ca 3d 1f 53 52 52 72-71 e9 73 28 fd 73 01 90   ..=.SRRrq.s(.s..
>>>      0100 - 95                                                .
>>>
>>>
>>> Jon
>>>
>>> On Mon, Mar 26, 2018 at 5:36 PM, Michael Wojcik <[hidden email]> wrote:
>>> I just tried the same commands on my system, using 1.0.2n, and didn't have any problems (as I'd expect).
>>>
>>> What's the output of openssl asn1parse -dump -in CSR.csr?
>>>
>>> --
>>> Michael Wojcik
>>> Distinguished Engineer, Micro Focus
>>>
>>>
>>> --
>>> openssl-users mailing list
>>> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>>>
>>> --
>>> openssl-users mailing list
>>> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>>
>> --
>> openssl-users mailing list
>> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>>
>> --
>> openssl-users mailing list
>> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: CSR verify failure

Jon Uriarte
Hey all,

Thanks a lot for your comments, they helped me to realize that I was configuring/doing something wrong.

I was hitting the CSR creation issues on a virtual machine, and the source of the wrong signature seems to be related to the virtualization type I was using.
When using qemu the issue is reproduced, and when using kvm it is not reproduced. CSR verification and crt creation is working since I changed to kvm
virtualization type in the hypervisor.

Thanks again

Jon


On Mon, Mar 26, 2018 at 8:00 PM, Dave Coombs <[hidden email]> wrote:
Yeah, it looks like the signature is just wrong.  Even setting aside the question of padding, I used rsautl -verify -raw on the signature using the CSR's public key, and I would expect to see a pair of sequence tags (0x30) with sensible lengths somewhere inside, and I don't.

hulk:/tmp $ openssl req -in CSR.pem -pubkey -noout -out pubkey.pem

(not shown: asn1parse to find the offset of the start of the signature)

hulk:/tmp $ openssl asn1parse -in CSR.pem -i -strparse 390 -out /tmp/sig.bin > /dev/null 2>&1

hulk:/tmp $ openssl rsautl -verify -pubin -inkey pubkey.pem -in sig.bin -raw | xxd
00000000: def6 b025 c8eb d0b0 02b4 dd99 cfe6 81fa  ...%............
00000010: 12cb 3085 5102 aa40 84c6 d510 222b 8648  ..0.Q..@...."+.H
00000020: c891 03eb 7440 0ced d43b 4fcf 498b ae80  ....t@...;O.I...
00000030: 0822 3ad1 d77c 3f45 db41 c0ce 6fe4 7390  .":..|?E.A..o.s.
00000040: 4b87 db0a b87a 688a 1f5f 1061 e7cd 3b44  K....zh.._.a..;D
00000050: a4eb cca6 d4b4 7a8e eb4e 3642 309b 7101  ......z..N6B0.q.
00000060: 81fb fbfb 44a5 5b81 8d61 38ec 7785 aced  ....D.[..a8.w...
00000070: 9035 add7 b1d6 1ffd a0dc 58ec 700c 8ae9  .5........X.p...
00000080: f994 33c5 ffa8 70be 1db2 dc86 0587 b70c  ..3...p.........
00000090: 185d 7b61 226e 939a 0e6a 41ca 3fa0 ff74  .]{a"n...jA.?..t
000000a0: 1ca1 1abd 9203 91a1 0750 07d4 a8da 1114  .........P......
000000b0: 80f9 2cf8 9d22 309c 203c c92e 6e20 4bd3  ..,.."0. <..n K.
000000c0: 2a98 f1e4 9d9a f0c2 5411 2a0d 9931 1ca8  *.......T.*..1..
000000d0: 5f14 ec51 cbe1 e37f 5d6e 683e 2dab b4ed  _..Q....]nh>-...
000000e0: 21c5 8632 4b03 af1a 2b66 35f7 9e2a c326  !..2K...+f5..*.&
000000f0: 0ebc 84ad 664f b882 83eb 8c5a dc03 6eb4  ....fO.....Z..n.

Contrast with what I pulled out from a known-good sha256WithRSAEncryption CSR:

hulk:/tmp $ openssl rsautl -verify -pubin -inkey pubkey2.pem -in sig2.bin -raw | xxd
00000000: 0001 ffff ffff ffff ffff ffff ffff ffff  ................
00000010: ffff ffff ffff ffff ffff ffff ffff ffff  ................
00000020: ffff ffff ffff ffff ffff ffff ffff ffff  ................
00000030: ffff ffff ffff ffff ffff ffff ffff ffff  ................
00000040: ffff ffff ffff ffff ffff ffff ffff ffff  ................
00000050: ffff ffff ffff ffff ffff ffff ffff ffff  ................
00000060: ffff ffff ffff ffff ffff ffff ffff ffff  ................
00000070: ffff ffff ffff ffff ffff ffff ffff ffff  ................
00000080: ffff ffff ffff ffff ffff ffff ffff ffff  ................
00000090: ffff ffff ffff ffff ffff ffff ffff ffff  ................
000000a0: ffff ffff ffff ffff ffff ffff ffff ffff  ................
000000b0: ffff ffff ffff ffff ffff ffff ffff ffff  ................
000000c0: ffff ffff ffff ffff ffff ffff 0030 3130  .............010
000000d0: 0d06 0960 8648 0165 0304 0201 0500 0420  ...`.H.e.......
000000e0: 52fc 1687 6e70 15a1 7c40 1e1a e083 0c74  R...np..|@.....t
000000f0: f6bb 761b 9656 4df7 5edd 02ac f414 bd5b  ..v..VM.^......[

Where you can clearly see the two sequence tags after the end of the padding.

hulk:/tmp $ openssl rsautl -verify -pubin -inkey pubkey2.pem -in sig2.bin | openssl asn1parse -inform der -i
    0:d=0  hl=2 l=  49 cons: SEQUENCE
    2:d=1  hl=2 l=  13 cons:  SEQUENCE
    4:d=2  hl=2 l=   9 prim:   OBJECT            :sha256
   15:d=2  hl=2 l=   0 prim:   NULL
   17:d=1  hl=2 l=  32 prim:  OCTET STRING      [HEX DUMP]:52FC16876E7015A17C401E1AE0830C74F6BB761B96564DF75EDD02ACF414BD5B

As to how this *happened*, I'm afraid I've no idea.

  -Dave



> On Mar 26, 2018, at 12:15, Felipe Gasper <[hidden email]> wrote:
>
> I see the same errors with 1.0.2n.
>
> Going by posts I see out-and-about about this error, there seem to be two possibilities:
>
> 1) There’s an RSA padding scheme mismatch. Maybe your openssl.cnf has something nonstandard, e.g., raw padding rather than PKCS1?
>
> 2) The signature is simply incorrect. It’s been a while since I did this, but I *believe* you could check this by extracting the bytes for the first-nested SEQUENCE from the ASN.1 structure, get the signature for that blob against your private key, then compare that to the CSR’s stored signature. They should be the same.
>
> Also, did you verify that the modulus and exponent as stored in the CSR match up against your private key file?
>
> -F
>
>> On Mar 26, 2018, at 11:55 AM, Jon Uriarte <[hidden email]> wrote:
>>
>> Sure, here it is:
>>
>> $ cat CSR.csr
>> -----BEGIN CERTIFICATE REQUEST-----
>> MIIChzCCAW8CAQAwQjELMAkGA1UEBhMCWFgxFTATBgNVBAcMDERlZmF1bHQgQ2l0
>> eTEcMBoGA1UECgwTRGVmYXVsdCBDb21wYW55IEx0ZDCCASIwDQYJKoZIhvcNAQEB
>> BQADggEPADCCAQoCggEBAOJuhJcO1eqtGE8Yc7P4cSgSwlwyuAe8AYzseGCqwAEY
>> XHVdAXaPspJcRyP2ndz2AmYfytPPogFEWPnf86WKyaNHp4Aan2LEo0Z345Zqhb8G
>> rApR6hqdAyqATGNrgYchtVZNo1JN2bRgY/MUXqdunfS3W33LEJwg0b7tf4KBHPLw
>> lOqkyWo75xvMROcMISRX+k5NbckAsXkX5H52lryYQrirzqgHR8C8Bqe4pzYHLsqA
>> 2Sw6F+emfOxTGmqhN6O2WQBryP5/9CpySHST1oG5wDtPqZ2EhE1gdpeQDPjHRiaU
>> kITBlcsAQY0LNUEqqKnqc/0IgZJGAxocxRhbh908ow0CAwEAAaAAMA0GCSqGSIb3
>> DQEBCwUAA4IBAQBxhvGIfkvJZjZqB/B2ZEtVcODj/BhfmSjUlcQ74NdSZC5CUslc
>> y7ozJQiAXiRibaGOcPmeIGY6FNbLECWT/Fr2eciozvadDM+Klp92cqT3ZowuSjX0
>> UV+1zfy2pu5OBtKfbGs0pBlsC6bLKyVH2s4yoYluBEeGRuVv69HmZXOGE6H0SvHj
>> LOV2puEkwtZcM/xq0uszDHfKVrbLp+kT+m0OIgNRUDngkcpdp9P1W8tMLVY5m8ar
>> h8ebVGxVF7ZtYihi6LPVaRcJgNyoawntxhhiX/3rmzq3pavbcrxV3+j6rSLxvw2z
>> eeHSCU6jTmFbKK/KPR9TUlJycelzKP1zAZCV
>> -----END CERTIFICATE REQUEST-----
>>
>>
>> Jon
>>
>> On Mon, Mar 26, 2018 at 5:49 PM, Felipe Gasper <[hidden email]> wrote:
>> But what is the actual PEM of the CSR?
>>
>> It should look like:
>>
>> -----BEGIN CERTIFICATE REQUEST-----
>> ...
>> -----END CERTIFICATE REQUEST-----
>>
>> -FG
>>
>>> On Mar 26, 2018, at 11:47 AM, Jon Uriarte <[hidden email]> wrote:
>>>
>>> Thanks for your replies.
>>>
>>> I'm creating the CSR with the default values.
>>>
>>> $ openssl req -noout -text -in CSR.csr
>>> Certificate Request:
>>>    Data:
>>>        Version: 0 (0x0)
>>>        Subject: C=XX, L=Default City, O=Default Company Ltd
>>>        Subject Public Key Info:
>>>            Public Key Algorithm: rsaEncryption
>>>                Public-Key: (2048 bit)
>>>                Modulus:
>>>                    00:e2:6e:84:97:0e:d5:ea:ad:18:4f:18:73:b3:f8:
>>>                    71:28:12:c2:5c:32:b8:07:bc:01:8c:ec:78:60:aa:
>>>                    c0:01:18:5c:75:5d:01:76:8f:b2:92:5c:47:23:f6:
>>>                    9d:dc:f6:02:66:1f:ca:d3:cf:a2:01:44:58:f9:df:
>>>                    f3:a5:8a:c9:a3:47:a7:80:1a:9f:62:c4:a3:46:77:
>>>                    e3:96:6a:85:bf:06:ac:0a:51:ea:1a:9d:03:2a:80:
>>>                    4c:63:6b:81:87:21:b5:56:4d:a3:52:4d:d9:b4:60:
>>>                    63:f3:14:5e:a7:6e:9d:f4:b7:5b:7d:cb:10:9c:20:
>>>                    d1:be:ed:7f:82:81:1c:f2:f0:94:ea:a4:c9:6a:3b:
>>>                    e7:1b:cc:44:e7:0c:21:24:57:fa:4e:4d:6d:c9:00:
>>>                    b1:79:17:e4:7e:76:96:bc:98:42:b8:ab:ce:a8:07:
>>>                    47:c0:bc:06:a7:b8:a7:36:07:2e:ca:80:d9:2c:3a:
>>>                    17:e7:a6:7c:ec:53:1a:6a:a1:37:a3:b6:59:00:6b:
>>>                    c8:fe:7f:f4:2a:72:48:74:93:d6:81:b9:c0:3b:4f:
>>>                    a9:9d:84:84:4d:60:76:97:90:0c:f8:c7:46:26:94:
>>>                    90:84:c1:95:cb:00:41:8d:0b:35:41:2a:a8:a9:ea:
>>>                    73:fd:08:81:92:46:03:1a:1c:c5:18:5b:87:dd:3c:
>>>                    a3:0d
>>>                Exponent: 65537 (0x10001)
>>>        Attributes:
>>>            a0:00
>>>    Signature Algorithm: sha256WithRSAEncryption
>>>         71:86:f1:88:7e:4b:c9:66:36:6a:07:f0:76:64:4b:55:70:e0:
>>>         e3:fc:18:5f:99:28:d4:95:c4:3b:e0:d7:52:64:2e:42:52:c9:
>>>         5c:cb:ba:33:25:08:80:5e:24:62:6d:a1:8e:70:f9:9e:20:66:
>>>         3a:14:d6:cb:10:25:93:fc:5a:f6:79:c8:a8:ce:f6:9d:0c:cf:
>>>         8a:96:9f:76:72:a4:f7:66:8c:2e:4a:35:f4:51:5f:b5:cd:fc:
>>>         b6:a6:ee:4e:06:d2:9f:6c:6b:34:a4:19:6c:0b:a6:cb:2b:25:
>>>         47:da:ce:32:a1:89:6e:04:47:86:46:e5:6f:eb:d1:e6:65:73:
>>>         86:13:a1:f4:4a:f1:e3:2c:e5:76:a6:e1:24:c2:d6:5c:33:fc:
>>>         6a:d2:eb:33:0c:77:ca:56:b6:cb:a7:e9:13:fa:6d:0e:22:03:
>>>         51:50:39:e0:91:ca:5d:a7:d3:f5:5b:cb:4c:2d:56:39:9b:c6:
>>>         ab:87:c7:9b:54:6c:55:17:b6:6d:62:28:62:e8:b3:d5:69:17:
>>>         09:80:dc:a8:6b:09:ed:c6:18:62:5f:fd:eb:9b:3a:b7:a5:ab:
>>>         db:72:bc:55:df:e8:fa:ad:22:f1:bf:0d:b3:79:e1:d2:09:4e:
>>>         a3:4e:61:5b:28:af:ca:3d:1f:53:52:52:72:71:e9:73:28:fd:
>>>         73:01:90:95
>>>
>>>
>>> $ openssl asn1parse -dump -in CSR.csr
>>>    0:d=0  hl=4 l= 647 cons: SEQUENCE
>>>    4:d=1  hl=4 l= 367 cons: SEQUENCE
>>>    8:d=2  hl=2 l=   1 prim: INTEGER           :00
>>>   11:d=2  hl=2 l=  66 cons: SEQUENCE
>>>   13:d=3  hl=2 l=  11 cons: SET
>>>   15:d=4  hl=2 l=   9 cons: SEQUENCE
>>>   17:d=5  hl=2 l=   3 prim: OBJECT            :countryName
>>>   22:d=5  hl=2 l=   2 prim: PRINTABLESTRING   :XX
>>>   26:d=3  hl=2 l=  21 cons: SET
>>>   28:d=4  hl=2 l=  19 cons: SEQUENCE
>>>   30:d=5  hl=2 l=   3 prim: OBJECT            :localityName
>>>   35:d=5  hl=2 l=  12 prim: UTF8STRING        :Default City
>>>   49:d=3  hl=2 l=  28 cons: SET
>>>   51:d=4  hl=2 l=  26 cons: SEQUENCE
>>>   53:d=5  hl=2 l=   3 prim: OBJECT            :organizationName
>>>   58:d=5  hl=2 l=  19 prim: UTF8STRING        :Default Company Ltd
>>>   79:d=2  hl=4 l= 290 cons: SEQUENCE
>>>   83:d=3  hl=2 l=  13 cons: SEQUENCE
>>>   85:d=4  hl=2 l=   9 prim: OBJECT            :rsaEncryption
>>>   96:d=4  hl=2 l=   0 prim: NULL
>>>   98:d=3  hl=4 l= 271 prim: BIT STRING
>>>      0000 - 00 30 82 01 0a 02 82 01-01 00 e2 6e 84 97 0e d5   .0.........n....
>>>      0010 - ea ad 18 4f 18 73 b3 f8-71 28 12 c2 5c 32 b8 07   ...O.s..q(..\2..
>>>      0020 - bc 01 8c ec 78 60 aa c0-01 18 5c 75 5d 01 76 8f   ....x`....\u].v.
>>>      0030 - b2 92 5c 47 23 f6 9d dc-f6 02 66 1f ca d3 cf a2   ..\G#.....f.....
>>>      0040 - 01 44 58 f9 df f3 a5 8a-c9 a3 47 a7 80 1a 9f 62   .DX.......G....b
>>>      0050 - c4 a3 46 77 e3 96 6a 85-bf 06 ac 0a 51 ea 1a 9d   ..Fw..j.....Q...
>>>      0060 - 03 2a 80 4c 63 6b 81 87-21 b5 56 4d a3 52 4d d9   .*.Lck..!.VM.RM.
>>>      0070 - b4 60 63 f3 14 5e a7 6e-9d f4 b7 5b 7d cb 10 9c   .`c..^.n...[}...
>>>      0080 - 20 d1 be ed 7f 82 81 1c-f2 f0 94 ea a4 c9 6a 3b    .............j;
>>>      0090 - e7 1b cc 44 e7 0c 21 24-57 fa 4e 4d 6d c9 00 b1   ...D..!$W.NMm...
>>>      00a0 - 79 17 e4 7e 76 96 bc 98-42 b8 ab ce a8 07 47 c0   y..~v...B.....G.
>>>      00b0 - bc 06 a7 b8 a7 36 07 2e-ca 80 d9 2c 3a 17 e7 a6   .....6.....,:...
>>>      00c0 - 7c ec 53 1a 6a a1 37 a3-b6 59 00 6b c8 fe 7f f4   |.S.j.7..Y.k....
>>>      00d0 - 2a 72 48 74 93 d6 81 b9-c0 3b 4f a9 9d 84 84 4d   *rHt.....;O....M
>>>      00e0 - 60 76 97 90 0c f8 c7 46-26 94 90 84 c1 95 cb 00   `v.....F&.......
>>>      00f0 - 41 8d 0b 35 41 2a a8 a9-ea 73 fd 08 81 92 46 03   A..5A*...s....F.
>>>      0100 - 1a 1c c5 18 5b 87 dd 3c-a3 0d 02 03 01 00 01      ....[..<.......
>>>  373:d=2  hl=2 l=   0 cons: cont [ 0 ]
>>>  375:d=1  hl=2 l=  13 cons: SEQUENCE
>>>  377:d=2  hl=2 l=   9 prim: OBJECT            :sha256WithRSAEncryption
>>>  388:d=2  hl=2 l=   0 prim: NULL
>>>  390:d=1  hl=4 l= 257 prim: BIT STRING
>>>      0000 - 00 71 86 f1 88 7e 4b c9-66 36 6a 07 f0 76 64 4b   .q...~K.f6j..vdK
>>>      0010 - 55 70 e0 e3 fc 18 5f 99-28 d4 95 c4 3b e0 d7 52   Up...._.(...;..R
>>>      0020 - 64 2e 42 52 c9 5c cb ba-33 25 08 80 5e 24 62 6d   d.BR.\..3%..^$bm
>>>      0030 - a1 8e 70 f9 9e 20 66 3a-14 d6 cb 10 25 93 fc 5a   ..p.. f:....%..Z
>>>      0040 - f6 79 c8 a8 ce f6 9d 0c-cf 8a 96 9f 76 72 a4 f7   .y..........vr..
>>>      0050 - 66 8c 2e 4a 35 f4 51 5f-b5 cd fc b6 a6 ee 4e 06   f..J5.Q_......N.
>>>      0060 - d2 9f 6c 6b 34 a4 19 6c-0b a6 cb 2b 25 47 da ce   ..lk4..l...+%G..
>>>      0070 - 32 a1 89 6e 04 47 86 46-e5 6f eb d1 e6 65 73 86   2..n.G.F.o...es.
>>>      0080 - 13 a1 f4 4a f1 e3 2c e5-76 a6 e1 24 c2 d6 5c 33   ...J..,.v..$..\3
>>>      0090 - fc 6a d2 eb 33 0c 77 ca-56 b6 cb a7 e9 13 fa 6d   .j..3.w.V......m
>>>      00a0 - 0e 22 03 51 50 39 e0 91-ca 5d a7 d3 f5 5b cb 4c   .".QP9...]...[.L
>>>      00b0 - 2d 56 39 9b c6 ab 87 c7-9b 54 6c 55 17 b6 6d 62   -V9......TlU..mb
>>>      00c0 - 28 62 e8 b3 d5 69 17 09-80 dc a8 6b 09 ed c6 18   (b...i.....k....
>>>      00d0 - 62 5f fd eb 9b 3a b7 a5-ab db 72 bc 55 df e8 fa   b_...:....r.U...
>>>      00e0 - ad 22 f1 bf 0d b3 79 e1-d2 09 4e a3 4e 61 5b 28   ."....y...N.Na[(
>>>      00f0 - af ca 3d 1f 53 52 52 72-71 e9 73 28 fd 73 01 90   ..=.SRRrq.s(.s..
>>>      0100 - 95                                                .
>>>
>>>
>>> Jon
>>>
>>> On Mon, Mar 26, 2018 at 5:36 PM, Michael Wojcik <[hidden email]> wrote:
>>> I just tried the same commands on my system, using 1.0.2n, and didn't have any problems (as I'd expect).
>>>
>>> What's the output of openssl asn1parse -dump -in CSR.csr?
>>>
>>> --
>>> Michael Wojcik
>>> Distinguished Engineer, Micro Focus
>>>
>>>
>>> --
>>> openssl-users mailing list
>>> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>>>
>>> --
>>> openssl-users mailing list
>>> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>>
>> --
>> openssl-users mailing list
>> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>>
>> --
>> openssl-users mailing list
>> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users


--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users