problem with signature chain in X509 certificates

classic Classic list List threaded Threaded
8 messages Options
Reply | Threaded
Open this post in threaded view
|

problem with signature chain in X509 certificates

soukyan
Hello

I have the following code:
variables
X509 * cert;
and
X509_PUBKEY * working_public_key;
are previously instantiated.
                        ASN1_BIT_STRING_free(working_public_key->public_key);
working_public_key->public_key =
   ASN1_STRING_dup(cert->cert_info->key->public_key);
if (cert->cert_info->key->algor->parameter)
{
   if (working_public_key->algor->parameter)
     ASN1_TYPE_free(working_public_key->algor->parameter);
   working_public_key->algor->parameter = ASN1_TYPE_new();
   ASN1_TYPE_set(working_public_key->algor->parameter,
     cert->cert_info->key->algor->parameter->type,
     (void*)(&(cert->cert_info->key->algor->parameter->value)));
}
else
{
   if (OBJ_cmp(working_public_key->algor->algorithm,
               cert->cert_info->key->algor->algorithm))
   {
     ASN1_TYPE_free(working_public_key->algor->parameter);
     working_public_key->algor->parameter = NULL;
   }
}
ASN1_OBJECT_free(working_public_key->algor->algorithm);
working_public_key->algor->algorithm =
   OBJ_dup(cert->cert_info->key->algor->algorithm);
EVP_PKEY_free(working_public_key->pkey);
working_public_key->pkey = NULL;
X509_PUBKEY_get(working_public_key);

I do it according to RFC 3280 chapter 6.1.4 (d), (e) and (f).

If an algorithm in certificates' chain is RSA, the above code works
correctly. But if the algorithm is DSA, application crashes
(segmentation fault) in X509_PUBKEY_get(working_public_key).

What do I wrong i this code?

Thanks,
Daniel

--
Promocja! Format 15x20 tylko 99gr!
Zam?w odbitki cyfrowe online - odbierz za darmo w EMPiK-u lub wy?lemy Ci je poczt?
http://gazeta.empikfoto.pl
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: problem with signature chain in X509 certificates

Dr. Stephen Henson
On Tue, Jun 21, 2005, soukyan wrote:

> Hello
>
> I have the following code:
> variables
> X509 * cert;
> and
> X509_PUBKEY * working_public_key;
> are previously instantiated.
> ASN1_BIT_STRING_free(working_public_key->public_key);
> working_public_key->public_key =
>   ASN1_STRING_dup(cert->cert_info->key->public_key);
> if (cert->cert_info->key->algor->parameter)
> {
>   if (working_public_key->algor->parameter)
>     ASN1_TYPE_free(working_public_key->algor->parameter);
>   working_public_key->algor->parameter = ASN1_TYPE_new();
>   ASN1_TYPE_set(working_public_key->algor->parameter,
>     cert->cert_info->key->algor->parameter->type,
>     (void*)(&(cert->cert_info->key->algor->parameter->value)));
> }
> else
> {
>   if (OBJ_cmp(working_public_key->algor->algorithm,
>               cert->cert_info->key->algor->algorithm))
>   {
>     ASN1_TYPE_free(working_public_key->algor->parameter);
>     working_public_key->algor->parameter = NULL;
>   }
> }
> ASN1_OBJECT_free(working_public_key->algor->algorithm);
> working_public_key->algor->algorithm =
>   OBJ_dup(cert->cert_info->key->algor->algorithm);
> EVP_PKEY_free(working_public_key->pkey);
> working_public_key->pkey = NULL;
> X509_PUBKEY_get(working_public_key);
>
> I do it according to RFC 3280 chapter 6.1.4 (d), (e) and (f).
>
> If an algorithm in certificates' chain is RSA, the above code works
> correctly. But if the algorithm is DSA, application crashes
> (segmentation fault) in X509_PUBKEY_get(working_public_key).
>
> What do I wrong i this code?
>
>

That's horribly non-portable and depends on lots of structure internals. You
should instead use X509_verify() if you just want to verify the signature on a
certificate.

If you want to extract the public key portably from a certificate use
X509_get_pubkey().

Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: problem with signature chain in X509 certificates

soukyan
Dr. Stephen Henson wrote:

> On Tue, Jun 21, 2005, soukyan wrote:
>
>
>>Hello
>>
>>I have the following code:
>>variables
>>X509 * cert;
>>and
>>X509_PUBKEY * working_public_key;
>>are previously instantiated.
>> ASN1_BIT_STRING_free(working_public_key->public_key);
>>working_public_key->public_key =
>>  ASN1_STRING_dup(cert->cert_info->key->public_key);
>>if (cert->cert_info->key->algor->parameter)
>>{
>>  if (working_public_key->algor->parameter)
>>    ASN1_TYPE_free(working_public_key->algor->parameter);
>>  working_public_key->algor->parameter = ASN1_TYPE_new();
>>  ASN1_TYPE_set(working_public_key->algor->parameter,
>>    cert->cert_info->key->algor->parameter->type,
>>    (void*)(&(cert->cert_info->key->algor->parameter->value)));
>>}
>>else
>>{
>>  if (OBJ_cmp(working_public_key->algor->algorithm,
>>              cert->cert_info->key->algor->algorithm))
>>  {
>>    ASN1_TYPE_free(working_public_key->algor->parameter);
>>    working_public_key->algor->parameter = NULL;
>>  }
>>}
>>ASN1_OBJECT_free(working_public_key->algor->algorithm);
>>working_public_key->algor->algorithm =
>>  OBJ_dup(cert->cert_info->key->algor->algorithm);
>>EVP_PKEY_free(working_public_key->pkey);
>>working_public_key->pkey = NULL;
>>X509_PUBKEY_get(working_public_key);
>>
>>I do it according to RFC 3280 chapter 6.1.4 (d), (e) and (f).
>>
>>If an algorithm in certificates' chain is RSA, the above code works
>>correctly. But if the algorithm is DSA, application crashes
>>(segmentation fault) in X509_PUBKEY_get(working_public_key).
>>
>>What do I wrong i this code?
>>
>>
>
>
> That's horribly non-portable and depends on lots of structure internals. You
> should instead use X509_verify() if you just want to verify the signature on a
> certificate.
>
> If you want to extract the public key portably from a certificate use
> X509_get_pubkey().
>

Of course I use X509_verify() this way:
X509_verify(toBeVerifiedCert, working_public_key->pkey)
but I have to prepare first a proper EVP_PKEY. because in some
certificates the DSA parameters are not included in a certificate and
need to be inherited from a previous certificate in a path.
In such a situation the function X509_get_pubkey() isn't usefull for me.
For now my application doesn't pass tests 4.1.4, 4.1.5 and 4.1.6 from
NIST Test Suite because of the above problem.

Is there in OpenSSL a way to support signatures' chaining?

Thanks,
Daniel

--
Promocja! Format 15x20 tylko 99gr!
Zam?w odbitki cyfrowe online - odbierz za darmo w EMPiK-u lub wy?lemy Ci je poczt?
http://gazeta.empikfoto.pl
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: problem with signature chain in X509 certificates

Dr. Stephen Henson
On Tue, Jun 21, 2005, soukyan wrote:

> Dr. Stephen Henson wrote:
> >On Tue, Jun 21, 2005, soukyan wrote:
> >
> >
> >>Hello
> >>
> >>I have the following code:
> >>variables
> >>X509 * cert;
> >>and
> >>X509_PUBKEY * working_public_key;
> >>are previously instantiated.
> >> ASN1_BIT_STRING_free(working_public_key->public_key);
> >>working_public_key->public_key =
> >> ASN1_STRING_dup(cert->cert_info->key->public_key);
> >>if (cert->cert_info->key->algor->parameter)
> >>{
> >> if (working_public_key->algor->parameter)
> >>   ASN1_TYPE_free(working_public_key->algor->parameter);
> >> working_public_key->algor->parameter = ASN1_TYPE_new();
> >> ASN1_TYPE_set(working_public_key->algor->parameter,
> >>   cert->cert_info->key->algor->parameter->type,
> >>   (void*)(&(cert->cert_info->key->algor->parameter->value)));
> >>}
> >>else
> >>{
> >> if (OBJ_cmp(working_public_key->algor->algorithm,
> >>             cert->cert_info->key->algor->algorithm))
> >> {
> >>   ASN1_TYPE_free(working_public_key->algor->parameter);
> >>   working_public_key->algor->parameter = NULL;
> >> }
> >>}
> >>ASN1_OBJECT_free(working_public_key->algor->algorithm);
> >>working_public_key->algor->algorithm =
> >> OBJ_dup(cert->cert_info->key->algor->algorithm);
> >>EVP_PKEY_free(working_public_key->pkey);
> >>working_public_key->pkey = NULL;
> >>X509_PUBKEY_get(working_public_key);
> >>
> >>I do it according to RFC 3280 chapter 6.1.4 (d), (e) and (f).
> >>
> >>If an algorithm in certificates' chain is RSA, the above code works
> >>correctly. But if the algorithm is DSA, application crashes
> >>(segmentation fault) in X509_PUBKEY_get(working_public_key).
> >>
> >>What do I wrong i this code?
> >>
> >>
> >
> >
> >That's horribly non-portable and depends on lots of structure internals.
> >You
> >should instead use X509_verify() if you just want to verify the signature
> >on a
> >certificate.
> >
> >If you want to extract the public key portably from a certificate use
> >X509_get_pubkey().
> >
>
> Of course I use X509_verify() this way:
> X509_verify(toBeVerifiedCert, working_public_key->pkey)
> but I have to prepare first a proper EVP_PKEY. because in some
> certificates the DSA parameters are not included in a certificate and
> need to be inherited from a previous certificate in a path.
> In such a situation the function X509_get_pubkey() isn't usefull for me.
> For now my application doesn't pass tests 4.1.4, 4.1.5 and 4.1.6 from
> NIST Test Suite because of the above problem.
>
> Is there in OpenSSL a way to support signatures' chaining?
>

X509_get_pubkey() is useful for those cases: it just isn't complete.

You can check to see if parameters are missing using:

EVP_PKEY_missing_parameters(key);

You can copy parameters using:

EVP_PKEY_copy_parameters(to, from);

So before you replace the working_key with a new one check to see if the new
key has parameters, if not copy them from the current working key.

Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

problem with policy mappings extension decoding

soukyan
Dr. Stephen Henson wrote:

> X509_get_pubkey() is useful for those cases: it just isn't complete.
>
> You can check to see if parameters are missing using:
>
> EVP_PKEY_missing_parameters(key);
>
> You can copy parameters using:
>
> EVP_PKEY_copy_parameters(to, from);
>
> So before you replace the working_key with a new one check to see if the new
> key has parameters, if not copy them from the current working key.

Thank You.

Now I have another question.
When I print policy mapping extension with X509V3_EXT_print() I get:

0:d=0  hl=2 l=  26 cons: SEQUENCE
2:d=1  hl=2 l=  24 cons: SEQUENCE
4:d=2  hl=2 l=  10 prim: OBJECT            :2.16.840.1.101.3.2.1.48.1
16:d=2  hl=2 l=  10 prim: OBJECT            :2.16.840.1.101.3.2.1.48.2

But when I try to extract this extension:

POLICY_MAPPINGS *polMaps = NULL;
polMaps = (POLICY_MAPPINGS*)X509_get_ext_d2i(cert, NID_policy_mappings,
&crit, NULL);

I get NULL. This means polMaps is NULL and crit is -1 which is decoding
problem.

What should I do to extract this extension correctly?

Thanks,
Daniel


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: problem with policy mappings extension decoding

Dr. Stephen Henson
On Wed, Jun 22, 2005, soukyan wrote:

> Dr. Stephen Henson wrote:
> >X509_get_pubkey() is useful for those cases: it just isn't complete.
> >
> >You can check to see if parameters are missing using:
> >
> >EVP_PKEY_missing_parameters(key);
> >
> >You can copy parameters using:
> >
> >EVP_PKEY_copy_parameters(to, from);
> >
> >So before you replace the working_key with a new one check to see if the
> >new
> >key has parameters, if not copy them from the current working key.
>
> Thank You.
>
> Now I have another question.
> When I print policy mapping extension with X509V3_EXT_print() I get:
>
> 0:d=0  hl=2 l=  26 cons: SEQUENCE
> 2:d=1  hl=2 l=  24 cons: SEQUENCE
> 4:d=2  hl=2 l=  10 prim: OBJECT            :2.16.840.1.101.3.2.1.48.1
> 16:d=2  hl=2 l=  10 prim: OBJECT            :2.16.840.1.101.3.2.1.48.2
>

That's an asn1parse output. Normally X509V3_EXT_print() wont do that and then
only if standard routines fail.

> But when I try to extract this extension:
>
> POLICY_MAPPINGS *polMaps = NULL;
> polMaps = (POLICY_MAPPINGS*)X509_get_ext_d2i(cert, NID_policy_mappings,
> &crit, NULL);
>
> I get NULL. This means polMaps is NULL and crit is -1 which is decoding
> problem.
>
> What should I do to extract this extension correctly?
>

You need OpenSSL 0.9.8 to handle policy mappings. See what happens with the
'x509' utility. If that doesn't produce meaningful output please send me the
cert.

Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: problem with policy mappings extension decoding

soukyan
Dr. Stephen Henson wrote:

> On Wed, Jun 22, 2005, soukyan wrote:
>>Now I have another question.
>>When I print policy mapping extension with X509V3_EXT_print() I get:
>>
>>0:d=0  hl=2 l=  26 cons: SEQUENCE
>>2:d=1  hl=2 l=  24 cons: SEQUENCE
>>4:d=2  hl=2 l=  10 prim: OBJECT            :2.16.840.1.101.3.2.1.48.1
>>16:d=2  hl=2 l=  10 prim: OBJECT            :2.16.840.1.101.3.2.1.48.2
>>
>
>
> That's an asn1parse output. Normally X509V3_EXT_print() wont do that and then
> only if standard routines fail.

I am using X509V3_EXT_PARSE_UNKNOWN:
X509V3_EXT_print(bio, ext, X509V3_EXT_PARSE_UNKNOWN, 0);
to know a structure of unknown extensions.

>>But when I try to extract this extension:
>>
>>POLICY_MAPPINGS *polMaps = NULL;
>>polMaps = (POLICY_MAPPINGS*)X509_get_ext_d2i(cert, NID_policy_mappings,
>>&crit, NULL);
>>
>>I get NULL. This means polMaps is NULL and crit is -1 which is decoding
>>problem.
>>
>>What should I do to extract this extension correctly?
>>
>
>
> You need OpenSSL 0.9.8 to handle policy mappings.

Yes, I am using OpenSSL 0.9.8 Beta 4.

> See what happens with the 'x509' utility.

This is the output of this utility:

             X509v3 Policy Mappings: critical
                 0.0..
`.H.e...0..
`.H.e...0.

> If that doesn't produce meaningful output please send me the
> cert.

OK. I am just sending this certificate (on Your e-mail steve*openssl.org).
The certificate comes from NIST Test Suite (test 4.10.1)
and it is an intermediate CA certificate.
http://csrc.nist.gov/pki/testing/x509paths.html

Thanks,
Daniel


--
Promocja! Format 15x20 tylko 99gr!
Zam?w odbitki cyfrowe online - odbierz za darmo w EMPiK-u lub wy?lemy Ci je poczt?
http://gazeta.empikfoto.pl
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: problem with policy mappings extension decoding

Dr. Stephen Henson
On Wed, Jun 22, 2005, soukyan wrote:

> Dr. Stephen Henson wrote:
> >On Wed, Jun 22, 2005, soukyan wrote:
> >>Now I have another question.
> >>When I print policy mapping extension with X509V3_EXT_print() I get:
> >>
> >>0:d=0  hl=2 l=  26 cons: SEQUENCE
> >>2:d=1  hl=2 l=  24 cons: SEQUENCE
> >>4:d=2  hl=2 l=  10 prim: OBJECT            :2.16.840.1.101.3.2.1.48.1
> >>16:d=2  hl=2 l=  10 prim: OBJECT            :2.16.840.1.101.3.2.1.48.2
> >>
> >
> >
> >That's an asn1parse output. Normally X509V3_EXT_print() wont do that and
> >then
> >only if standard routines fail.
>
> I am using X509V3_EXT_PARSE_UNKNOWN:
> X509V3_EXT_print(bio, ext, X509V3_EXT_PARSE_UNKNOWN, 0);
> to know a structure of unknown extensions.
>

OK, this should be fixed now. The initial cause was that the extension table
was not in order but that was caused by inconsistencies in the OID table
between OpenSSL 0.9.7 and 0.9.8.

It should now display and parse the extension properly.

Please check the next snapshot.

Thanks for the report, Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]