Re: Verify X.509 certificate, openssl verify returns bad signature
У нед, 29. 08 2010. у 04:17 +0200, Mounir IDRASSI пише: After some digging, I found that part of the problem is caused by the functions c2i_ASN1_INTEGER and d2i_ASN1_UINTEGER in file crypto\asn1\a_int.c. At lines 244 and 314, there is an if block that removes any leading zeros. Commenting out these blocks solves the DER encoding mismatch but the verification still fails because the computed digest is different from the recovered one. Thank you, I can confirm that your suggestion is working. Applying a patch that you described does solve a problem for me. The MUPCAGradjani certificate can be verified against the MUPCARoot, as well as certificates issued by the MUPCAGradjani, like the two personal certificates I have on my eID card. I had to reconvert DER to PEM with patched openssl to get PEM certificates with correct serial number encoding. I read the other messages in this thread, but I am not an expert in the field so I do not know if openssl should add a support for incorrect serial numbers. In RFC 3280 there is a note about Non-conforming CAs where section 4.1.2.2 Serial number is saying that certificate users SHOULD be prepared to gracefully handle such certificates. Maybe the note can apply in this case? What I do know is that without a patch openssl can not be used with certificates issued on a Serbian national eID card. At least one other Serbian CA is hit by the same problem (http://ca.pks.rs/certs/) where PKI solution was provided by a same company. I have published patched openssl package for Ubuntu GNU/Linux distribution in my Ubuntu PPA at: https://launchpad.net/~grakic/+archive/serbian-eid Kind regards, Goran Rakic __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Verify X.509 certificate, openssl verify returns bad signature
У пон, 30. 08 2010. у 20:38 +0200, Dr. Stephen Henson пише: I wouldn't advise changing the code in that way (FYI I wrote it). The normal workaround in OpenSSL for broken encodings is to use the original encoding by caching it. The attached three line patch adds this workaround for certificates. Thanks Stephen. This preprocessor black magic looks very interesting, I will spend some free time trying to understand it in the following days. I read your message on openssl-dev about the issue with a dirty cache. As a naive code reader, I am wondering could not the modified field in the cached data be set whenever certificate data is modified to invalidate the cache? Will this allow integrating this patch upstream? Kind regards, Goran Rakic __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Verify X.509 certificate, openssl verify returns bad signature
Hi all, I have two X.509 certificates MUPCAGradjani.crt and MUPCARoot.crt downloaded from http://ca.mup.gov.rs/sertifikati-lat.html Certificate path is MUPCARoot MUPCAGradjani and I would like to validate MUPCAGradjani against the other. What I did is to convert both to PEM format and rename them by hash as efd6650d.0 (Gradjani) and fc5fe32d.0 (Root) using this script: #!/bin/bash hash=`openssl x509 -in $1 -inform DER -noout -hash` echo Saving $1 as $hash.0 openssl x509 -in $1 -inform DER -out $hash.0 -outform PEM Now I run: $ openssl verify -CApath . efd6650d.0 error 7 at 0 depth lookup:certificate signature failure 16206:error:04077068:rsa routines:RSA_verify:bad signature:rsa_sign.c:255: 16206:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib:a_verify.c:173:/pre Hm, that is not working. What am I doing wrong here? I am running OpenSSL 0.9.8k 25 Mar 2009 on Ubuntu 10.04 GNU/Linux. I also have my personal certificate issued by MUPCAGradjani that I would like to verify but it is failing with the same error (just one level down): $ openssl verify -CApath . qualified.pem qualified.pem: /CN=MUPCA Gradjani/O=MUP Republike Srbije/L=Beograd/C=Republika Srbija (RS) error 7 at 1 depth lookup:certificate signature failure 16258:error:04077068:rsa routines:RSA_verify:bad signature:rsa_sign.c:255: 16258:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib:a_verify.c:173:/pre When I install downloaded certificates in Windows using Internet Explorer and doubleclick on my personal certificate (qualified.cer) it looks valid. I am not sure, but I believe it is doing certificate chain validation so the certificates and paths should be valid. After all they are issued by a trustful CA. Output of openssl x509 -nameopt multiline,utf8,-esc_msb -noout -text -in $1 looks reasonable for both downloaded certificates and is the same before and after conversion to PEM (using -inform DER in the first case). My take on this is that I am not doing conversion properly or maybe the original certificates are in some other format requiring extra argument, but I can not find answer in the docs. How can I properly validate X.509 certificate from http://ca.mup.gov.rs/sertifikati-lat.html by certificate chain? Kind regards, Goran __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org