Erwann, all,
Thus wrote Erwann ABALEA ([email protected]):
> Applying the patch resulted in a positive and a negative effect:
> - I was able to verify the rsassaPss certificates
> - I wasn't able to verify ecdsa-with-SHA{1,256} certificates (yes,
> even SHA1 ones)
> The error I get is the following:
> error 7 at 0 depth lookup:certificate signature failure
> 3085249240:error:1009107F:elliptic curve
> routines:d2i_ECPKParameters:pkparameters2group failure:ec_asn1.c:1067:
> 3085249240:error:10090010:elliptic curve routines:d2i_ECParameters:EC
> lib:ec_asn1.c:1355:
> 3085249240:error:100D4010:elliptic curve routines:ECKEY_PARAM_DECODE:EC
> lib:ec_ameth.c:528:
I've had a look at this.
Your sample ecdsa certificates have
Signature Algorithm: ecdsa-with-SHA256, algorithm parameters are NULL.
The signature verification fails in eckey_param_decode(), this function
was apparently not made to handle the ASN.1-encoded NULL parameter.
During signature verification, I added a call to the signature algorithm's
param_decode method so that in case of RSA, the PSS parameters can be
read and PSS can be detected in the first place.
A simple fix for this problem is to call param_decode only when it is
necessary to parse the algorithm parameters, i.e. when digest and public
key algorithm can't be determined by looking only at the algorithm
identifier.
I'll update the patch accordingly.
(A better solution would probably be to use the param_decode method
correctly. Any ideas are appreciated.)
Best regards,
Martin
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [email protected]
