On Mon, Aug 30, 2010, Goran Rakic wrote:
> ?? ??????, 29. 08 2010. ?? 04:17 +0200, Mounir IDRASSI ????????:
> >
> > After some digging, I found that part of the problem is caused by the
> > functions c2i_ASN1_INTEGER and d2i_ASN1_UINTEGER in file
> > crypto\asn1\a_int.c. At lines 244 and 314, there is an if block that
> > removes any leading zeros. Commenting out these blocks solves the DER
> > encoding mismatch but the verification still fails because the computed
> > digest is different from the recovered one.
>
> Thank you, I can confirm that your suggestion is working.
>
> Applying a patch that you described does solve a problem for me. The
> MUPCAGradjani certificate can be verified against the MUPCARoot, as well
> as certificates issued by the MUPCAGradjani, like the two personal
> certificates I have on my eID card. I had to reconvert DER to PEM with
> patched openssl to get PEM certificates with "correct" serial number
> encoding.
>
> I read the other messages in this thread, but I am not an expert in the
> field so I do not know if openssl should add a support for "incorrect"
> serial numbers. In RFC 3280 there is a note about "Non-conforming CAs"
> where section "4.1.2.2 Serial number" is saying that "certificate users
> SHOULD be prepared to gracefully handle such certificates". Maybe the
> note can apply in this case?
>
> What I do know is that without a patch openssl can not be used with
> certificates issued on a Serbian national eID card. At least one other
> Serbian CA is hit by the same problem (http://ca.pks.rs/certs/) where
> PKI solution was provided by a same company.
>
> I have published patched openssl package for Ubuntu GNU/Linux
> distribution in my Ubuntu PPA at:
> https://launchpad.net/~grakic/+archive/serbian-eid
>
I wouldn't advise changing the code in that way (FYI I wrote it). The normal
workaround in OpenSSL for broken encodings is to use the original encoding
by caching it. The attached three line patch adds this workaround for
certificates.
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
Index: crypto/asn1/x_x509.c
===================================================================
RCS file: /v/openssl/cvs/openssl/crypto/asn1/x_x509.c,v
retrieving revision 1.29
diff -u -r1.29 x_x509.c
--- crypto/asn1/x_x509.c 8 Aug 2008 15:35:27 -0000 1.29
+++ crypto/asn1/x_x509.c 29 Aug 2010 23:08:35 -0000
@@ -63,7 +63,7 @@
#include <openssl/x509.h>
#include <openssl/x509v3.h>
-ASN1_SEQUENCE(X509_CINF) = {
+ASN1_SEQUENCE_enc(X509_CINF, enc, 0) = {
ASN1_EXP_OPT(X509_CINF, version, ASN1_INTEGER, 0),
ASN1_SIMPLE(X509_CINF, serialNumber, ASN1_INTEGER),
ASN1_SIMPLE(X509_CINF, signature, X509_ALGOR),
@@ -74,7 +74,7 @@
ASN1_IMP_OPT(X509_CINF, issuerUID, ASN1_BIT_STRING, 1),
ASN1_IMP_OPT(X509_CINF, subjectUID, ASN1_BIT_STRING, 2),
ASN1_EXP_SEQUENCE_OF_OPT(X509_CINF, extensions, X509_EXTENSION, 3)
-} ASN1_SEQUENCE_END(X509_CINF)
+} ASN1_SEQUENCE_END_enc(X509_CINF, X509_CINF)
IMPLEMENT_ASN1_FUNCTIONS(X509_CINF)
/* X509 top level structure needs a bit of customisation */
Index: crypto/x509/x509.h
===================================================================
RCS file: /v/openssl/cvs/openssl/crypto/x509/x509.h,v
retrieving revision 1.171
diff -u -r1.171 x509.h
--- crypto/x509/x509.h 14 Mar 2010 12:52:38 -0000 1.171
+++ crypto/x509/x509.h 29 Aug 2010 23:04:30 -0000
@@ -258,6 +258,7 @@
ASN1_BIT_STRING *issuerUID; /* [ 1 ] optional in v2 */
ASN1_BIT_STRING *subjectUID; /* [ 2 ] optional in v2 */
STACK_OF(X509_EXTENSION) *extensions; /* [ 3 ] optional in v3 */
+ ASN1_ENCODING enc;
} X509_CINF;
/* This stuff is certificate "auxiliary info"
