On Mon, Aug 30, 2010, Goran Rakic wrote: > ?? ??????, 29. 08 2010. ?? 04:17 +0200, Mounir IDRASSI ????????: > > > > After some digging, I found that part of the problem is caused by the > > functions c2i_ASN1_INTEGER and d2i_ASN1_UINTEGER in file > > crypto\asn1\a_int.c. At lines 244 and 314, there is an if block that > > removes any leading zeros. Commenting out these blocks solves the DER > > encoding mismatch but the verification still fails because the computed > > digest is different from the recovered one. > > Thank you, I can confirm that your suggestion is working. > > Applying a patch that you described does solve a problem for me. The > MUPCAGradjani certificate can be verified against the MUPCARoot, as well > as certificates issued by the MUPCAGradjani, like the two personal > certificates I have on my eID card. I had to reconvert DER to PEM with > patched openssl to get PEM certificates with "correct" serial number > encoding. > > I read the other messages in this thread, but I am not an expert in the > field so I do not know if openssl should add a support for "incorrect" > serial numbers. In RFC 3280 there is a note about "Non-conforming CAs" > where section "4.1.2.2 Serial number" is saying that "certificate users > SHOULD be prepared to gracefully handle such certificates". Maybe the > note can apply in this case? > > What I do know is that without a patch openssl can not be used with > certificates issued on a Serbian national eID card. At least one other > Serbian CA is hit by the same problem (http://ca.pks.rs/certs/) where > PKI solution was provided by a same company. > > I have published patched openssl package for Ubuntu GNU/Linux > distribution in my Ubuntu PPA at: > https://launchpad.net/~grakic/+archive/serbian-eid >
I wouldn't advise changing the code in that way (FYI I wrote it). The normal workaround in OpenSSL for broken encodings is to use the original encoding by caching it. The attached three line patch adds this workaround for certificates. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org
Index: crypto/asn1/x_x509.c =================================================================== RCS file: /v/openssl/cvs/openssl/crypto/asn1/x_x509.c,v retrieving revision 1.29 diff -u -r1.29 x_x509.c --- crypto/asn1/x_x509.c 8 Aug 2008 15:35:27 -0000 1.29 +++ crypto/asn1/x_x509.c 29 Aug 2010 23:08:35 -0000 @@ -63,7 +63,7 @@ #include <openssl/x509.h> #include <openssl/x509v3.h> -ASN1_SEQUENCE(X509_CINF) = { +ASN1_SEQUENCE_enc(X509_CINF, enc, 0) = { ASN1_EXP_OPT(X509_CINF, version, ASN1_INTEGER, 0), ASN1_SIMPLE(X509_CINF, serialNumber, ASN1_INTEGER), ASN1_SIMPLE(X509_CINF, signature, X509_ALGOR), @@ -74,7 +74,7 @@ ASN1_IMP_OPT(X509_CINF, issuerUID, ASN1_BIT_STRING, 1), ASN1_IMP_OPT(X509_CINF, subjectUID, ASN1_BIT_STRING, 2), ASN1_EXP_SEQUENCE_OF_OPT(X509_CINF, extensions, X509_EXTENSION, 3) -} ASN1_SEQUENCE_END(X509_CINF) +} ASN1_SEQUENCE_END_enc(X509_CINF, X509_CINF) IMPLEMENT_ASN1_FUNCTIONS(X509_CINF) /* X509 top level structure needs a bit of customisation */ Index: crypto/x509/x509.h =================================================================== RCS file: /v/openssl/cvs/openssl/crypto/x509/x509.h,v retrieving revision 1.171 diff -u -r1.171 x509.h --- crypto/x509/x509.h 14 Mar 2010 12:52:38 -0000 1.171 +++ crypto/x509/x509.h 29 Aug 2010 23:04:30 -0000 @@ -258,6 +258,7 @@ ASN1_BIT_STRING *issuerUID; /* [ 1 ] optional in v2 */ ASN1_BIT_STRING *subjectUID; /* [ 2 ] optional in v2 */ STACK_OF(X509_EXTENSION) *extensions; /* [ 3 ] optional in v3 */ + ASN1_ENCODING enc; } X509_CINF; /* This stuff is certificate "auxiliary info"