Re: [openssl-users] Validation error on generated csr

Fri, 15 Mar 2013 07:11:43 -0700 

Bonjour,

Le 15/03/2013 14:07, Tim Tassonis a écrit :

Hi
I am trying to generate a csr in a c program by having the signing part done by pkcs11 calls, and while I get no errors, the resulting csr fails upon validation: 

$ openssl req -verify -in wltx.csr
verify failure
2948:error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long:.\cry 
pto\asn1\asn1_lib.c:150:
2948:error:0D068066:asn1 encoding routines:ASN1_CHECK_TLEN:bad object header:.\c 
rypto\asn1\tasn_dec.c:1306:
2948:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:.\ 
crypto\asn1\tasn_dec.c:381:Type=X509_SIG
2948:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib:.\crypto\asn 
1\a_verify.c:215:
-----BEGIN CERTIFICATE REQUEST-----
MIICvjCCAagCAQAwezELMAkGA1UEBhMCQ0gxEzARBgNVBAcTClJhcHBlcnN3aWwx

[...]

BBXO9brFuXld13VuE2xg+VnJ8vo3L7/SCC5ufEJaeSUOvQ==
-----END CERTIFICATE REQUEST-----
What is RSA signed is the direct SHA1 of the request, without the X509 "encapsulation".
Below is the function that generates the csr, it always succeds, but as mentioned, the csr is still invalid 

char *gen_csr(char *key_name, struct s_ekva **key_attrs)
{
[...]
inl=ASN1_item_i2d((void *)req->req_info,&buf_in,ASN1_ITEM_rptr(X509_REQ_INFO)); 
    p = buf_in;
    outl=EVP_PKEY_size(pkey);
    buf_out = malloc(outl);

    sign_mechanism.mechanism = CKM_SHA1_RSA_PKCS;
    sign_mechanism.pParameter = NULL;
    sign_mechanism.ulParameterLen = 0;

    rv = p11->C_SignInit(session, &sign_mechanism, prvkey);
    if (rv != CKR_OK) {
        return NULL;
    }
    rv = p11->C_Sign(session, p,inl, buf_out, &outl);
    if (rv != CKR_OK) {
        return NULL;
    }
You're feeding the PKCS#11 library with the request (the part to be signed), while specifying a CKM_SHA1_RSA_PKCS mechanism. The library doesn't know it's signing a CSR, and will SHA1 hash the data and RSA sign it.
What you have to do it hash your data, prepare an X509_SIG object, set its "algor" to SHA1 (with NULL parameters), and fill the "digest" part with your hash result. Then transform it into DER, and sign it with CKM_RSA_PKCS mechanism. 
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to