You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Mar 12, 2019. It is now read-only.
Whenever I have the tool generate a CSR using ECC P256, the generated CSR is invalid. The issue appears to be with the ECDSA signature on the certificate request, which appears to be stored incorrectly:
Certificate Request:
Data:
Version: 0 (0x0)
Subject: DC=net, DC=voria, DC=token, CN=Yubikey NEO 35XXXXX
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
EC Public Key:
pub:
04:dd:91:86:6a:92:69:90:d9:cd:f0:81:ca:a3:40:
80:d8:64:e3:ad:13:3a:ed:43:0e:42:a0:95:b2:1e:
8c:2c:46:60:f3:5b:75:33:92:38:51:52:b8:6c:0c:
1a:b8:b0:6f:ee:f1:33:7a:9a:37:a8:79:d7:c8:de:
19:92:43:23:83
ASN1 OID: prime256v1
Attributes:
a0:00
Signature Algorithm: ecdsa-with-SHA256
30:46:02:21:00:c3:7d:49:a6:da:e9:fe:25:18:26:7d:20:3e:
6a:80:22:04:a4:9d:a8:fb:72:9a:7c:99:c5:48:02:e2:28:0b:
65:02:21:00:d6:58:07:d0:f5:a5:f9:d9:f1:53:49:5d:3b:8a:
5c:75:87:66:43:32:da:ce:97:67:33:0d:9b:8e:78:54:3a:17
Check that the request matches the signature
Signature verification problems....
20298:error:0D0C50A1:asn1 encoding routines:ASN1_item_verify:unknown message digest algorithm:/SourceCache/OpenSSL098/OpenSSL098-52.30.1/src/crypto/asn1/a_verify.c:164:
The text was updated successfully, but these errors were encountered:
This project uses yubico-piv-tool to generate certificates. I've copied the issue to that project: Yubico/yubico-piv-tool#27 and am now closing this one.
Whenever I have the tool generate a CSR using ECC P256, the generated CSR is invalid. The issue appears to be with the ECDSA signature on the certificate request, which appears to be stored incorrectly:
The text was updated successfully, but these errors were encountered: