TLS/ASN1 crash connecting to some sites #8058

mk270 · 2024-01-28T02:36:37Z

Describe the bug
The ssl application crashes when I connect to certain hosts, apparently citing a problem decoding part of the server certificate.

To Reproduce

ssl:start(), ssl:connect("gem.billsmugs.com", 1965, [{active, true},{verify, verify_none}]).

There are a few hosts other than gem.billsmugs.com:1965 that do this; the vast generality of Gemini servers don't exhibit this behaviour. The error always occurs when connecting to these sites. I get:

=ERROR REPORT==== 28-Jan-2024::02:27:26.204984 ===
** State machine <0.125.0> terminating
** Last event = {internal,
                    {certificate_1_3,<<>>,
                        [{certificate_entry,
                             <<48,130,1,200,48,130,1,109,160,3,2,1,2,2,4,95,49,
                               189,11,48,12,6,8,42,134,72,206,61,4,3,2,5,0,48,
                               88,49,10,48,8,6,3,85,4,6,19,1,63,49,10,48,8,6,3,
                               85,4,8,19,1,63,49,10,48,8,6,3,85,4,7,19,1,63,49,
                               10,48,8,6,3,85,4,10,19,1,63,49,10,48,8,6,3,85,4,
                               11,19,1,63,49,26,48,24,6,3,85,4,3,19,17,103,101,
                               109,46,98,105,108,108,115,109,117,103,115,46,99,
                               111,109,48,32,23,13,50,49,48,56,50,56,49,57,49,
                               57,49,50,90,24,15,50,49,50,49,48,56,48,52,49,57,
                               49,57,49,50,90,48,88,49,10,48,8,6,3,85,4,6,19,1,
                               63,49,10,48,8,6,3,85,4,8,19,1,63,49,10,48,8,6,3,
                               85,4,7,19,1,63,49,10,48,8,6,3,85,4,10,19,1,63,
                               49,10,48,8,6,3,85,4,11,19,1,63,49,26,48,24,6,3,
                               85,4,3,19,17,103,101,109,46,98,105,108,108,115,
                               109,117,103,115,46,99,111,109,48,89,48,19,6,7,
                               42,134,72,206,61,2,1,6,8,42,134,72,206,61,3,1,7,
                               3,66,0,4,236,106,162,140,121,212,13,150,54,73,
                               26,128,147,54,233,174,122,36,83,67,133,71,218,
                               93,207,233,93,162,135,67,128,212,117,70,145,69,
                               50,12,40,196,48,190,42,67,122,148,113,248,150,
                               33,60,81,136,8,230,209,153,1,255,182,120,181,13,
                               5,163,33,48,31,48,29,6,3,85,29,14,4,22,4,20,38,
                               232,242,197,222,90,127,50,9,181,161,243,25,112,
                               14,41,39,187,216,159,48,12,6,8,42,134,72,206,61,
                               4,3,2,5,0,3,71,0,48,68,2,32,78,40,222,128,205,
                               82,255,196,217,156,232,203,91,249,41,96,90,49,
                               245,76,245,77,59,215,236,22,119,234,129,134,70,
                               156,2,32,78,224,55,236,132,113,84,175,97,19,73,
                               18,122,65,161,218,35,129,74,139,198,18,193,145,
                               94,217,210,51,183,102,192,21>>,
                             #{}}]}}
** When server state  = [{data,
                          [{"State",
                            {wait_cert,
                             {state,
                              {static_env,client,gen_tcp,tls_gen_connection,
                               tcp,tcp_closed,tcp_error,tcp_passive,
                               "gem.billsmugs.com",1965,#Port<0.5>,
                               #Ref<0.257190706.3971350544.56573>,
                               #Ref<0.257190706.3971350544.56572>,
                               ssl_client_session_cache_db,
                               {ssl_crl_cache,
                                {{#Ref<0.257190706.3971350544.56576>,
                                  #Ref<0.257190706.3971350544.56577>},
                                 []}},
                               {#Ref<0.257190706.3971350544.56574>,
                                #Ref<0.257190706.3971350544.56575>},
                               #Ref<0.257190706.3971219472.56751>,undefined},
                              "***",
                              #{fallback => false,
                                signature_algs_cert => undefined,
                                ciphers =>
                                 [<<19,2>>,
                                  <<19,1>>,
                                  <<19,3>>,
                                  <<19,4>>,
                                  <<19,5>>,
                                  <<"À,">>,<<"À0">>,<<"À">>,<<"À¯">>,
                                  <<"À$">>,<<"À(">>,
                                  <<204,169>>,
                                  <<204,168>>,
                                  <<"À+">>,<<"À/">>,<<"À¬">>,<<"À®">>,
                                  <<"À.">>,<<"À2">>,<<"À&">>,<<"À*">>,
                                  <<"À-">>,<<"À1">>,<<"À#">>,<<"À'">>,
                                  <<"À%">>,<<"À)">>,
                                  <<0,159>>,
                                  <<0,163>>,
                                  <<0,107>>,
                                  <<0,106>>,
                                  <<0,158>>,
                                  <<0,162>>,
                                  <<204,170>>,
                                  <<0,103>>,
                                  <<0,64>>,
                                  <<"À\n">>,
                                  <<192,20>>,
                                  <<192,5>>,
                                  <<192,15>>,
                                  <<"À\t">>,
                                  <<192,19>>,
                                  <<192,4>>,
                                  <<192,14>>,
                                  <<0,57>>,
                                  <<0,56>>,
                                  <<0,51>>,
                                  <<0,50>>],
                                customize_hostname_check => [],
                                protocol => tls,user_lookup_fun => undefined,
                                signature_algs =>
                                 [eddsa_ed25519,eddsa_ed448,
                                  ecdsa_secp521r1_sha512,
                                  ecdsa_secp384r1_sha384,
                                  ecdsa_secp256r1_sha256,rsa_pss_pss_sha512,
                                  rsa_pss_pss_sha384,rsa_pss_pss_sha256,
                                  rsa_pss_rsae_sha512,rsa_pss_rsae_sha384,
                                  rsa_pss_rsae_sha256,rsa_pkcs1_sha512,
                                  rsa_pkcs1_sha384,rsa_pkcs1_sha256,
                                  {sha512,ecdsa},
                                  {sha384,ecdsa},
                                  {sha256,ecdsa}],
                                partial_chain => #Fun<ssl.5.74402199>,
                                reuse_sessions => true,
                                use_ticket => undefined,psk_identity => "***",
                                log_level => notice,
                                secure_renegotiate => true,
                                renegotiate_at => 268435456,
                                srp_identity => "***",
                                max_fragment_length => undefined,
                                session_tickets => disabled,
                                verify => verify_none,
                                versions => [{3,4},{3,3}],
                                certs_keys => "***",
                                supported_groups =>
                                 {supported_groups,
                                  [x25519,x448,secp256r1,secp384r1]},
                                server_name_indication => "gem.billsmugs.com",
                                early_data => undefined,
                                key_update_at => 388736063997,
                                crl_cache => {ssl_crl_cache,{internal,[]}},
                                reuse_session => undefined,dh => "***",
                                alpn_advertised_protocols => undefined,
                                handshake => full,
                                verify_fun => {#Fun<ssl.6.74402199>,[]},
                                eccs =>
                                 {elliptic_curves,
                                  [{1,3,132,0,39},
                                   {1,3,132,0,38},
                                   {1,3,132,0,35},
                                   {1,3,36,3,3,2,8,1,1,13},
                                   {1,3,132,0,36},
                                   {1,3,132,0,37},
                                   {1,3,36,3,3,2,8,1,1,11},
                                   {1,3,132,0,34},
                                   {1,3,132,0,16},
                                   {1,3,132,0,17},
                                   {1,3,36,3,3,2,8,1,1,7},
                                   {1,3,132,0,10},
                                   {1,2,840,10045,3,1,7}]},
                                crl_check => false,
                                max_handshake_size => 131072,cacerts => "***"},
                              {socket_options,list,0,0,0,true},
                              "***","***",requested,
                              #{sender => <0.124.0>,active_n => 100,
                                active_n_toggle => false,
                                change_cipher_spec => ignore},
                              "***",
                              {key_share_client_hello,
                               [{key_share_entry,x25519,
                                 {<<100,186,177,55,80,45,156,52,0,141,5,168,
                                    225,209,100,14,41,59,132,163,114,151,89,
                                    216,95,163,61,227,61,97,181,3>>,
                                  <<0,86,255,234,145,34,224,168,105,38,140,
                                    61,86,163,82,219,106,102,91,124,190,57,
                                    162,86,139,148,185,114,113,195,164,91>>}}]},
                              "***","***","***",undefined,
                              {<0.90.0>,#Ref<0.257190706.3971219472.56733>},
                              undefined}}}]}]
** Reason for termination = error:{case_clause,
                                   {error,
                                    {asn1,
                                     {bad_range,
                                      [{'OTP-PUB-KEY',
                                        'dec_OTP-X520countryname',2,
                                        [{file,"../src/OTP-PUB-KEY.erl"},
                                         {line,17787}]},
                                       {'OTP-PUB-KEY',decode,2,
                                        [{file,"../src/OTP-PUB-KEY.erl"},
                                         {line,1233}]},
                                       {pubkey_cert_records,transform,2,
                                        [{file,"pubkey_cert_records.erl"},
                                         {line,65}]},
                                       {lists,map,2,
                                        [{file,"lists.erl"},{line,1559}]},
                                       {pubkey_cert_records,transform,2,
                                        [{file,"pubkey_cert_records.erl"},
                                         {line,92}]},
                                       {pubkey_cert_records,decode_tbs,1,
                                        [{file,"pubkey_cert_records.erl"},
                                         {line,330}]},
                                       {pubkey_cert_records,decode_cert,1,
                                        [{file,"pubkey_cert_records.erl"},
                                         {line,42}]},
                                       {public_key,pkix_decode_cert,2,
                                        [{file,"public_key.erl"},
                                         {line,522}]}]}}}}
** Callback modules = [tls_client_connection_1_3]
** Callback mode = [state_functions,state_enter]
** Stacktrace =
**  [{pubkey_cert_records,transform,2,
                          [{file,"pubkey_cert_records.erl"},{line,65}]},
     {lists,map,2,[{file,"lists.erl"},{line,1559}]},
     {pubkey_cert_records,transform,2,
                          [{file,"pubkey_cert_records.erl"},{line,92}]},
     {pubkey_cert_records,decode_tbs,1,
                          [{file,"pubkey_cert_records.erl"},{line,330}]},
     {pubkey_cert_records,decode_cert,1,
                          [{file,"pubkey_cert_records.erl"},{line,42}]},
     {public_key,pkix_decode_cert,2,[{file,"public_key.erl"},{line,522}]},
     {public_key,pkix_subject_id,1,[{file,"public_key.erl"},{line,1105}]},
     {tls_handshake_1_3,split_cert_entries,4,
                        [{file,"tls_handshake_1_3.erl"},{line,838}]}]

=CRASH REPORT==== 28-Jan-2024::02:27:26.209003 ===
  crasher:
    initial call: ssl_gen_statem:init/1
    pid: <0.125.0>
    registered_name: []
    exception error: no case clause matching 
                     {error,
                         {asn1,
                             {bad_range,
                                 [{'OTP-PUB-KEY','dec_OTP-X520countryname',2,
                                      [{file,"../src/OTP-PUB-KEY.erl"},
                                       {line,17787}]},
                                  {'OTP-PUB-KEY',decode,2,
                                      [{file,"../src/OTP-PUB-KEY.erl"},
                                       {line,1233}]},
                                  {pubkey_cert_records,transform,2,
                                      [{file,"pubkey_cert_records.erl"},
                                       {line,65}]},
                                  {lists,map,2,
                                      [{file,"lists.erl"},{line,1559}]},
                                  {pubkey_cert_records,transform,2,
                                      [{file,"pubkey_cert_records.erl"},
                                       {line,92}]},
                                  {pubkey_cert_records,decode_tbs,1,
                                      [{file,"pubkey_cert_records.erl"},
                                       {line,330}]},
                                  {pubkey_cert_records,decode_cert,1,
                                      [{file,"pubkey_cert_records.erl"},
                                       {line,42}]},
                                  {public_key,pkix_decode_cert,2,
                                      [{file,"public_key.erl"},
                                       {line,522}]}]}}}
      in function  pubkey_cert_records:transform/2 (pubkey_cert_records.erl, line 65)
      in call from lists:map/2 (lists.erl, line 1559)
      in call from pubkey_cert_records:transform/2 (pubkey_cert_records.erl, line 92)
      in call from pubkey_cert_records:decode_tbs/1 (pubkey_cert_records.erl, line 330)
      in call from pubkey_cert_records:decode_cert/1 (pubkey_cert_records.erl, line 42)
      in call from public_key:pkix_decode_cert/2 (public_key.erl, line 522)
      in call from public_key:pkix_subject_id/1 (public_key.erl, line 1105)
      in call from tls_handshake_1_3:split_cert_entries/4 (tls_handshake_1_3.erl, line 838)
    ancestors: [<0.123.0>,tls_connection_sup,tls_sup,ssl_connection_sup,
                  ssl_sup,<0.97.0>]
    message_queue_len: 0
    messages: []
    links: [<0.123.0>]
    dictionary: [{log_level,notice},
                  {ssl_pem_cache,ssl_pem_cache},
                  {ssl_manager,ssl_manager}]
    trap_exit: true
    status: running
    heap_size: 46422
    stack_size: 28
    reductions: 65926
  neighbours:

=SUPERVISOR REPORT==== 28-Jan-2024::02:27:26.212597 ===
    supervisor: {<0.123.0>,tls_dyn_connection_sup}
    errorContext: child_terminated
    reason: {{case_clause,
                 {error,
                     {asn1,
                         {bad_range,
                             [{'OTP-PUB-KEY','dec_OTP-X520countryname',2,
                                  [{file,"../src/OTP-PUB-KEY.erl"},
                                   {line,17787}]},
                              {'OTP-PUB-KEY',decode,2,
                                  [{file,"../src/OTP-PUB-KEY.erl"},
                                   {line,1233}]},
                              {pubkey_cert_records,transform,2,
                                  [{file,"pubkey_cert_records.erl"},
                                   {line,65}]},
                              {lists,map,2,[{file,"lists.erl"},{line,1559}]},
                              {pubkey_cert_records,transform,2,
                                  [{file,"pubkey_cert_records.erl"},
                                   {line,92}]},
                              {pubkey_cert_records,decode_tbs,1,
                                  [{file,"pubkey_cert_records.erl"},
                                   {line,330}]},
                              {pubkey_cert_records,decode_cert,1,
                                  [{file,"pubkey_cert_records.erl"},
                                   {line,42}]},
                              {public_key,pkix_decode_cert,2,
                                  [{file,"public_key.erl"},{line,522}]}]}}}},
             [{pubkey_cert_records,transform,2,
                  [{file,"pubkey_cert_records.erl"},{line,65}]},
              {lists,map,2,[{file,"lists.erl"},{line,1559}]},
              {pubkey_cert_records,transform,2,
                  [{file,"pubkey_cert_records.erl"},{line,92}]},
              {pubkey_cert_records,decode_tbs,1,
                  [{file,"pubkey_cert_records.erl"},{line,330}]},
              {pubkey_cert_records,decode_cert,1,
                  [{file,"pubkey_cert_records.erl"},{line,42}]},
              {public_key,pkix_decode_cert,2,
                  [{file,"public_key.erl"},{line,522}]},
              {public_key,pkix_subject_id,1,
                  [{file,"public_key.erl"},{line,1105}]},
              {tls_handshake_1_3,split_cert_entries,4,
                  [{file,"tls_handshake_1_3.erl"},{line,838}]}]}
    offender: [{pid,<0.125.0>},
               {id,receiver},
               {mfargs,{ssl_gen_statem,start_link,undefined}},
               {restart_type,temporary},
               {significant,true},
               {shutdown,5000},
               {child_type,worker}]

** exception exit: {{{case_clause,{error,{asn1,{bad_range,[{'OTP-PUB-KEY','dec_OTP-X520countryname',
                                                                          2,
                                                                          [{file,"../src/OTP-PUB-KEY.erl"},{line,17787}]},
                                                           {'OTP-PUB-KEY',decode,2,
                                                                          [{file,"../src/OTP-PUB-KEY.erl"},{line,1233}]},
                                                           {pubkey_cert_records,transform,2,
                                                                                [{file,"pubkey_cert_records.erl"},{line,65}]},
                                                           {lists,map,2,[{file,"lists.erl"},{line,1559}]},
                                                           {pubkey_cert_records,transform,2,
                                                                                [{file,"pubkey_cert_records.erl"},{line,92}]},
                                                           {pubkey_cert_records,decode_tbs,1,
                                                                                [{file,"pubkey_cert_records.erl"},{line,330}]},
                                                           {pubkey_cert_records,decode_cert,1,
                                                                                [{file,"pubkey_cert_records.erl"},{line,42}]},
                                                           {public_key,pkix_decode_cert,2,
                                                                       [{file,"public_key.erl"},{line,522}]}]}}}},
                     [{pubkey_cert_records,transform,2,
                                           [{file,"pubkey_cert_records.erl"},{line,65}]},
                      {lists,map,2,[{file,"lists.erl"},{line,1559}]},
                      {pubkey_cert_records,transform,2,
                                           [{file,"pubkey_cert_records.erl"},{line,92}]},
                      {pubkey_cert_records,decode_tbs,1,
                                           [{file,"pubkey_cert_records.erl"},{line,330}]},
                      {pubkey_cert_records,decode_cert,1,
                                           [{file,"pubkey_cert_records.erl"},{line,42}]},
                      {public_key,pkix_decode_cert,2,
                                  [{file,"public_key.erl"},{line,522}]},
                      {public_key,pkix_subject_id,1,
                                  [{file,"public_key.erl"},{line,1105}]},
                      {tls_handshake_1_3,split_cert_entries,4,
                                         [{file,"tls_handshake_1_3.erl"},{line,838}]}]},
                    {gen_statem,call,[<0.125.0>,{start,infinity},infinity]}}
     in function  gen:do_call/4 (gen.erl, line 246)
     in call from gen_statem:call/3 (gen_statem.erl, line 905)
     in call from ssl_gen_statem:call/2 (ssl_gen_statem.erl, line 1323)
     in call from ssl_gen_statem:handshake/2 (ssl_gen_statem.erl, line 253)
     in call from ssl_gen_statem:connect/8 (ssl_gen_statem.erl, line 222)
     in call from ssl:connect/4 (ssl.erl, line 631)

Other TLS clients, i.e., applications built on languages other than Erlang, don't seem to have a problem talking TLS to this endpoint.

Expected behavior
I'd expect something more like this:

2> ssl:start(), ssl:connect("geminiprotocol.net", 1965, [{active, true},{verify, verify_none}]).
{ok,{sslsocket,{gen_tcp,#Port<0.6>,tls_connection,undefined},
               [<0.135.0>,<0.134.0>]}}
3>

but if there were some kind of ASN1 disaster occurring due to input from the server, I'd expect the error to be caught and reported a little more clearly. The "no case clause matching" language suggests that there's a case that isn't handled, which for things like TLS certificates might indicate an exploitable issue. And it seems to arise from something that someone has unwittingly put into a TLS certificate.

Affected versions

Erlang/OTP 26 [erts-14.1.1] [source] [64-bit] [smp:16:16] [ds:16:16:10] [async-threads:1] [jit:ns]

The text was updated successfully, but these errors were encountered:

mk270 · 2024-01-28T03:19:34Z

i think the following hosts might have the same issue, all on port 1965:

henn.es
gemini.haywalk.ca
groundctrl.earth
gemini.spacehippie.ca

On earlier erlangs (OTP 22) there is a more informative "certificate unknown" message rather than the disconcerting crash

IngelaAndin · 2024-01-29T08:07:43Z

This certificate looks very strange indeed and does break the ASN-1 specification.

We can inspect it by doing a less complete decode:

C = <<48,130,1,200,48,130,1,109,160,3,2,1,2,2,4,95,49,
                                  189,11,48,12,6,8,42,134,72,206,61,4,3,2,5,0,48,
                                  88,49,10,48,8,6,3,85,4,6,19,1,63,49,10,48,8,6,3,
                                  85,4,8,19,1,63,49,10,48,8,6,3,85,4,7,19,1,63,49,
                                  10,48,8,6,3,85,4,10,19,1,63,49,10,48,8,6,3,85,4,
                                  11,19,1,63,49,26,48,24,6,3,85,4,3,19,17,103,101,
                                  109,46,98,105,108,108,115,109,117,103,115,46,99,
                                  111,109,48,32,23,13,50,49,48,56,50,56,49,57,49,
                                  57,49,50,90,24,15,50,49,50,49,48,56,48,52,49,57,
                                  49,57,49,50,90,48,88,49,10,48,8,6,3,85,4,6,19,1,
                                  63,49,10,48,8,6,3,85,4,8,19,1,63,49,10,48,8,6,3,
                                  85,4,7,19,1,63,49,10,48,8,6,3,85,4,10,19,1,63,
                                  49,10,48,8,6,3,85,4,11,19,1,63,49,26,48,24,6,3,
                                  85,4,3,19,17,103,101,109,46,98,105,108,108,115,
                                  109,117,103,115,46,99,111,109,48,89,48,19,6,7,
                                  42,134,72,206,61,2,1,6,8,42,134,72,206,61,3,1,7,
                                  3,66,0,4,236,106,162,140,121,212,13,150,54,73,
                                  26,128,147,54,233,174,122,36,83,67,133,71,218,
                                  93,207,233,93,162,135,67,128,212,117,70,145,69,
                                  50,12,40,196,48,190,42,67,122,148,113,248,150,
                                  33,60,81,136,8,230,209,153,1,255,182,120,181,13,
                                  5,163,33,48,31,48,29,6,3,85,29,14,4,22,4,20,38,
                                  232,242,197,222,90,127,50,9,181,161,243,25,112,
                                  14,41,39,187,216,159,48,12,6,8,42,134,72,206,61,
                                  4,3,2,5,0,3,71,0,48,68,2,32,78,40,222,128,205,
                                  82,255,196,217,156,232,203,91,249,41,96,90,49,
                                  245,76,245,77,59,215,236,22,119,234,129,134,70,
                                  156,2,32,78,224,55,236,132,113,84,175,97,19,73,
                                  18,122,65,161,218,35,129,74,139,198,18,193,145,
                                  94,217,210,51,183,102,192,21>>.

 public_key:pkix_decode_cert(C, plain).
{'Certificate',
    {'TBSCertificate',v3,1597095179,
        {'AlgorithmIdentifier',{1,2,840,10045,4,3,2},<<5,0>>},
        {rdnSequence,
            [[{'AttributeTypeAndValue',{2,5,4,6},<<19,1,63>>}],
             [{'AttributeTypeAndValue',{2,5,4,8},<<19,1,63>>}],
             [{'AttributeTypeAndValue',{2,5,4,7},<<19,1,63>>}],
             [{'AttributeTypeAndValue',{2,5,4,10},<<19,1,63>>}],
             [{'AttributeTypeAndValue',{2,5,4,11},<<19,1,63>>}],
             [{'AttributeTypeAndValue',
                  {2,5,4,3},
                  <<19,17,103,101,109,46,98,105,108,108,...>>}]]},
        {'Validity',
            {utcTime,"210828191912Z"},
            {generalTime,"21210804191912Z"}},
        {rdnSequence,
            [[{'AttributeTypeAndValue',{2,5,4,6},<<19,1,63>>}],
             [{'AttributeTypeAndValue',{2,5,4,8},<<19,1,63>>}],
             [{'AttributeTypeAndValue',{2,5,4,7},<<19,1,63>>}],
             [{'AttributeTypeAndValue',{2,5,4,10},<<19,1,63>>}],
             [{'AttributeTypeAndValue',{2,5,4,11},<<19,1,63>>}],
             [{'AttributeTypeAndValue',
                  {2,5,4,3},
                  <<19,17,103,101,109,46,98,105,...>>}]]},
        {'SubjectPublicKeyInfo',
            {'AlgorithmIdentifier',
                {1,2,840,10045,2,1},
                <<6,8,42,134,72,206,61,3,1,7>>},
            <<4,236,106,162,140,121,212,13,150,54,73,26,128,147,54,
              233,...>>},
        asn1_NOVALUE,asn1_NOVALUE,
        [{'Extension',
             {2,5,29,14},
             false,
             <<4,20,38,232,242,197,222,90,127,50,9,...>>}]},
    {'AlgorithmIdentifier',{1,2,840,10045,4,3,2},<<5,0>>},
    <<48,68,2,32,78,40,222,128,205,82,255,196,217,156,232,
      203,91,249,41,96,90,49,245,76,245,...>>}

For easier understanding:

-define('id-at-countryName', {2,5,4,6}).
-define('id-at-stateOrProvinceName', {2,5,4,8}).
-define('id-at-localityName', {2,5,4,7}).
-define('id-at-organizationName', {2,5,4,10}).
-define('id-at-organizationalUnitName', {2,5,4,11}).

These are all given the same value which is <<19,1,63>> (just giving all these attributes the same value is strange).

Using one of the other fields to decode it shows that the value will be as follows:
public_key:der_decode('X520LocalityName', <<19,1,63>>).
{printableString,"?"}

CountryName is specified as:

X520countryName ::= PrintableString (SIZE (2))

Actually country code might have been a better name, so it should have values as "US", "SE", "GB" etc

For better or worse many TLS implementations do not seem to have ASN-1 handling that check all constraints. We do allow the exception "USA" when decoding even if we do not allow people to create such certs using our code.

I do agree with you that error handling in OTP-22.3 for this particular case is better than in OTP-26, this I think must be an unfortunate result of some refactor or other change and we will look into improving that.

We are not found of making workarounds for such obvious breakages of the specification but it it is common enough we could consider including it in the exception as one character instead of two is not really a problematic in other aspects.

mk270 · 2024-01-30T11:42:44Z

Ah Ok. I'll have a closer look into whether the error can be detected/prevented/worked around/mitigated, and get back to you with its seriousness in a few days. Thanks very much for the explanation.

…H-8058/OTP-18969 Handle asn1 decode errors

mk270 added the bug Issue is reported as a bug label Jan 28, 2024

IngelaAndin self-assigned this Jan 29, 2024

IngelaAndin added the team:PS Assigned to OTP team PS label Jan 29, 2024

IngelaAndin added the Planned Focus issue added in sprint planning label Feb 20, 2024

dgud mentioned this issue Mar 12, 2024

Handle asn1 decode errors #8256

Merged

dgud closed this as completed in #8256 Mar 15, 2024

dgud added a commit that referenced this issue Mar 15, 2024

Merge pull request #8256 from dgud/dgud/ssl/catch_asn1_decoding_error/G…

0c948ce

…H-8058/OTP-18969 Handle asn1 decode errors

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

TLS/ASN1 crash connecting to some sites #8058

TLS/ASN1 crash connecting to some sites #8058

mk270 commented Jan 28, 2024 •

edited

mk270 commented Jan 28, 2024

IngelaAndin commented Jan 29, 2024

mk270 commented Jan 30, 2024

TLS/ASN1 crash connecting to some sites #8058

TLS/ASN1 crash connecting to some sites #8058

Comments

mk270 commented Jan 28, 2024 • edited

mk270 commented Jan 28, 2024

IngelaAndin commented Jan 29, 2024

mk270 commented Jan 30, 2024

mk270 commented Jan 28, 2024 •

edited