Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

crypto/x509: ParseCertificate fails for ECDSA certificate, gives asn1 unmarshal error #21502

Closed
vickiniu opened this issue Aug 17, 2017 · 5 comments
Closed
Milestone

Comments

@vickiniu
Copy link

@vickiniu vickiniu commented Aug 17, 2017

Please answer these questions before submitting your issue. Thanks!

What version of Go are you using (go version)?

go version go1.8.3 darwin/amd64

What operating system and processor architecture are you using (go env)?

GOARCH="amd64"
GOBIN=""
GOEXE=""
GOHOSTARCH="amd64"
GOHOSTOS="darwin"
GOOS="darwin"
GOPATH="/Users/code/go"
GORACE=""
GOROOT="/usr/local/Cellar/go/1.8.3/libexec"
GOTOOLDIR="/usr/local/Cellar/go/1.8.3/libexec/pkg/tool/darwin_amd64"
GCCGO="gccgo"
CC="clang"
GOGCCFLAGS="-fPIC -m64 -pthread -fno-caret-diagnostics -Qunused-arguments -fmessage-length=0 -fdebug-prefix-map=/var/folders/vd/th9v9qw93c3d2mb24ghf4q_r0000gn/T/go-build785283138=/tmp/go-build -gno-record-gcc-switches -fno-common"
CXX="clang++"
CGO_ENABLED="1"
PKG_CONFIG="pkg-config"
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"

What did you do?

Decoding ECDSA certificate (fail)
https://play.golang.org/p/wHYxSA6JrN

Note: decoding this certificate using openssl x509 -in devCA.crt -text -noout produces correct output.

Decoding RSA certificate (success)
https://play.golang.org/p/fvcX76vbY5

What did you expect to see?

Return ok=true from certPool.AppendCertsFromPEM on decoding ECDSA certificate

What did you see instead?

asn1: structure error: tags don't match (6 vs {class:0 tag:16 length:247 isCompound:true}) {optional:false explicit:false application:false defaultValue:<nil> tag:<nil> stringType:0 timeType:0 set:false omitEmpty:false} ObjectIdentifier @3
@slrz
Copy link

@slrz slrz commented Aug 17, 2017

Your cert looks fishy. Replacing it with another one (ECDSA too, of course) leads to successful decoding.
https://play.golang.org/p/xVICqXPJfg

@vickiniu
Copy link
Author

@vickiniu vickiniu commented Aug 17, 2017

These are the commands we used to generate the cert:

openssl ecparam -name prime256v1 -genkey -param_enc explicit -out dev-ca.key
openssl req -new -sha256 -x509 -days 10000 -key dev-ca.key -out dev-ca.crt -subj "/C=US/ST=California/L=San Francisco/O=Chain/OU=development/CN=Development Root Certificate Authority"

It looks like the param_enc explicit flag in openssl ecparam is what causes the error.

@odeke-em odeke-em changed the title crypto/x509: x509.ParseCertificate fails for ECDSA certificate, gives asn1 unmarshal error crypto/x509: ParseCertificate fails for ECDSA certificate, gives asn1 unmarshal error Aug 17, 2017
jakob223 added a commit to jakob223/go that referenced this issue Aug 18, 2017
when parsing an ECDSA certificate, improve the error message upon
failing to parse the curve as a named curve, rather than returning
the original ASN1 error.

Fixes golang#21502 (sort of, to the extent that it needs fixing)
@jakob223
Copy link
Contributor

@jakob223 jakob223 commented Aug 18, 2017

Go assumes that an ECDSA curve as specified in a certificate is always going to be a named curve.

Named curves are only one of 3 valid ways of specifying a curve, according to RFC 5480, but the only way to do so for x.509 certificates:

The parameter for id-ecPublicKey is as follows and MUST always be
present:

ECParameters ::= CHOICE {
namedCurve OBJECT IDENTIFIER
-- implicitCurve NULL
-- specifiedCurve SpecifiedECDomain
}
-- implicitCurve and specifiedCurve MUST NOT be used in PKIX.
-- Details for SpecifiedECDomain can be found in [X9.62].
-- Any future additions to this CHOICE should be coordinated
-- with ANSI X9.

The failing certificate uses param_enc explicit, which translates to using a specified curve when encoding the AlgorithmIdentifier.

openssl perhaps shouldn't be willing to generate this certificate. That said, maybe go should have a better error in the case of encountering such a certificate?

@jakob223
Copy link
Contributor

@jakob223 jakob223 commented Aug 18, 2017

https://go-review.googlesource.com/c/57050 makes a more useful error message here.

@gopherbot
Copy link

@gopherbot gopherbot commented Aug 18, 2017

Change https://golang.org/cl/57050 mentions this issue: crypto/x509: improve error when parsing bad ECDSA cert

@FiloSottile FiloSottile added this to the Go1.11 milestone Mar 28, 2018
@gopherbot gopherbot closed this in 89f4592 Mar 28, 2018
@golang golang locked and limited conversation to collaborators Mar 28, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
5 participants
You can’t perform that action at this time.