Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

crypto/x509: unable to find SignatureAlgorithm of certificate with PSS signature #23847

Closed
conradoplg opened this issue Feb 15, 2018 · 1 comment

Comments

@conradoplg
Copy link
Contributor

What version of Go are you using (go version)?

go version go1.9.2 linux/amd64

Does this issue reproduce with the latest release?

I haven't tested with 1.9.4 or 1.10

What operating system and processor architecture are you using (go env)?

GOARCH="amd64"
GOBIN=""
GOEXE=""
GOHOSTARCH="amd64"
GOHOSTOS="linux"
GOOS="linux"
GOPATH="/home/conrado/go"
GORACE=""
GOROOT="/usr/lib/go-1.9"
GOTOOLDIR="/usr/lib/go-1.9/pkg/tool/linux_amd64"
GCCGO="gccgo"
CC="gcc"
GOGCCFLAGS="-fPIC -m64 -pthread -fmessage-length=0 -fdebug-prefix-map=/tmp/go-build745436001=/tmp/go-build -gno-record-gcc-switches"
CXX="g++"
CGO_ENABLED="1"
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"
PKG_CONFIG="pkg-config"

What did you do?

Generate certificate with OpenSSL:

openssl req -newkey rsa:2048 -keyout test.key -sha256 -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:32 -sigopt rsa_mgf1_md:sha256 -x509 -days 3650 -nodes -subj '/C=US/ST=CA/L=SF/O=Test/CN=Test' -out test.pem

and parse it with x509.ParseCertificate. The SignatureAlgorithm will be 0 (Unknown), which eventually makes the certification validation fail.

https://play.golang.org/p/CKf-GRBnda1

What did you expect to see?

SignatureAlgorithm should be SHA256-RSAPSS

What did you see instead?

SignatureAlgorithm is 0 (Unknown)

Analysis

The problem is that OpenSSL generates AlgorithmIdentifiers for the PSS hash and MGF with empty parameters, instead of NULL. (Related to what is described here). However, Go only accepts NULL parameters in getSignatureAlgorithmFromAI

According to RFC 4055,

All implementations MUST accept both NULL and absent parameters as legal and equivalent encodings

If it's decided this should be fixed, I can write the patch.

@agl agl self-assigned this Feb 22, 2018
@gopherbot
Copy link

Change https://golang.org/cl/96417 mentions this issue: crypto/x509: support the PSS certificates that OpenSSL 1.1.0 generates.

@golang golang locked and limited conversation to collaborators Mar 20, 2019
@rsc rsc unassigned agl Jun 23, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

No branches or pull requests

3 participants