Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

crypto/x509: unable to parse PKCS1 RSA private key from Microsoft Terminal Services Signing Key #38181

Closed
bamiaux opened this issue Mar 31, 2020 · 2 comments
Closed

crypto/x509: unable to parse PKCS1 RSA private key from Microsoft Terminal Services Signing Key #38181

bamiaux opened this issue Mar 31, 2020 · 2 comments
Labels
FrozenDueToAge

Comments

@bamiaux
Copy link

bamiaux commented Mar 31, 2020

What version of Go are you using (go version)?

$ go version
go version go1.14 windows/amd64

Does this issue reproduce with the latest release?

Yes

What operating system and processor architecture are you using (go env)?

go env Output
$ go env
set GOARCH=amd64
set GOOS=windows

What did you do?

I converted an RSA private key to PEM and tried to load it with crypto/x509.
I manually verified the PEM is valid with Python.

https://play.golang.org/p/8lePKysTb-1

What did you expect to see?

To be able to parse the PEM & get the RSA private key contained inside

What did you see instead?

An error: "asn1: structure error: integer too large"

Probably related to #3161
@bamiaux
Copy link
Author

bamiaux commented Mar 31, 2020

Relevant check is here

// checkPub sanity checks the public key before we use it.
// We require pub.E to fit into a 32-bit integer so that we
// do not have different behavior depending on whether
// int is 32 or 64 bits. See also
// https://www.imperialviolet.org/2012/03/16/rsae.html.
func checkPub(pub *PublicKey) error {
	if pub.N == nil {
		return errPublicModulus
	}
	if pub.E < 2 {
		return errPublicExponentSmall
	}
	if pub.E > 1<<31-1 {
		return errPublicExponentLarge
	}
	return nil
}

Here, the fixed public exponent still fit 32-bits (uint32 instead of int32), so changing

pub.E > 1<<31 - 1
to
pub.E > 1<<32 - 1

may be enough to make it work, but I have no idea of the implications of doing this, especially considering https://www.imperialviolet.org/2012/03/16/rsae.html

@FiloSottile
Copy link
Contributor

rsa.PublicKey.E unfortunately is an int, not uint, so on 32-bit machines it will only hold values lower than 1<<31, and we want to be consistent across architectures. Such exponents are rare and unnecessary.

@golang golang locked and limited conversation to collaborators Mar 31, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
FrozenDueToAge
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@FiloSottile @bamiaux @gopherbot