search

Exodus-Privacy / exodus-core

Core functionality of εxodus
GNU Affero General Public License v3.0
18 stars 17 forks source link

Unable to parse x509 certificates which violate RFC #2

Closed U039b closed 5 months ago

U039b commented 6 years ago

Issue found in report 7-14-2135, ...

Traceback (most recent call last):
  File "manage.py", line 22, in <module>
    execute_from_command_line(sys.argv)
  File "/home/exodus/exodus/venv/lib/python3.5/site-packages/django/core/management/__init__.py", line 364, in execute_from_command_line
    utility.execute()
  File "/home/exodus/exodus/venv/lib/python3.5/site-packages/django/core/management/__init__.py", line 356, in execute
    self.fetch_command(subcommand).run_from_argv(self.argv)
  File "/home/exodus/exodus/venv/lib/python3.5/site-packages/django/core/management/base.py", line 283, in run_from_argv
    self.execute(*args, **cmd_options)
  File "/home/exodus/exodus/venv/lib/python3.5/site-packages/django/core/management/base.py", line 330, in execute
    output = self.handle(*args, **options)
  File "/home/exodus/exodus/exodus/reports/management/commands/refreshapksignature.py", line 58, in handle
    report.application.app_uid = static_analysis.get_application_universal_id()
  File "/home/exodus/exodus/venv/lib/python3.5/site-packages/exodus_core/analysis/static_analysis.py", line 328, in get_application_universal_id
    for c in self.get_certificates():
  File "/home/exodus/exodus/venv/lib/python3.5/site-packages/exodus_core/analysis/static_analysis.py", line 337, in get_certificates
    cert = Certificate(c)
  File "/home/exodus/exodus/venv/lib/python3.5/site-packages/exodus_core/analysis/static_analysis.py", line 44, in __init__
    self.issuer = Certificate.get_Name(cert.issuer, short = False)
  File "/home/exodus/exodus/venv/lib/python3.5/site-packages/cryptography/hazmat/backends/openssl/x509.py", line 102, in issuer
    return _decode_x509_name(self._backend, issuer)
  File "/home/exodus/exodus/venv/lib/python3.5/site-packages/cryptography/hazmat/backends/openssl/decode_asn1.py", line 66, in _decode_x509_name
    attribute = _decode_x509_name_entry(backend, entry)
  File "/home/exodus/exodus/venv/lib/python3.5/site-packages/cryptography/hazmat/backends/openssl/decode_asn1.py", line 57, in _decode_x509_name_entry
    return x509.NameAttribute(x509.ObjectIdentifier(oid), value, type)
  File "/home/exodus/exodus/venv/lib/python3.5/site-packages/cryptography/x509/name.py", line 50, in __init__
    "Country name must be a 2 character country code"
ValueError: Country name must be a 2 character country code

Refers to https://github.com/pyca/cryptography/issues/3857

Jean-BaptisteC commented 5 months ago

Problem has been fixed in pyca/cryptography project, I guess problem is fixed on Exodus?

codeurimpulsif commented 5 months ago

Yes it seems to be fixed un Cryptography since version 36.0.0, Exodus-core use version 41.0.6.