Open yyy1993 opened 1 year ago
headscott
commented
1 year ago Could you try to undo the latest changes in tlse.c? So make this line: CHECK_SIZE(7 + signature_size, buf_len, TLS_NEED_MORE_DATA) to this line: CHECK_SIZE(7 + size, buf_len, TLS_NEED_MORE_DATA)
Is the same error still there? If not, you probably have the exact same problem with certificates, that I have too.
eduardsui
commented
1 year ago @headscott it’s a different problem. That’s a CA bundle, it got nothing to do with parse_verify.
eduardsui
commented
1 year ago @yyy1993 it’s been a while since last CA sync. I think it may be some unsupported data in the new CA root bundle. I will resync tls_root_ca.h in about two weeks(I also use Mozilla as a source).
pankajbelwalcse
commented
10 months ago Have you solve this problem, same problem im encountering... can anyone help
hi, I use the example code tlssimple.c in my pem certificate. But have "CANNOT READ CERTIFICATE" error: Here is error msg:
1.1.8.1.4.2.1.1 1.1.8.1.4.2.1.1 BITSTREAM(2): 01 BE CANNOT READ CERTIFICATE 1.2.8.1.4.2.1.1 SEQUENCE 1.2.1.1.4.2.1.1 OBJECT IDENTIFIER(9): 2A 86 48 86 F7 0D 01 01 0D 1.2.2.1.4.2.1.1 NULL 1.3.2.1.4.2.1.1 BITSTREAM(769): 00 66 7E DC 1B 66 12 B9 2E BA 5C 16 83 81 DF 3E E2 29 D9 36 63 CA 2E BA 7D A5 2A 57 2F DE 11 5F BD CF 09 6A AD 91 CA F5 C8 75 BD 98 03 7A F9 D3 54 E7 BE BA A5 2D 59 3A 4E 3F 5F A9 C1 D5 08 25 15 65 92 40 FB EA 4D A9 31 3E 78 67 5E 28 12 E4 DC 31 E5 7F BA 55 50 57 32 F2 88 55 79 AF 34 85 36 9C 43 5A 40 88 E8 21 31 EB EE C9 64 88 9D 7F 15 E2 72 E7 6F EF 1D FA 92 DC 01 1A 86 1B A6 5D E4 C0 47 7D 60 51 CC 7F 8F 83 5C 7C 23 F6 82 9D 9C 9E 8E 77 6B DE 09 CE D2 03 30 14 FE E7 07 A1 D8 4A 1C 69 9F 3B A3 12 D9 05 99 14 76 6B 2D E4 A6 7D 75 41 C8 DB 5F 8B 4C A4 23 04 76 2E C5 C9 E5 37 B4 84 F0 0A 39 72 63 B2 BE 15 BE 1F AE 72 96 FE D4 87 B5 4A 96 AF FC AE 43 A7 28 4D 19 97 73 5B 91 0D 1F 8E 4E 40 50 80 86 0C 06 70 B2 9A 4D 2C 87 55 E2 EE 53 C9 9B F1 8F 8C C1 87 20 0E B0 09 09 6B E0 47 5A FB A2 70 FA EA F5 82 D7 54 5C 5F 21 15 1A 37 01 B5 83 CC B6 0D 5F 06 B1 34 75 61 28 F2 7F 3B 39 3D A3 A9 5E 85 18 93 38 A1 48 96 1E FF 23 E4 78 2F 6A 58 01 59 5A B0 AE F2 E0 D4 40 D0 74 9E E1 D9 BD A7 FF 1D AB 8C 1B E5 F6 A0 44 3E 55 6C 71 AB 1B DD 84 D4 5E D7 10 E0 EA 76 6A B4 5E 9A 02 03 E9 9C E9 43 23 6A 29 59 0F E1 EE 92 75 9C 0F C1 D3 31 A9 DF C1 77 79 52 D5 EA F3 46 D6 8A 0C 68 24 08 AC 66 8F 24 C8 A1 93 7E 56 69 2D 2C 69 A7 F5 E1 D3 5E FA 1F D8 A1 43 29 05 13 13 D1 CB 99 F2 BE 65 A8 75 2B EA 78 0C 97 FD 5E C3 F9 9F 3D CD AC 70 D2 21 92 9F 90 25 7A 9D BF 18 19 0D 97 FC BE DD 02 97 1C A9 B9 A7 86 3D 6A 3E 21 0F FB FF 0A F9 39 C3 F2 BA 13 FA 38 67 F5 3A 13 13 92 65 E2 A6 7F 85 73 50 E5 CF 89 2C F8 B0 F2 68 0A A2 2E 7F 6A 02 7F 2E A4 FB 38 CD 44 8C B5 C7 71 6B BF 60 BB 0A D1 5E 3A 69 32 3A B3 05 80 84 E8 E1 C0 87 73 AC 6A 45 1E 5E 79 F7 D7 22 F3 35 17 2A 9B 48 89 FC 67 19 88 F6 3B 9E C6 B2 C9 B5 89 27 7F 14 3D 20 0C 4D 41 22 E6 B9 EE 3D F4 B0 B6 B7 77 FC 45 BE 9A 10 5F 3A 23 3E 16 1B 32 7D 8C 46 7E 48 0E 4E 32 61 8E 52 81 4E 3F 1E DF 25 65 28 73 A2 04 FB A5 E7 93 89 03 DA 0B 61 67 C9 D0 15 AB A3 04 DF C2 48 C2 94 26 7B 8C 4F E1 A5 0A 43 B0 97 72 EE 9A E9 97 77 E3 FC B3 EB 7D B0 76 62 48 80 4E 16 16 8F D0 6F A7 5A F5 2B 9E 52 91 99 F2 10 CA 15 33 36 AA 99 90 5C 05 0C 93 80 7F 34 17 6C 24 1A 8F 9C ED 48 1C CF 75 56 69 68 2F 18 2F D0 A5 43 93 1B 51 A9 C7 A1 0E 10 92 58 75 18 5F E5 AD FB 87 2B E9 16 0C C5 F1 5F 18 B7 5E AF 6B CC 8D 49 D1 8B D6 D8 E7 D9 B3 F1 0F C4 42 27 23 59 63 BD 6A AB 3B 86 SIGN SHA512 FINGERPRINT (64): DA E8 89 9A 97 57 9D 9E 99 12 3B E4 C6 EB 8B C0 05 18 85 8B 6B 45 87 82 FB 0A 33 42 08 DD 51 0B 08 26 D1 D5 FF 8A 06 6A 63 B7 16 B2 88 21 44 99 01 3D 1F B9 DB 4F 04 5C 8C 65 7A 62 8B 9D 96 1F Loaded certificate: 2 Loaded 2 certificates Usage: ./tlssimple host=google.com port=443 requested_file=/
Initializing dependencies Message type: 15, length: 2 ALERT MESSAGE 02 28 Consumed -12 bytes ERROR IN CONSUME: -12 SSL write error -6
Could you help me check the problem, thanks! here is my build command : "gcc tlssimple.c -o tlssimple-ltomcrypt -ltommath -DLTM_DESC -DDEBUG -DNO_TLS_13" and certifacetes:
Bundle of CA Root Certificates
Certificate data from Mozilla as of: Wed Jan 20 04:12:04 2016
This is a bundle of X.509 certificates of public Certificate Authorities
(CA). These were automatically extracted from Mozilla's root certificates
file (certdata.txt). This file can be found in the mozilla source tree:
http://hg.mozilla.org/releases/mozilla-release/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt
Conversion done with mk-ca-bundle.pl version 1.25.
SHA1: 0ab47e2f41518f8d223eab517cb799e5b071231e
-----BEGIN CERTIFICATE----- MIIGaDCCBFCgAwIBAgIJANgQsn9/ZtUqMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYD VQQGEwJVUzEVMBMGA1UECBMMUGVubnN5bHZhbmlhMSQwIgYDVQQKExtMdXRyb24g RWxlY3Ryb25pY3MgQ28uIEluYy4xFDASBgNVBAcTC0Nvb3BlcnNidXJnMUUwQwYD VQQDEzxMdXRyb24gSW50ZWdyYXRvciBQcm9ncmFtIERldmVsb3BlciBQb3J0YWwg SW50ZXJtZWRpYXRlIDIwMjIwHhcNMTUxMDMxMDAwMDAwWhcNMjMxMTA2MDAwMDAw WjBwMQswCQYDVQQGEwJDTjEOMAwGA1UECBMFQW5odWkxDjAMBgNVBAcTBUhlZmVp MSkwJwYDVQQKEyBOYW5qaW5nIFNoYW5namluZ3RpYW4gVGVjaG5vbG9neTEWMBQG A1UEAxMNd3d3LmlyYWNjLm5ldDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC ggIBANv8KSkm/nShE4fSjyH+8FqDvkIvXsEWm9Ys0HrzmSSCJLIwAE1cNVwGHtjk PMwFrefadftyk2AvoWlLctKIAW1b4ziy0LTcsDpqNTZBBXUXRAkbYjuqzchVEKvd vgQa/pl+TaoSS0rUexHN31fVwruf60hOH0uppWO61bm6oNDKSwll/i0D1I89s9Dx xS8NPGcV4djVtBClVVkzJntuQKp7v15RiQRoiwz+vu3m5wA4zKysVxsvb9UZkTRF cpQm8soQI2rZHyccRtEjxwAQwXXjkLpdQdjjvvsfXXnM2SvN5BPGe5Zocx0eWMWe 4ozCyZyQ3kmFGiR9GZgDqDnUm+m2zrTuvSsRVZr90sy8/2+JVX3WLKZJV+8qCuz2 J2ZcUXuJ4vBSvrPA5FWqdnYXUCWAWE/vfBOlEposF6pzOZhdM76kaGidJndmoq+N 9QXlh3hhwoi1kdCLgVM/Fzeb7V5GVnd6sZnynUgNHA7QaUzjh+3zqnyXOvpi7GfI iqwKSSGetZ71Vq8rxGwOuIfJ6CmcwhqwyV0N52iBqLZ6nNIW2UKyZkBKO9nGrq43 o33/kUXl8qtiY1TG4DSzxYGM9BFEOv4lohacSE8WyBl6YUZrve8OPX6xPr3cp7na 1GzxbmQBMHIBBw+caAjP8rNPTi3UwULG8qX0XGcOTkwE0ryLAgMBAAGjgcwwgckw DgYDVR0PAQH/BAQDAgG+MBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFOt9 874a8hiWRx6EhrOZ575wuD3bMB8GA1UdIwQYMBaAFCp/7xGg/MyBo2EB+U3/d1jO LwqQMBgGA1UdEQQRMA+CDXd3dy5pcmFjYy5uZXQwSQYKKwYBBAGCuQkBAQQ7DDl7 IkRldmljZVR5cGVzIjpbIlJBMlNlbGVjdE1haW5SZXBlYXRlciIsIkhXUVNQcm9j ZXNzb3IiXX0wDQYJKoZIhvcNAQELBQADggIBABP0BdXCGPs546Y98pyIxFwjD0vo LOjF/GaRQcD9HMqt/5bITa7g76HLjbCoREwi5U+znrnCgxHx4dK5cSrEVXlXiGJN 2sScKi4Cw0LI10wbG+nxSaBFCJhzYzmCaKwIK4fCuGX00nfkS1sGckyYsVYeMn7m XBRkR5k419OWeAzqNkYzsLlhffzvYtGh+xp2GEAM6TByQWIg7/6pp+oedGPIhT/U 7+Z4wls4WbQsYB2dZTD8Xnbby4gxxtHmmnQW3WIK6uktZYbSA6ViopYqj9WzjKuW a5s5trCU10AMnaGLoh5zkUlcjLRTyxtxQ/o2wOBbRLT5Arj/P9bdBCOdeYncHJ1C 3GQqyVBHBKTVSyBszn6Ai7bSLXbKt3PISCW6dj49k+s/ZAGE8Bd+5i3RJKTc0BHV 31TIkVrt5RKQBEXMZoLj3odxjTByWQU7sQttZV355gD9z9prNk0K6ozrSxINjuEk 8wVFXqHlA8WkBcG9FBIdhwEIBimAQGjnbalY/V0gHpLGvrg/IdBynbM5uwDqGgKh swafpaXgFGEXCBeRcSbh1dLW8SJV+XmTSCMRJeXy7OhoTWN8aWSpIlQGr8AMf00g +lk1JCwjSs8yTDUk5R9zjlK94V3w434NS8uKiy7uWDgCBh7X/maopboMkVHWcp0f V8Yk7KzGkq2CE8um -----END CERTIFICATE-----
-----BEGIN CERTIFICATE----- MIIHyjCCBLKgAwIBAgIBUDANBgkqhkiG9w0BAQ0FADCBmzELMAkGA1UEBhMCVVMx FTATBgNVBAgTDFBlbm5zeWx2YW5pYTElMCMGA1UEChMcTHV0cm9uIEVsZWN0cm9u aWNzIENvLiwgSW5jLjEUMBIGA1UEBxMLQ29vcGVyc2J1cmcxODA2BgNVBAMTL0x1 dHJvbiBJbnRlZ3JhdG9yIFByb2dyYW0gQ2VydGlmaWNhdGUgQXV0aG9yaXR5MB4X DTE1MTAzMTAwMDAwMFoXDTM4MDEyNTAwMDAwMFowgacxCzAJBgNVBAYTAlVTMRUw EwYDVQQIEwxQZW5uc3lsdmFuaWExJDAiBgNVBAoTG0x1dHJvbiBFbGVjdHJvbmlj cyBDby4gSW5jLjEUMBIGA1UEBxMLQ29vcGVyc2J1cmcxRTBDBgNVBAMTPEx1dHJv biBJbnRlZ3JhdG9yIFByb2dyYW0gRGV2ZWxvcGVyIFBvcnRhbCBJbnRlcm1lZGlh dGUgMjAyMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK8fyOUiQGtu k5vgOh76+kEzcSZzW/P9xeUhlU/Q7wq3VHaqOybIsUmkKDQ6O0RSSk0+RyubLjEy r/+Aa4babgf0M5VwWPb7/zSRwAlu1vPH/v0KiAiwhwQAntXua6EIbNjGoN48O1D+ rMtWx3BuBSZJJ2mLVU5uhczgykr+p2dtp7zl3xd1fR9pE7x+PewlaK1byOeSMSze +dIMNDkPugBa8E0sCdQLRXTLRVBaxA16YgeZR63oovLT9fJJWd6hAU30WPK2xT1C tLJDkrYScBNQtcNLv+wD1EjmkjhofVJKv03D7mxcinY80j7a08jP7cXAUmrRX2oC PapKx052cmvqdJZl1q6rZdLOzTK9QJgsSbuIid7we3k6kS0SqRuiuEdH6CiR38SL gu4EV2jnKQPUuf9HToJzaeYcZ7yE7/zEEdRB4jnGionYywT9cQM4e+hThmP9fY40 LMoXTZzTIVVZaBgrGTevC0y0VaZFfeZOcBdvaTh764CEVH88EjbN9mGDgMaa3JrN gb9wndu4dB9qiFuwicSWTW5YqxMk4UGCIxhusXHnU0Op7cur9agR6ChvzIP31Wbh m/6xMaLPOMh8XPU4Rrw9XmxRIViOTq6EG5YqKdgXJ5Kr/K0d7tHWNBCadLJotaNy tSloskNILPQp4hcoRsj2olBf1UoyFh4tAgMBAAGjggEJMIIBBTAMBgNVHRMEBTAD AQH/MB0GA1UdDgQWBBQqf+8RoPzMgaNhAflN/3dYzi8KkDCByAYDVR0jBIHAMIG9 gBQRAc+f7PZrZt3M/1cgb9MkuZs0SqGBoaSBnjCBmzELMAkGA1UEBhMCVVMxFTAT BgNVBAgTDFBlbm5zeWx2YW5pYTElMCMGA1UEChMcTHV0cm9uIEVsZWN0cm9uaWNz IENvLiwgSW5jLjEUMBIGA1UEBxMLQ29vcGVyc2J1cmcxODA2BgNVBAMTL0x1dHJv biBJbnRlZ3JhdG9yIFByb2dyYW0gQ2VydGlmaWNhdGUgQXV0aG9yaXR5ggEBMAsG A1UdDwQEAwIBvjANBgkqhkiG9w0BAQ0FAAOCAwEAZn7cG2YSuS66XBaDgd8+4inZ NmPKLrp9pSpXL94RX73PCWqtkcr1yHW9mAN6+dNU5766pS1ZOk4/X6nB1QglFWWS QPvqTakxPnhnXigS5Nwx5X+6VVBXMvKIVXmvNIU2nENaQIjoITHr7slkiJ1/FeJy 52/vHfqS3AEahhumXeTAR31gUcx/j4NcfCP2gp2cno53a94JztIDMBT+5weh2Eoc aZ87oxLZBZkUdmst5KZ9dUHI21+LTKQjBHYuxcnlN7SE8Ao5cmOyvhW+H65ylv7U h7VKlq/8rkOnKE0Zl3NbkQ0fjk5AUICGDAZwsppNLIdV4u5TyZvxj4zBhyAOsAkJ a+BHWvuicPrq9YLXVFxfIRUaNwG1g8y2DV8GsTR1YSjyfzs5PaOpXoUYkzihSJYe /yPkeC9qWAFZWrCu8uDUQNB0nuHZvaf/HauMG+X2oEQ+VWxxqxvdhNRe1xDg6nZq tF6aAgPpnOlDI2opWQ/h7pJ1nA/B0zGp38F3eVLV6vNG1ooMaCQIrGaPJMihk35W aS0saaf14dNe+h/YoUMpBRMT0cuZ8r5lqHUr6ngMl/1ew/mfPc2scNIhkp+QJXqd vxgZDZf8vt0ClxypuaeGPWo+IQ/7/wr5OcPyuhP6OGf1OhMTkmXipn+Fc1Dlz4ks +LDyaAqiLn9qAn8upPs4zUSMtcdxa79guwrRXjppMjqzBYCE6OHAh3OsakUeXnn3 1yLzNRcqm0iJ/GcZiPY7nsayybWJJ38UPSAMTUEi5rnuPfSwtrd3/EW+mhBfOiM+ FhsyfYxGfkgOTjJhjlKBTj8e3yVlKHOiBPul55OJA9oLYWfJ0BWrowTfwkjClCZ7 jE/hpQpDsJdy7prpl3fj/LPrfbB2YkiAThYWj9Bvp1r1K55SkZnyEMoVMzaqmZBc BQyTgH80F2wkGo+c7Ugcz3VWaWgvGC/QpUOTG1Gpx6EOEJJYdRhf5a37hyvpFgzF 8V8Yt16va8yNSdGL1tjn2bPxD8RCJyNZY71qqzuG -----END CERTIFICATE-----