x/crypto/ocsp: asn1 marshal failed with ocsp

[minaevmike]

I am not sure that it is bug in go asn1 or it's in x/ocsp

What version of Go are you using (go version)?

i am using go version go1.8 linux/amd64 and go version go1.7.5 linux/amd64

What operating system and processor architecture are you using (go env)?

GOARCH="amd64"
GOBIN=""
GOEXE=""
GOHOSTARCH="amd64"
GOHOSTOS="linux"
GOOS="linux"
GOPATH="/root/prog/GO"
GORACE=""
GOROOT="/root/tgo/go"
GOTOOLDIR="/root/tgo/go/pkg/tool/linux_amd64"
CC="gcc"
GOGCCFLAGS="-fPIC -m64 -pthread -fmessage-length=0 -fdebug-prefix-map=/tmp/go-build808732534=/tmp/go-build -gno-record-gcc-switches"
CXX="g++"
CGO_ENABLED="1"

What did you do?

i am generating ocsp response with golang.org/x/crypto/ocsp witch use asn1 inside. And after upgrading to go1.8 i have this problems.

package main

import (
    "golang.org/x/crypto/ocsp"
    "crypto/ecdsa"
    "crypto/elliptic"
    "crypto/rand"
    "log"
    "crypto/x509"
    "time"
    "math/big"
    "flag"
    "io/ioutil"
    "os"
)

func main() {
    o := flag.String("o", "output.ocsp", "file to save ocsp response")
    flag.Parse()
    priv, err := ecdsa.GenerateKey(elliptic.P521(), rand.Reader)
    if err != nil {
        log.Fatalf("can't crate key: %v", err)
    }
    issuer := &x509.Certificate{
        RawSubjectPublicKeyInfo: []byte{48, 130 ,1 ,34 ,48, 13 ,6 ,9 ,42 ,134 ,72 ,134 ,247 ,13 ,1 ,1 ,1 ,5 ,0 ,3 ,130 ,1 ,15 ,0 ,48 ,130 ,1 ,10 ,2 ,130 ,1 ,1 ,0 ,189 ,125 ,218 ,247 ,195 ,162 ,125 ,131 ,246 ,91 ,130 ,253 ,219 ,91 ,95 ,174 ,30 ,27 ,117 ,192 ,181 ,25 ,175 ,152 ,36 ,172 ,187 ,87 ,121 ,216 ,53 ,236 ,9 ,30 ,124 ,204 ,148 ,27 ,10 ,208 ,118 ,252 ,14 ,110 ,22 ,163 ,113 ,89 ,167 ,41 ,92 ,97 ,173 ,76 ,36 ,100 ,245 ,209 ,3 ,6 ,89 ,162 ,196 ,71 ,124 ,66 ,34 ,228 ,81 ,251 ,199 ,164 ,149 ,255 ,196 ,169 ,230 ,86 ,68 ,186 ,35 ,39 ,188 ,193 ,70 ,216 ,204 ,203 ,3 ,206 ,9 ,233 ,107 ,57 ,79 ,131 ,95 ,93 ,157 ,42 ,159 ,132 ,207 ,130 ,122 ,247 ,95 ,107 ,207 ,85 ,46 ,117 ,51 ,181 ,26 ,246 ,114, 9 ,130 ,127 ,35 ,189 ,58 ,218 ,225 ,236 ,178 ,67 ,60 ,111 ,184 ,15 ,198 ,103 ,2 ,160 ,237 ,84 ,31 ,12 ,41 ,130 ,75 ,233 ,8 ,10 ,201 ,88 ,97 ,104 ,23 ,56 ,203 ,118 ,198 ,91 ,18 ,178 ,92 ,75 ,113 ,237 ,2 ,25 ,100 ,108 ,79 ,193 ,41 ,51 ,43 ,117 ,136 ,55 ,229 ,74 ,53 ,217 ,34 ,193 ,59 ,155 ,91 ,147 ,200 ,118 ,138 ,102 ,202 ,76 ,47 ,34 ,50 ,207 ,169 ,178 ,74 ,239 ,35 ,240 ,21 ,150 ,30 ,144 ,161 ,52 ,215 ,147 ,172 ,91 ,161 ,85 ,250 ,206 ,3 ,32 ,207 ,20 ,149 ,84 ,188 ,166 ,66 ,44 ,160 ,97 ,137 ,180 ,203 ,150 ,140 ,178 ,248 ,182 ,173 ,161 ,97 ,11 ,174 ,55 ,72 ,225 ,175 ,18 ,181 ,150 ,60 ,249 ,210 ,17 ,246 ,222 ,0 ,61 ,113 ,179 ,2 ,3 ,1 ,0, 1},
        RawSubject: []byte{48, 117 ,49 ,11 ,48 ,9 ,6 ,3 ,85 ,4 ,6 ,19 ,2 ,73 ,76 ,49 ,22 ,48 ,20 ,6 ,3 ,85 ,4 ,10 ,19 ,13 ,83 ,116 ,97 ,114 ,116 ,67 ,111 ,109 ,32 ,76 ,116 ,100 ,46 ,49 ,41 ,48 ,39 ,6 ,3 ,85 ,4 ,11 ,19 ,32 ,83 ,116 ,97 ,114 ,116 ,67 ,111 ,109 ,32 ,67 ,101 ,114 ,116 ,105 ,102 ,105 ,99 ,97 ,116 ,105 ,111 ,110 ,32 ,65 ,117 ,116 ,104 ,111 ,114 ,105 ,116 ,121 ,49 ,35 ,48 ,33 ,6 ,3 ,85 ,4 ,3 ,19 ,26 ,83 ,116 ,97 ,114 ,116 ,67 ,111 ,109 ,32 ,67 ,108 ,97 ,115 ,115 ,32 ,49 ,32 ,67 ,108 ,105 ,101 ,110 ,116 ,32 ,67 ,65},
    }
    responder := &x509.Certificate{
        RawSubject:[]byte{48, 84 ,49 ,37 ,48 ,35 ,6 ,3 ,85 ,4 ,3 ,12 ,28 ,99 ,101 ,114 ,116 ,105 ,102 ,105 ,101 ,100 ,95 ,117 ,115 ,101 ,114 ,95 ,48 ,48 ,64 ,115 ,112 ,117 ,116 ,110 ,105 ,107 ,46 ,114 ,117 ,49 ,43 ,48 ,41 ,6 ,9 ,42 ,134 ,72 ,134 ,247 ,13 ,1 ,9 ,1 ,22 ,28 ,99 ,101 ,114 ,116 ,105 ,102 ,105 ,101 ,100 ,95 ,117 ,115 ,101 ,114 ,95 ,48 ,48 ,64 ,115 ,112 ,117 ,116 ,110 ,105 ,107 ,46 ,114 ,117},
    }
    serial := &big.Int{}
    serial.SetInt64(int64(123321))
    temp := ocsp.Response{
        Status:       ocsp.Revoked,
        SerialNumber: serial,
        ThisUpdate:   time.Now().AddDate(0, 0, -1),
        NextUpdate:   time.Now().AddDate(0, 0, 7),
    }
    b, err := ocsp.CreateResponse(issuer, responder, temp, priv)
    if err != nil {
        log.Fatalf("Can't create response: %v", err)
    }
    err = ioutil.WriteFile(*o, b, os.ModeType)
    if err != nil {
        log.Fatalf("Error at writing file: %v", err)
    }
}

when i run this code on go 1.8 i have no errors, but when i am trying to read this response with openssl i have an error

# openssl ocsp -respin output.ocsp -text
OCSP Response Data:
    OCSP Response Status: successful (0x0)
Error parsing response
140378471253656:error:0D07808F:asn1 encoding routines:ASN1_ITEM_EX_D2I:no matching choice type:tasn_dec.c:350:Type=OCSP_CERTSTATUS
140378471253656:error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error:tasn_dec.c:697:Field=certStatus, Type=OCSP_SINGLERESP
140378471253656:error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error:tasn_dec.c:669:Field=responses, Type=OCSP_RESPDATA
140378471253656:error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error:tasn_dec.c:697:Field=tbsResponseData, Type=OCSP_BASICRESP
140378471253656:error:0D0C706E:asn1 encoding routines:ASN1_item_unpack:decode error:asn_pack.c:205:
    Response Type: Basic OCSP Response

but if i run same code with go1.7 it works fine and openssl run without errors.

Also i found that if i set remplate.RevocationReason to non zero value it also works good on go1.8

[szank]

Revocation time in the template is not set. This is not an optional field. Now, I can't remember how asn1 package handled zero time value. Maybe it have changed in 1.8

Also, could you please post the ans1 encoded blob (output.ocsp) ? And result of openssl asn1parse -inform DER -i -in output.ocsp It would be nice to have the blobs from go 1.7 and 1.8, but the 1.8 one should be enough.

[minaevmike]

After i set revocation time to ocsp response template it works fine on 1.8. go 1.8

# openssl asn1parse -inform DER -i -in output.ocsp 
    0:d=0  hl=4 l= 395 cons: SEQUENCE          
    4:d=1  hl=2 l=   1 prim:  ENUMERATED        :00
    7:d=1  hl=4 l= 388 cons:  cont [ 0 ]        
   11:d=2  hl=4 l= 384 cons:   SEQUENCE          
   15:d=3  hl=2 l=   9 prim:    OBJECT            :Basic OCSP Response
   26:d=3  hl=4 l= 369 prim:    OCTET STRING      [HEX DUMP]:3082016D3081CFA15630543125302306035504030C1C6365727469666965645F757365725F303040737075746E696B2E7275312B302906092A864886F70D010901161C6365727469666965645F757365725F303040737075746E696B2E7275180F32303137303330333131303930305A30643062303C300906052B0E03021A05000414DF5285CF5D3A227FA6C1DA395A17E2240BC2DD6F041424816C3961BE490F8FB71B462BC928B527486D68020301E1B9180F32303137303330323131303931325AA011180F32303137303331303131303931325A300A06082A8648CE3D04030403818C00308188024200FE9B0ED7D52A401779CCF11087E1E5B37ABCD60F0D0B98B135F04407AC9E762DDBAA7B4A1379C430BC7783BB21945EE39AEA90E92C24D35C8DFB92025B4A19CEE6024201725141D272B823FC1B1C5D3F8C6CC7B1D76A5A8B993D6C31B49CC0098BFE97D1E5E86DBEC68D72EDCA796B96C41A1D7F7E2F55D7C48ED56948256C31A887BA4E1D

go 1.7

# openssl asn1parse -inform DER -i -in go17output.ocsp
    0:d=0  hl=4 l= 413 cons: SEQUENCE          
    4:d=1  hl=2 l=   1 prim:  ENUMERATED        :00
    7:d=1  hl=4 l= 406 cons:  cont [ 0 ]        
   11:d=2  hl=4 l= 402 cons:   SEQUENCE          
   15:d=3  hl=2 l=   9 prim:    OBJECT            :Basic OCSP Response
   26:d=3  hl=4 l= 387 prim:    OCTET STRING      [HEX DUMP]:3082017F3081E2A15630543125302306035504030C1C6365727469666965645F757365725F303040737075746E696B2E7275312B302906092A864886F70D010901161C6365727469666965645F757365725F303040737075746E696B2E7275180F32303137303330333131313430305A30773075303C300906052B0E03021A05000414DF5285CF5D3A227FA6C1DA395A17E2240BC2DD6F041424816C3961BE490F8FB71B462BC928B527486D68020301E1B9A111180F30303031303130313030303030305A180F32303137303330323131313430335AA011180F32303137303331303131313430335A300A06082A8648CE3D04030403818B003081870241394250CE9E9F60FC2B720923810F700E4041BF23973AD015829FF6E5DAF66F2F68F0BE0CC6A25AA1AA6F78F3FC90FC6791B189EA03F141E32E7F906322F8E6DEFD024200F5A61C7AAAB234DE14E01EDDD4F1230138E68723E479D1B6052357C0064B0AF30A17EC1A68DC0C16ECEC6F265B975F5140D735FD77C2461F18C2F944B6A3428E03