Download
Browse source Changelog tiny-curl
Documentation
Project   Bug Bounty FAQ   Help us   Known bugs   TODO Protocols   CA bundle   HTTP Cookies   HTTP/2   SSL Certs Releases   Security   Version numbers   Vulnerabilities curl tool   man page   Tutorial   HTTP scripting Videos Who and Why
libcurl
ABI API Competitors Examples Features Mailing list Related libs Using libcurl Tutorial Testimonials
Get Help
curl-library curl-users IRC / chat Mailing lists Everything curl [book] Video presentations Report a bug Paid support
Development
Autobuilds Code review Code style Contribute Dashboard Deprecate Internals Release Notes Release Procedure Roadmap Run Tests Security Process Specifications Test curl
News
Changelog Release table
curl / Mailing Lists / curl-users / Single Mail
Buy commercial curl support from WolfSSL. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder himself.

cacert.pem includes two malformed Trustwave certificates

From: Jeffrey Walton via curl-users <curl-users_at_lists.haxx.se>
Date: Tue, 21 Jun 2022 10:30:37 -0400

Hi Everyone/Daniel,

It appears cacert.pem includes two malformed Trustwave certificates.
We encountered the issue testing some C++ code against cacert.pem (to
ensure all certs could be parsed without error). The Trustwave
certificates were identified and then tested against Gutmann's
dumpasn1. The certificates produced an error with dumpasn1, too:

479 15: SEQUENCE {
481 3: OBJECT IDENTIFIER keyUsage (2 5 29 15)
486 1: BOOLEAN TRUE
489 5: OCTET STRING, encapsulates {
491 3: BIT STRING 7 unused bits
       : '001100000'B
       : Error: Spurious zero bits in bitstring.
       : }
       : }

It appears the Trustwave certs are using two octets for keyUsage
instead of one. The first octet is keyUsage, the second octet is 0.
ASN.1 octets are labeled bits 8 to 1 starting left (msb) and moving
right (lsb). The two octets means the bits are 16...1. When one
inspects the bits per RFC 5280 Section 4.2.1.3, like bit 0 is
digitalSignature, the low order bits are all 0 so key usage is
effectively 'none'.

Here are the certs:

Trustwave Global ECC P256 Certification Authority
=================================================
-----BEGIN CERTIFICATE-----
MIICYDCCAgegAwIBAgIMDWpfCD8oXD5Rld9dMAoGCCqGSM49BAMCMIGRMQswCQYDVQQGEwJVUzER
MA8GA1UECBMISWxsaW5vaXMxEDAOBgNVBAcTB0NoaWNhZ28xITAfBgNVBAoTGFRydXN0d2F2ZSBI
b2xkaW5ncywgSW5jLjE6MDgGA1UEAxMxVHJ1c3R3YXZlIEdsb2JhbCBFQ0MgUDI1NiBDZXJ0aWZp
Y2F0aW9uIEF1dGhvcml0eTAeFw0xNzA4MjMxOTM1MTBaFw00MjA4MjMxOTM1MTBaMIGRMQswCQYD
VQQGEwJVUzERMA8GA1UECBMISWxsaW5vaXMxEDAOBgNVBAcTB0NoaWNhZ28xITAfBgNVBAoTGFRy
dXN0d2F2ZSBIb2xkaW5ncywgSW5jLjE6MDgGA1UEAxMxVHJ1c3R3YXZlIEdsb2JhbCBFQ0MgUDI1
NiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABH77bOYj
43MyCMpg5lOcunSNGLB4kFKA3TjASh3RqMyTpJcGOMoNFWLGjgEqZZ2q3zSRLoHB5DOSMcT9CTqm
P62jQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcGADAdBgNVHQ4EFgQUo0EGrJBt
0UrrdaVKEJmzsaGLSvcwCgYIKoZIzj0EAwIDRwAwRAIgB+ZU2g6gWrKuEZ+Hxbb/ad4lvvigtwjz
RM4q3wghDDcCIC0mA6AFvWvR9lz4ZcyGbbOcNEhjhAnFjXca4syc4XR7
-----END CERTIFICATE-----

Trustwave Global ECC P384 Certification Authority
=================================================
-----BEGIN CERTIFICATE-----
MIICnTCCAiSgAwIBAgIMCL2Fl2yZJ6SAaEc7MAoGCCqGSM49BAMDMIGRMQswCQYDVQQGEwJVUzER
MA8GA1UECBMISWxsaW5vaXMxEDAOBgNVBAcTB0NoaWNhZ28xITAfBgNVBAoTGFRydXN0d2F2ZSBI
b2xkaW5ncywgSW5jLjE6MDgGA1UEAxMxVHJ1c3R3YXZlIEdsb2JhbCBFQ0MgUDM4NCBDZXJ0aWZp
Y2F0aW9uIEF1dGhvcml0eTAeFw0xNzA4MjMxOTM2NDNaFw00MjA4MjMxOTM2NDNaMIGRMQswCQYD
VQQGEwJVUzERMA8GA1UECBMISWxsaW5vaXMxEDAOBgNVBAcTB0NoaWNhZ28xITAfBgNVBAoTGFRy
dXN0d2F2ZSBIb2xkaW5ncywgSW5jLjE6MDgGA1UEAxMxVHJ1c3R3YXZlIEdsb2JhbCBFQ0MgUDM4
NCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTB2MBAGByqGSM49AgEGBSuBBAAiA2IABGvaDXU1CDFH
Ba5FmVXxERMuSvgQMSOjfoPTfygIOiYaOs+Xgh+AtycJj9GOMMQKmw6sWASr9zZ9lCOkmwqKi6vr
/TklZvFe/oyujUF5nQlgziip04pt89ZF1PKYhDhloKNDMEEwDwYDVR0TAQH/BAUwAwEB/zAPBgNV
HQ8BAf8EBQMDBwYAMB0GA1UdDgQWBBRVqYSJ0sEyvRjLbKYHTsjnnb6CkDAKBggqhkjOPQQDAwNn
ADBkAjA3AZKXRRJ+oPM+rRk6ct30UJMDEr5E0k9BpIycnR+j9sKS50gU/k6bpZFXrsY3crsCMGcl
CrEMXu6pY5Jv5ZAL/mYiykf9ijH3g/56vxC+GCsej/YpHpRZ744hN8tRmKVuSw==
-----END CERTIFICATE-----

Here is a dump of the first certificate:

$ openssl x509 -in trustwave-1.pem -inform PEM -out trustwave-1.der -outform DER
$ dumpasn1 trustwave-1.der
  0 608: SEQUENCE {
  4 519: SEQUENCE {
  8 3: [0] {
 10 1: INTEGER 2
       : }
 13 12: INTEGER 0D 6A 5F 08 3F 28 5C 3E 51 95 DF 5D
 27 10: SEQUENCE {
 29 8: OBJECT IDENTIFIER ecdsaWithSHA256 (1 2 840 10045 4 3 2)
       : }
 39 145: SEQUENCE {
 42 11: SET {
 44 9: SEQUENCE {
 46 3: OBJECT IDENTIFIER countryName (2 5 4 6)
 51 2: PrintableString 'US'
       : }
       : }
 55 17: SET {
 57 15: SEQUENCE {
 59 3: OBJECT IDENTIFIER stateOrProvinceName (2 5 4 8)
 64 8: PrintableString 'Illinois'
       : }
       : }
 74 16: SET {
 76 14: SEQUENCE {
 78 3: OBJECT IDENTIFIER localityName (2 5 4 7)
 83 7: PrintableString 'Chicago'
       : }
       : }
 92 33: SET {
 94 31: SEQUENCE {
 96 3: OBJECT IDENTIFIER organizationName (2 5 4 10)
101 24: PrintableString 'Trustwave Holdings, Inc.'
       : }
       : }
127 58: SET {
129 56: SEQUENCE {
131 3: OBJECT IDENTIFIER commonName (2 5 4 3)
136 49: PrintableString
       : 'Trustwave Global ECC P256 Certification Authorit'
       : 'y'
       : }
       : }
       : }
187 30: SEQUENCE {
189 13: UTCTime 23/08/2017 19:35:10 GMT
204 13: UTCTime 23/08/2042 19:35:10 GMT
       : }
219 145: SEQUENCE {
222 11: SET {
224 9: SEQUENCE {
226 3: OBJECT IDENTIFIER countryName (2 5 4 6)
231 2: PrintableString 'US'
       : }
       : }
235 17: SET {
237 15: SEQUENCE {
239 3: OBJECT IDENTIFIER stateOrProvinceName (2 5 4 8)
244 8: PrintableString 'Illinois'
       : }
       : }
254 16: SET {
256 14: SEQUENCE {
258 3: OBJECT IDENTIFIER localityName (2 5 4 7)
263 7: PrintableString 'Chicago'
       : }
       : }
272 33: SET {
274 31: SEQUENCE {
276 3: OBJECT IDENTIFIER organizationName (2 5 4 10)
281 24: PrintableString 'Trustwave Holdings, Inc.'
       : }
       : }
307 58: SET {
309 56: SEQUENCE {
311 3: OBJECT IDENTIFIER commonName (2 5 4 3)
316 49: PrintableString
       : 'Trustwave Global ECC P256 Certification Authorit'
       : 'y'
       : }
       : }
       : }
367 89: SEQUENCE {
369 19: SEQUENCE {
371 7: OBJECT IDENTIFIER ecPublicKey (1 2 840 10045 2 1)
380 8: OBJECT IDENTIFIER prime256v1 (1 2 840 10045 3 1 7)
       : }
390 66: BIT STRING
       : 04 7E FB 6C E6 23 E3 73 32 08 CA 60 E6 53 9C BA
       : 74 8D 18 B0 78 90 52 80 DD 38 C0 4A 1D D1 A8 CC
       : 93 A4 97 06 38 CA 0D 15 62 C6 8E 01 2A 65 9D AA
       : DF 34 91 2E 81 C1 E4 33 92 31 C4 FD 09 3A A6 3F
       : AD
       : }
458 67: [3] {
460 65: SEQUENCE {
462 15: SEQUENCE {
464 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19)
469 1: BOOLEAN TRUE
472 5: OCTET STRING, encapsulates {
474 3: SEQUENCE {
476 1: BOOLEAN TRUE
       : }
       : }
       : }
479 15: SEQUENCE {
481 3: OBJECT IDENTIFIER keyUsage (2 5 29 15)
486 1: BOOLEAN TRUE
489 5: OCTET STRING, encapsulates {
491 3: BIT STRING 7 unused bits
       : '001100000'B
       : Error: Spurious zero bits in bitstring.
       : }
       : }
496 29: SEQUENCE {
498 3: OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14)
503 22: OCTET STRING, encapsulates {
505 20: OCTET STRING
       : A3 41 06 AC 90 6D D1 4A EB 75 A5 4A 10 99 B3 B1
       : A1 8B 4A F7
       : }
       : }
       : }
       : }
       : }
527 10: SEQUENCE {
529 8: OBJECT IDENTIFIER ecdsaWithSHA256 (1 2 840 10045 4 3 2)
       : }
539 71: BIT STRING, encapsulates {
542 68: SEQUENCE {
544 32: INTEGER
       : 07 E6 54 DA 0E A0 5A B2 AE 11 9F 87 C5 B6 FF 69
       : DE 25 BE F8 A0 B7 08 F3 44 CE 2A DF 08 21 0C 37
578 32: INTEGER
       : 2D 26 03 A0 05 BD 6B D1 F6 5C F8 65 CC 86 6D B3
       : 9C 34 48 63 84 09 C5 8D 77 1A E2 CC 9C E1 74 7B
       : }
       : }
       : }

0 warnings, 1 error.

Finally, thanks to _at_chazzmcdaniels on GitHub for reporting the issue.

Jeff 
-- 
Unsubscribe: https://lists.haxx.se/listinfo/curl-users
Etiquette:   https://curl.se/mail/etiquette.html
Received on 2022-06-21