Bug 23013 - Mono.Security.ASN1..ctor throws OutOfMemory exception on unknown SSL signature formats
Summary: Mono.Security.ASN1..ctor throws OutOfMemory exception on unknown SSL signatur...
Status: RESOLVED FIXED
Alias: None
Product: Class Libraries
Classification: Mono
Component: Mono.Security ()
Version: master
Hardware: PC Linux
: --- normal
Target Milestone: Untriaged
Assignee: Bugzilla
URL:
: 26154 ()
Depends on:
Blocks:
 
Reported: 2014-09-15 12:12 UTC by Jo Shields
Modified: 2015-04-14 03:00 UTC (History)
2 users (show)

Tags:
Is this bug a regression?: ---
Last known good build:


Attachments
test case. run with mono-cert-text.exe /path/to/large/cert/bundle.crt (5.50 KB, text/x-csharp)
2014-09-15 12:12 UTC, Jo Shields
Details
buggy Verisign CA cert (1.25 KB, application/x-x509-ca-cert)
2015-01-19 06:31 UTC, Jo Shields
Details


Notice (2018-05-24): bugzilla.xamarin.com is now in read-only mode.

Please join us on Visual Studio Developer Community and in the Xamarin and Mono organizations on GitHub to continue tracking issues. Bugzilla will remain available for reference in read-only mode. We will continue to work on open Bugzilla bugs, copy them to the new locations as needed for follow-up, and add the new items under Related Links.

Our sincere thanks to everyone who has contributed on this bug tracker over the years. Thanks also for your understanding as we make these adjustments and improvements for the future.


Please create a new report on GitHub or Developer Community with your current version information, steps to reproduce, and relevant error messages or log files if you are hitting an issue that looks similar to this resolved bug and you do not yet see a matching new report.

Related Links:
Status:
RESOLVED FIXED

Description Jo Shields 2014-09-15 12:12:29 UTC
Created attachment 8067 [details]
test case. run with mono-cert-text.exe /path/to/large/cert/bundle.crt

The attached program causes an out-of-memory error when importing an OS certificate bundle, at around the 142nd certificate:

Certificate added: C=US, S=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Hardware
Certificate added: L=ValiCert Validation Network, O="ValiCert, Inc.", OU=ValiCert Class 1 Policy Validation Authority, CN=http://www.valicert.com/, E=info@valicert.com
Certificate added: L=ValiCert Validation Network, O="ValiCert, Inc.", OU=ValiCert Class 2 Policy Validation Authority, CN=http://www.valicert.com/, E=info@valicert.com
Error: System.OutOfMemoryException: Out of memory.
  at (wrapper alloc) object:AllocVector (intptr,intptr)
  at Mono.Security.ASN1..ctor (System.Byte[] data) [0x00000] in <filename unknown>:0 
  at Mono.Security.X509.X509Certificate.get_RSA () [0x00000] in <filename unknown>:0 
  at Mono.Security.X509.X509Store.ImportPrivateKey (Mono.Security.X509.X509Certificate certificate, System.Security.Cryptography.CspParameters cspParams) [0x00000] in <filename unknown>:0 
  at Mono.Security.X509.X509Store.Import (Mono.Security.X509.X509Certificate certificate) [0x00000] in <filename unknown>:0 
  at Mono.Tools.CertSync.Process () [0x00000] in <filename unknown>:0 
  at Mono.Tools.CertSync.Main (System.String[] args) [0x00000] in <filename unknown>:0 

It doesn't seem that X509Stores.TrustedRoot.Certificates grows at all during execution (only after the memory error do all pending cert additions happen).

On a Debian/Ubuntu system, try running the test case with "mono-cert-test.exe /etc/ssl/certs/ca-certificates.crt" (starting with a blank store). On CentOS, try /etc/ssl/certs/ca-bundle.crt.
Comment 1 Jo Shields 2014-09-22 08:40:59 UTC
I was mistaken about the problem - it's specific to two CA certs which Mono isn't happy to parse
Comment 2 Jo Shields 2015-01-19 06:31:22 UTC
Created attachment 9396 [details]
buggy Verisign CA cert

OK, the newly attached cert causes System.OutOfMemoryException:

System.OutOfMemoryException: Out of memory.
  at (wrapper alloc) object:AllocVector (intptr,intptr)
  at Mono.Security.ASN1..ctor (System.Byte[] data) [0x00067] in /home/directhex/Projects/mono/mcs/class/Mono.Security/Mono.Security/ASN1.cs:85 
  at Mono.Security.X509.X509Certificate.get_RSA () [0x00013] in /home/directhex/Projects/mono/mcs/class/Mono.Security/Mono.Security.X509/X509Certificate.cs:334 
  at Mono.Security.X509.X509Certificate.get_IsSelfSigned () [0x00018] in /home/directhex/Projects/mono/mcs/class/Mono.Security/Mono.Security.X509/X509Certificate.cs:517 
  at Mono.Tools.CertificateManager.DisplayCertificate (Mono.Security.X509.X509Certificate x509, Boolean machine, Boolean verbose) [0x0000b] in /home/directhex/Projects/mono/mcs/tools/security/certmgr.cs:378 
  at Mono.Tools.CertificateManager.List (ObjectType type, Mono.Security.X509.X509Store store, Boolean machine, System.String file, Boolean verbose) [0x0002b] in /home/directhex/Projects/mono/mcs/tools/security/certmgr.cs:430 
  at Mono.Tools.CertificateManager.Main (System.String[] args) [0x00204] in /home/directhex/Projects/mono/mcs/tools/security/certmgr.cs:699 

This problem is far more serious than it appears - if this cert has been imported, then SSL validation by Mono is BROKEN (i.e. other, working certs will no longer work, depending on the order certs are parsed)
Comment 3 Jo Shields 2015-01-19 08:12:09 UTC
*** Bug 26154 has been marked as a duplicate of this bug. ***
Comment 4 Jo Shields 2015-01-19 08:33:05 UTC
OK, the certs it chokes on have Elliptic Curve secp384r1 public keys.

With RSA public keys, the first 2 bytes give the data type, then the next 2 give the buffer length in bytes. With RSA, that's 0x30 to start, then a number around 0x81 or 0x82. With EC, the first 2 bytes are 0x04 then the next bytes are rather larger - 0xA2 or 0xA7 in the examples relating to this bug.

Our ASN.1 implementation blindly uses the second pair as "nLength" as per mcs/class/Mono.Security/Mono.Security/ASN1.cs#L69, so on these EC public keys, everything goes wrong.
Comment 5 Jo Shields 2015-01-19 10:25:37 UTC
Proposed fix: https://github.com/mono/mono/pull/1514