Bug 1474675
| Summary: | CMCRequest: self-signed cmc request has ASN.1 Error: Object has zero length | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 8 | Reporter: | Geetika Kapoor <gkapoor> |
| Component: | pki-core | Assignee: | RHCS Maintainers <rhcs-maint> |
| Status: | CLOSED WONTFIX | QA Contact: | PKI QE <bugzilla-pkiqe> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 8.2 | CC: | afarley, ascheel, mharmsen, sveerank |
| Target Milestone: | rc | Keywords: | Triaged |
| Target Release: | 8.2 | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2020-12-01 07:29:19 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
[20171025] - RHEL 7.5 / RHCS 9.3 pre-Alpha Offline Triage ==> 7.6 Per RHEL 7.5.z/7.6/8.0 Triage: 7.6 Moved to RHEL 7.7. After evaluating this issue, there are no plans to address it further or fix it in an upcoming release. Therefore, it is being closed. If plans change such that this issue will be fixed in an upcoming release, then the bug can be reopened. The needinfo request[s] on this closed bug have been removed as they have been unresolved for 1000 days |
Description of problem: CMCRequest: self-signed cmc request has ASN.1 Error: Object has zero length I have observed that it happens to every self-signed cmc request, but not others. Although the requests still get processed by the CA without issues. <snip> 2581 0: [0] : Error: Object has zero length. </snip> Version-Release number of selected component (if applicable): pki-ca-10.4.1-11.el7.noarch How reproducible: always Steps to Reproduce: 1.Generate a cmcrequest for self signed certificate http://pki.fedoraproject.org/wiki/PKI_10.4_CMC_Feature_Update_%28RFC5272%29#Self-Signed_CMC_Request_Example_.28with_IdentityProofV2.29 Actual results: Expected results: Need to understand why we get this and how to resolve it? Additional info: dumpasn1 format shows one error: [root@pki1 certs_db]# dumpasn1 self-signed/cmc.self.req 0 2978: SEQUENCE { 4 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2) 15 2963: [0] { 19 2959: SEQUENCE { 23 1: INTEGER 3 26 15: SET { 28 13: SEQUENCE { 30 9: OBJECT IDENTIFIER sha-256 (2 16 840 1 101 3 4 2 1) 41 0: NULL : } : } 43 2534: SEQUENCE { 47 8: OBJECT IDENTIFIER '1 3 6 1 5 5 7 12 2' 57 2520: [0] { 61 2516: OCTET STRING, encapsulates { 65 2512: SEQUENCE { 69 188: SEQUENCE { 72 81: SEQUENCE { 74 1: INTEGER 1 77 8: OBJECT IDENTIFIER '1 3 6 1 5 5 7 7 22' 87 66: SET { 89 64: OCTET STRING : BC E0 F7 45 B8 CD AE FE A0 06 DD 4B 55 77 38 18 : 02 D3 16 CB 3E E2 B1 BE AD C7 FF EA C0 49 4C FC : 7A 06 51 14 B0 36 0B 26 26 56 6D B0 FA C8 96 48 : 02 8B B2 FA 93 7A 87 39 A8 5D B0 7B DF 9E 22 67 : } : } 155 25: SEQUENCE { 157 1: INTEGER 1 160 8: OBJECT IDENTIFIER '1 3 6 1 5 5 7 7 2' 170 10: SET { 172 8: UTF8String 'testuser' : } : } 182 76: SEQUENCE { 184 1: INTEGER 2 187 8: OBJECT IDENTIFIER '1 3 6 1 5 5 7 7 34' 197 61: SET { 199 59: SEQUENCE { 201 11: SEQUENCE { 203 9: OBJECT IDENTIFIER : sha-512 (2 16 840 1 101 3 4 2 3) : } 214 10: SEQUENCE { 216 8: OBJECT IDENTIFIER : hmacWithSHA256 (1 2 840 113549 2 9) : } 226 32: OCTET STRING : 97 9C CB 2E 2F DD 06 D2 2A C1 0B 49 6B 04 41 1F : B5 D9 74 7C DF 30 31 CF 3D C4 DD E0 48 A0 B4 6B : } : } : } : } 260 2313: SEQUENCE { 264 2309: [1] { 268 2025: SEQUENCE { 272 1: INTEGER 1 275 389: SEQUENCE { 279 1: [0] 02 282 59: [5] { 284 57: SEQUENCE { 286 13: SET { 288 11: SEQUENCE { 290 3: OBJECT IDENTIFIER : organizationalUnitName (2 5 4 11) 295 4: PrintableString 'test' : } : } 301 23: SET { 303 21: SEQUENCE { 305 10: OBJECT IDENTIFIER : userID (0 9 2342 19200300 100 1 1) 317 7: PrintableString 'Testing' : } : } 326 15: SET { 328 13: SEQUENCE { 330 3: OBJECT IDENTIFIER commonName (2 5 4 3) 335 6: PrintableString 'Test11' : } : } : } : } 343 290: [6] { 347 13: SEQUENCE { 349 9: OBJECT IDENTIFIER : rsaEncryption (1 2 840 113549 1 1 1) 360 0: NULL : } 362 271: BIT STRING, encapsulates { 367 266: SEQUENCE { 371 257: INTEGER : 00 B8 50 41 39 CB 52 08 DE C2 76 D5 53 6E 9D D6 : 72 93 2F 06 EF 9E 7F D5 1D 57 7D 97 E9 06 4B 1F : A8 73 FF 35 F6 0C B6 83 55 1A 94 5A 4A 16 99 96 : D4 8E 31 36 29 D5 6C 45 6B AB A3 6F CD 24 AD F2 : B9 AB C3 B6 37 61 E2 14 CA E3 5B F4 40 A6 BD 2B : 52 8E 22 0C BF 02 5B 0A AC D8 B2 E6 56 F7 2F 80 : 0A C6 F5 DC 92 00 69 55 FC CB EF 1C 1F 41 9E DD : C7 7D 11 13 E4 1B B5 BC 5F 0F 23 8E 6C A3 FC F3 : [ Another 129 bytes skipped ] 632 3: INTEGER 65537 : } : } : } 637 29: [9] { 639 27: SEQUENCE { 641 3: OBJECT IDENTIFIER : subjectKeyIdentifier (2 5 29 14) 646 20: OCTET STRING : 90 B1 76 39 9C BE FE 62 2F DC 9F 5A 5C 83 FD 81 : 03 D3 6A 6B : } : } : } 668 1625: SEQUENCE { 672 1548: SEQUENCE { 676 9: OBJECT IDENTIFIER : pkiArchiveOptions (1 3 6 1 5 5 7 5 1 4) 687 1533: [0] { 691 1529: SEQUENCE { 695 29: [1] { 697 9: OBJECT IDENTIFIER : aes128-CBC (2 16 840 1 101 3 4 1 2) 708 16: OCTET STRING : 9D 16 33 58 F2 E7 C5 F3 F5 51 F0 F8 AE E0 DA AB : } 726 257: [2] : 00 1E 9C 61 1D AB 75 8B FB 4C 7F FE F1 60 61 50 : 80 E6 82 FA C0 BE 74 A7 7B 29 5C DE 3B 44 8B 88 : B6 E9 16 E9 E0 92 5A 91 41 D3 50 CB 79 4F 24 82 : 58 FC D5 40 5D 13 B9 76 D9 D0 4D 11 50 7C ED 33 : 2D DA 23 B7 51 7D D5 AF 4B 20 52 08 CF 9E 3B 40 : 8C 92 15 8A 44 AE 95 D2 8F 94 79 B6 70 2F F5 DA : 87 63 26 49 4E 5A 7E 45 B7 45 5B 92 EB 7D 72 01 : 14 82 5D 6E 01 E0 A4 17 1F EB 3D 0C 89 B5 8C 6F : [ Another 129 bytes skipped ] 987 1233: BIT STRING : 50 D0 11 AB E9 A9 43 29 3B D4 1C 4F 80 CF 3E F1 : 84 8D F7 60 2A E6 54 B3 61 1C 41 ED 5A A3 AD EA : EC 5B A7 60 F4 A5 9C E2 40 CD 6D DC 8B 46 15 0E : 8B CF F2 C0 D7 BB 3D 21 DE 36 EE 11 FE 27 8A AC : 35 40 03 A2 51 A3 05 65 FB 05 85 06 9A DB 71 2F : 43 A0 A2 6B 05 9A D2 7C A3 4C 9F 75 60 EF 29 B9 : D0 0C 4F EC E4 65 F7 57 DE A8 F3 76 13 27 7B 44 : 8E 4E 90 5B 3B 9B 99 9B 4E B8 E4 40 B1 A0 4C 75 : [ Another 1104 bytes skipped ] : } : } : } 2224 71: SEQUENCE { 2226 8: OBJECT IDENTIFIER '1 3 6 1 5 5 7 7 33' 2236 59: SEQUENCE { 2238 11: SEQUENCE { 2240 9: OBJECT IDENTIFIER : sha-256 (2 16 840 1 101 3 4 2 1) : } 2251 10: SEQUENCE { 2253 8: OBJECT IDENTIFIER : hmacWithSHA256 (1 2 840 113549 2 9) : } 2263 32: OCTET STRING : 5B BC 95 92 AB D1 93 03 7B 93 DA F8 25 2D 3F DB : EF 77 D6 83 98 FE 47 8C D0 BF 77 BB 9F 25 3B F4 : } : } : } : } 2297 276: [1] { 2301 13: SEQUENCE { 2303 9: OBJECT IDENTIFIER : sha256WithRSAEncryption (1 2 840 113549 1 1 11) 2314 0: NULL : } 2316 257: BIT STRING : 33 D0 AB D4 94 09 AB BD F2 73 DF B9 3C 7B A3 6A : C7 A6 04 DF 3C 10 E6 9E 3E D1 03 21 DF 26 97 D6 : 91 FA 6E 42 B0 D4 93 61 E1 B0 FC 00 79 A6 32 C3 : 32 4E C7 D3 C0 47 4B 1D 7E 8F 14 9A B3 3E 46 C7 : 89 83 1F AD 74 CA 40 64 E1 F2 12 FA AC 47 CC F4 : 6C A2 76 EA E6 76 B0 35 B2 AB DF 9B 33 A7 20 98 : 05 1C 62 05 EA F9 81 C5 C3 87 12 39 AC 43 1F 10 : A9 EF DB 86 AF 3B A9 52 FA 76 DB E3 4D E3 FB B1 : [ Another 128 bytes skipped ] : } : } : } 2577 0: SEQUENCE {} 2579 0: SEQUENCE {} : } : } : } : } 2581 0: [0] : Error: Object has zero length. 2583 395: SET { 2587 391: SEQUENCE { 2591 1: INTEGER 3 2594 20: [0] : 90 B1 76 39 9C BE FE 62 2F DC 9F 5A 5C 83 FD 81 : 03 D3 6A 6B 2616 13: SEQUENCE { 2618 9: OBJECT IDENTIFIER sha-256 (2 16 840 1 101 3 4 2 1) 2629 0: NULL : } 2631 74: [0] { 2633 23: SEQUENCE { 2635 9: OBJECT IDENTIFIER contentType (1 2 840 113549 1 9 3) 2646 10: SET { 2648 8: OBJECT IDENTIFIER '1 3 6 1 5 5 7 12 2' : } : } 2658 47: SEQUENCE { 2660 9: OBJECT IDENTIFIER messageDigest (1 2 840 113549 1 9 4) 2671 34: SET { 2673 32: OCTET STRING : 62 04 2F 43 8E 94 60 CC 9B 8A 38 D8 52 17 22 18 : 41 11 94 8F 1F AA 6B F7 48 D2 50 3D B3 62 AD 00 : } : } : } 2707 13: SEQUENCE { 2709 9: OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1) 2720 0: NULL : } 2722 256: OCTET STRING : 30 6C 67 10 45 90 7B BD ED 4B 9C 55 1E 6A 0D 5B : 9C 3F 63 D2 65 96 DF 25 29 A0 29 3C 86 09 27 09 : 43 F2 8D 1F E4 B2 49 F5 D2 D6 DE A3 D0 CC E6 A5 : 09 75 3E 7F B9 EE FA D3 36 59 63 DE 9E 79 8B 9F : 7A 40 F9 8A C8 0A 68 58 6D 0D C5 4C 25 CC 6B 36 : A2 27 05 46 9E 3B 31 35 19 D8 B4 DA 63 C0 8E 7C : BB 86 7E 9F 05 17 84 2A 46 35 B8 AE AE 34 B7 D9 : F5 E6 04 19 95 01 A8 0C 88 89 00 1E 79 9A 33 E5 : [ Another 128 bytes skipped ] : } : } : } : } : } 0 warnings, 1 error.