Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Spacy failed to parse a certificate #4536

Open
eldadcool opened this issue Sep 20, 2024 · 0 comments
Open

Spacy failed to parse a certificate #4536

eldadcool opened this issue Sep 20, 2024 · 0 comments

Comments

@eldadcool
Copy link

Brief description

In the TLS workshop in ScapyCon scapy failed to parse a certificate I download from the browser. the certificate was constructed by my company vpn provider (Cato Networks)

It seems the issue was in an unsupported string type for the authority description part

Scapy version

2.6.0rc2.dev2

Python version

3.10.11 64-bit

Operating system

Windows 11

Additional environment information

No response

How to reproduce

Attempt to parse the provided example certificate using scapy:

load_layer("tls")
Cert(cert_path="example_cert.pem")

Actual result

load_layer("tls")
Cert(cert_path="example_cert.pem")
BER_BadTag_Decoding_Error                 Traceback (most recent call last)
File ~\work\Training\Scapycon_TSL_workshop\pyenv\lib\site-packages\scapy\layers\tls\cert.py:675, in _CertMaker.__call__(cls, cert_path)
    674 try:
--> 675     cert = X509_Cert(obj.der)
    676 except Exception:

File ~\work\Training\Scapycon_TSL_workshop\pyenv\lib\site-packages\scapy\base_classes.py:481, in Packet_metaclass.__call__(cls, *args, **kargs)
    475 i = cls.__new__(
    476     cls,  # type: ignore
    477     cls.__name__,
    478     cls.__bases__,
    479     cls.__dict__  # type: ignore
    480 )
--> 481 i.__init__(*args, **kargs)
    482 return i

File ~\work\Training\Scapycon_TSL_workshop\pyenv\lib\site-packages\scapy\packet.py:186, in Packet.__init__(self, _pkt, post_transform, _internal, _underlayer, _parent, stop_dissection_after, **fields)
    185 if _pkt:
--> 186     self.dissect(_pkt)
    187     if not _internal:

File ~\work\Training\Scapycon_TSL_workshop\pyenv\lib\site-packages\scapy\packet.py:1084, in Packet.dissect(self, s)     
   1082 s = self.pre_dissect(s)
-> 1084 s = self.do_dissect(s)
   1086 s = self.post_dissect(s)

File ~\work\Training\Scapycon_TSL_workshop\pyenv\lib\site-packages\scapy\asn1packet.py:55, in ASN1_Packet.do_dissect(self, x)
     53 def do_dissect(self, x):
     54     # type: (bytes) -> bytes
---> 55     return self.ASN1_root.dissect(self, x)

File ~\work\Training\Scapycon_TSL_workshop\pyenv\lib\site-packages\scapy\asn1fields.py:502, in ASN1F_SEQUENCE.dissect(self, pkt, s)
    500 def dissect(self, pkt, s):
    501     # type: (Any, bytes) -> bytes
--> 502     _, x = self.m2i(pkt, s)
    503     return x

File ~\work\Training\Scapycon_TSL_workshop\pyenv\lib\site-packages\scapy\asn1fields.py:486, in ASN1F_SEQUENCE.m2i(self, pkt, s)
    485 codec = self.ASN1_tag.get_codec(pkt.ASN1_codec)
--> 486 i, s, remain = codec.check_type_check_len(s)
    487 if len(s) == 0:

File ~\work\Training\Scapycon_TSL_workshop\pyenv\lib\site-packages\scapy\asn1\ber.py:331, in BERcodec_Object.check_type_check_len(cls, s)
    328 @classmethod
    329 def check_type_check_len(cls, s):
    330     # type: (bytes) -> Tuple[int, bytes, bytes]
--> 331     l, s3 = cls.check_type_get_len(s)
    332     if len(s3) < l:

File ~\work\Training\Scapycon_TSL_workshop\pyenv\lib\site-packages\scapy\asn1\ber.py:322, in BERcodec_Object.check_type_get_len(cls, s)
    319 @classmethod
    320 def check_type_get_len(cls, s):
    321     # type: (bytes) -> Tuple[int, bytes]
--> 322     s2 = cls.check_type(s)
    323     if not s2:

File ~\work\Training\Scapycon_TSL_workshop\pyenv\lib\site-packages\scapy\asn1\ber.py:313, in BERcodec_Object.check_type(cls, s)
    312 if not isinstance(tag, int) or cls.tag != tag:
--> 313     raise BER_BadTag_Decoding_Error(
    314         "%s: Got tag [%i/%#x] while expecting %r" %
    315         (cls.__name__, tag, tag, cls.tag), remaining=s
    316     )
    317 return remainder

BER_BadTag_Decoding_Error: BERcodec_SEQUENCE: Got tag [101/0x65] while expecting <ASN1Tag SEQUENCE[48]>
### Already decoded ###
None
### Remaining ###
b'example_cert.pem'

During handling of the above exception, another exception occurred:

Exception                                 Traceback (most recent call last)
Cell In[1], line 2
      1 load_layer("tls")
----> 2 Cert(cert_path="example_cert.pem")

File ~\work\Training\Scapycon_TSL_workshop\pyenv\lib\site-packages\scapy\layers\tls\cert.py:679, in _CertMaker.__call__(cls, cert_path)
    677     if conf.debug_dissector:
    678         raise
--> 679     raise Exception("Unable to import certificate")
    680 obj.import_from_asn1pkt(cert)
    681 return obj

Exception: Unable to import certificate
>>> 

Expected result

load_layer("tls")
Cert(cert_path="example_cert.pem")
[X.509 Cert. Subject:/C=US/ST=California/L=Los Gatos/O=Websense, Inc./OU=Websense Triton Advance Protection Endpoint/CN=stackoverflow.com, Issuer:/C=US/ST=CA/L=LG/O=Websense, Inc./OU=Websense Endpoint/CN=Websense Public Primary Certificate Authority/[email protected]/[email protected]]

Related resources

example_cert.pem.txt

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant