RetrieveMail: Expected ASN.1 type was not found.

Question

When I load signed mail by Rebex.Mail.MailMessage.Load(string), then method failed on following exception during deserialize ASN1:

Neošetřená výjimka: System.Security.Cryptography.CryptographicException: Expected ASN.1 type was not found.
   v svmr.bxvz(Asn1Type arc, Asn1Type ard, Boolean are)
   v svva.Rebex.Security.Cryptography.Asn1.IAsn1Node.xyyk(Asn1Type ggy, Boolean ggz, Int32 gha)
   v svmr.Write(Byte[] buffer, Int32 offset, Int32 count)
   v Rebex.Security.Cryptography.Pkcs.AlgorithmIdentifier.tqsc()
   v Rebex.Security.Cryptography.Pkcs.AlgorithmIdentifier.tqsb(HashingAlgorithmId dxt)
   v Rebex.Security.Cryptography.Pkcs.SignerInfo.GetSignatureParameters()
   v Rebex.Mail.SubjectInfo..ctor(SignerInfo auz, MailSignatureStyle ava)
   v Rebex.Mail.SubjectInfoCollection..ctor(SignedData avc)
   v Rebex.Mail.MailMessage.pkmy(MimeEntity gy)
   v Rebex.Mail.MailMessage.pkms(MimeEntity gr)
   v Rebex.Mail.MailMessage.pkmr(MimeMessage gq)
   v Rebex.Mail.MailMessage.Load(Stream input)
   v Rebex.Mail.MailMessage.Load(String fileName)

PKCS7 signature has following structure: download

I'm testing it on Rebex.Mail version 5.0.7206 on .Net 4.5. At current stage I will not want to validate signature, but I don't find option to skip PKCS7 deserialize. And in faraway future I may be need validate signature.

Do you have any idea where the problem is?
Thank you for any advice.

Answer 1

The error occurs when parsing RSA/PSS signature algorithm's parameters (an RSASSA-PSS-params sequence). This cannot be currently turned off (it is done in order to gather data for MailMessage.Signers collection).
We have not noticed any apparent issue in the PKCS7 signature structure. Tomorrow, I'll send you a link to a debug version of Rebex.Mail that will determine more information about the issue.

---

Update: Please try loading the email using the following build of Rebex Secure Mail: https://www.rebex.net/getfile/be3a934cf8934a0fbb56b490ecd8e41b/RebexSecureMail-HotfixBuild7244-Trial-Binaries.zip

This should produce an exception with Base64-encoded RSA/PSS parameters of the signature - please copy&paste it here. It should make it possible to tell what went wrong.

Comments

Debug version of Rebex Secure Mail throw:
System.Security.Cryptography.CryptographicException: 'Expected ASN.1 type was not found. Parameters: BQA='


I hope it will move you forward
Thank you

---

Thanks! "BQA=" is '05 00', which is an encoding of ASN.1 NULL value. This occurred within an AlgorithmIdentifier structure (within SignerInfo structure's signatureAlgorithm field) which can be found at the end of your PKCS7 structure file (http://www.jantucek.cz/mff/pkcs7.txt):
              SEQUENCE
                OBJECT IDENTIFIER 1.2.840.113549.1.1.10 rsaPSS (PKCS #1)
                NULL

This violates RFC 4055 because this algorithm identifier represents RSA/PSS and is associated with a value, and should therefore include a proper RSASSA-PSS-params sequence:
  "The parameters MUST be present when used in the algorithm identifier associated with a signature value." (Source: https://tools.ietf.org/html/rfc4055#section-3.1)

Therefore, the problem is in the application that created that mail message.

However, this is a rather trivial issue that we can work around safely. We'll enhance our parser to detect this problem and ignore it instead of failing and post a link to a hotfix shortly.

---

Please try the following hotfix that incorporates a workaround:
https://www.rebex.net/getfile/1d2d8d58069643feb55b7d5424eff656/RebexSecureMail-HotfixBuild7245-Trial-Binaries.zip

---

It works. Great. Content of message is corrent.

Method ValidateSignature returns SignatureNotValid/InvalidSignature.
I understand that you follow RFC and parameters missing, but for example, Outlook is able to validate this signature (probably using RFC default values).

Thank you.

---

As far as we know, Outlook does not support RSA/PSS signatures at all. Perhaps the signature is actually RSA-PKCS#1 v1.5, but misrepresented as RSA/PSS? Or are you using any third-party plugin?

This said, the workaround actually does use default parameters where appropriate, but perhaps these don't correspond to actual parameters used to create the signature. To be able to experiment a bit and see if there is a set of parameters that works, we would need access to a sample message.

---

All my sample data are under NDA. I will ask to excception from NDA to this email and I also ask to origin of the email (MUA or library).

I use Outlook without third-party plugin.


Will you release this fix in near future as part of regular version of Rebex Total Pack?

Your support on forum is awesome.
Thank you

---

Thanks!
Yes, this workaround will be released as part of the next version of Rebex Total Pack.
Update: Our latest release includes this workaround: https://www.rebex.net/secure-mail.net/history.aspx#2019R4.1

A sample email with missing RSA/PSS parameters would be helpful to determine the reason for signature validation failure - once you can share any such email with us, we'll look into it. (We also offer a GDPR-compliant solution for submission of user data - contact us at support@rebex.net if you would like to take advantage of it.)