Windows error 0x8009310B, -2146881269

Detailed Error Information

CRYPT_E_ASN1_BADTAG[1]

MessageASN1 bad tag value met.
Declared inwinerror.h

HRESULT analysis[2]

FlagsSeverityFailure
Reserved (R)false
OriginMicrosoft
NTSTATUSfalse
Reserved (X)false
FacilityCode9 (0x009)
NameFACILITY_SSPI[2][1]
DescriptionThe source of the error code is the Security API layer.[2][1]
Error Code12555 (0x310b)

Questions

4votes
0answers

CryptDecodeObjectEx Bad Tag ERROR (0x8009310b)

I have a .cer file. I can read it and write a buffer via ReadFile() function. Now I have buffer and datalen which I had. And I use that buffer and len for calling CryptDecodeObjectEx() function like below line if ( !CryptDecodeObjectEx( X509_ASN_ENCODING, X509_PUBLIC_KEY_INFO, (BYTE* )pemPubKey, readLen, CRYPT_DECODE_ALLOC_FLAG, NULL, &publicKeyInfo, [...] read more
c
windows
winapi
getlasterror
3votes
1answer

CSR failing: Error Parsing Request ASN1 bad tag value met (ASN: 267 CRYPT_E_ASN1_BADTAG)

I am trying to submit a CSR request in the following way: require 'openssl' require 'json' def public_key_info key_info = private_key.public_key.to_pem key_info = key_info.sub! '-----BEGIN PUBLIC KEY-----', '-----BEGIN CERTIFICATE REQUEST-----' key_info = key_info.sub! '-----END PUBLIC KEY-----', '-----END CERTIFICATE REQUEST-----' key_info end # "Creating a new 2048bit RSA Keypair..." def private_key [...] read more
ruby-on-rails
ruby
ruby-on-rails-3
openssl
rsa
2votes
3answers

error generating signed CSR with javacard (asn1 bad tag value)

I have generated key pair in a java card and return public key. I generate public key again in android app and then the CSR in android private byte[] CertReqGeneration() throws Exception { if(publickeyobj==null) return null; String info = "CN=cn, OU=ou, O=o, C=cn, ST=city"; X500Principal x500 = new X500Principal(info); X500Name [...] read more
android
bouncycastle
javacard
csr
2votes
1answer

Windows 2008R2 CA & OpenSSL CSR: Error parsing CSR ASN1 bad value met

I am using the OpenSSL C API to build a CSR. The code is as follows: static void seedPRNG() { const int openSSLseedsize = 128; uint8_t *openSSLseed = NULL; openSSLseed = malloc(openSSLseedsize * sizeof(uint8_t)); //printf("%d\n\n", openSSLseedsize); // random number generator SecRandomCopyBytes(kSecRandomDefault, openSSLseedsize, openSSLseed); for (unsigned i = 0; i < [...] read more
c
openssl
certificate
x509
csr
2votes
1answer

ASN1 Bad tag value met when using CertCreateCertificateContext with WinCrypt

What am I doing wrong here? I keep getting error 0x8009310b (ASN1 bad tag value met) when creating a certificate context. I know the certificate I'm testing with is good. I exported it from the intermediate store using DER, Base-64 and P7B formats. All three scenarios fail. int _tmain(int argc, [...] read more
winapi
certificate
public-key-encryption
1vote
0answers

(SSL)windows secure Channel doesn't allow pemkeyfile has password

if I compile the c driver with -DENABLE_SSL=WINDOWS (windows secure Channel), connection would be failed if the client pem key file has password. the error info of log: -------------------------------------------------------------------------------- > [error@stream-secure-channel] Failed to parse private key. ASN1 bad tag value > me t. (0x8009310B) [warning@stream-secure-channel] a client certificate has > [...] read more
mongodb
ssl
mongo-c-driver
1vote
0answers

OpenSSL incompatibility with Windows API

I am trying to use a timestamp service in both php and windows. My problem is that, what openssl outputs is not seem to be compatible with CryptVerifyTimeStampSignature(). To generate and upload the request in Windows, I use the CryptRetrieveTimeStamp(): CRYPT_TIMESTAMP_CONTEXT*re; CRYPT_TIMESTAMP_PARA r = { 0 }; r.fRequestCerts = true; [...] read more
php
winapi
curl
openssl
timestamp
1vote
0answers

Verify rsa signature with CryptoApi

I'm trying to calculate message rsa signature in python 2 code using rsa or pyopenssl package and verify it with microsoft CryptoApi. Unfortunately, CryptVerifySignature is always reporting error 0x80090006: Invalid signature. My python code: import rsa from OpenSSL import crypto private_key = "-----BEGIN RSA PRIVATE KEY-----\nMIICWwIBAAKBgQDFloLNqx8YZHc8D5Pk6TniJo5nwdvObNilEih2VZtTPCHooa/A\nUhz0mqh/lOKkskDNa5RCz4iTWy7wug2v+1GGlFp9jEtYq6foVu8N9DChvc8OIVV1\n4PgyFCCbCJOi5ccVUh5KBCyO8FtxHiS6a8wE3glSwsUGfzpMdrfKCYENRwIDAQAB\nAoGAJOcHZwIevJ+G5WDDbm1gsiwhTJ+YPeV2UN4jUHaMm+8PJjOMb47meYipD6ru\n6XOhRrxg5Fl+WIcfLTaSd9uoTfYIJArTPF6R2EAkcPGeil3mMSDMwqTz5eStOI/q\nRkMryHN5lCOWkm3dWXNmT/75rnqJ4dFGE1iw5dL4OJbovQECQQDyabjCqIjsTHZW\nIohqQaZAbO+wLvP4IgeUvJ31CR5Xms61FUUOe5WEs6GnSfZlsdzun+58DBEsjo7J\ncqbZxTD5AkEA0KmdPO9LMSweTSqIbH72NcIuW8cQGI2oJKNLG4Ncc7GN6ElyHJ7H\nIbRfrb2UupsLvLTDFLIrOdGWG74JGkoAPwJARGJ+tKtGtSJ835+uTAtpExOoKlOU\nj5NKADOVe+KupJgPaBYv/P3wGBd0qvS6hcW/RbHoXSYqUh+FOF8Xoqd2QQJAJeuN\nHbPHEGqaHx/ppv3ztJVTY25rqGql8fKTBa77sDLGPT6LtFPOkHt9H8/iJX9jxKl9\nAlfWry09gFEqylJEdQJAHEA0/fDR+yHxxx4w9QnfbPtn0RNHQbBzKx0K37hMu/tE\n0wxp8BFWEs5YAWWNw82ft5yOg81MH1n8iCIHzWTKrw==\n-----END RSA PRIVATE KEY-----\n" message [...] read more
python
c++
cryptoapi
pyopenssl
1vote
1answer

CSR submitted to IIS CA fails due to ASN1 value

I have generated a private key / CSR from pyOpenSSL - code snippet below: Key: key = crypto.PKey() key.generate_key(type, bits) if os.path.exists(_keyfile): print "Certificate file exists, aborting." print " ", _keyfile sys.exit(1) else: f = open(_keyfile, "w") f.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, key)) f.close() return key CSR: req = crypto.X509Req() # Return an X509Name [...] read more
python
unicode
openssl
csr
pyopenssl
0votes
1answer

Getting ASN1 bad tag error when trying to complete certificate request in IIS7

I have a multi-domain certificate I'm trying to install on IIS 7.0. When I use the IIS manager to complete certificate request, I get the error: There was an error while performing this operation. Details: CertEnroll::CX509Enrollment::p_InstallResponse: ASN1 bad tag value met. 0x8009310b (ASN: 267) One possible solution I found was [...] read more
windows-server-2008
iis
iis-7
ssl-certificate
certificate
0votes
0answers

How to verify detached PKCS7 signature with signtool

We have a file, say, scup.jpg, that we want to sign and (later) verify with signtool. For embedded content we execute signtool.exe sign /p7 .\ /p7ce embedded /p7co 1.2.840.113549.1.7.2 /a /f .\pfx.p12 /p "somepass" .\scup.jpg and it produces a file named scup.jpg.p7 that is verifiable with the folowing command: signtool.exe [...] read more
cryptography
digital-signature
0votes
1answer

RSA Public key encryption using modulus and exponent

I want to generate a public key using RSA with given Modulus and Exponent values. public static string RSAPublic(string toEncrypt) { var crypt = AsymmetricKeyAlgorithmProvider.OpenAlgorithm(AsymmetricAlgorithmNames.RsaPkcs1); var buffer = CryptographicBuffer.ConvertStringToBinary(toEncrypt, BinaryStringEncoding.Utf8); string publikKey = modulus + exponent; publikKey.Replace("\r\n", ""); var plainTextBytes = System.Text.Encoding.UTF8.GetBytes(publikKey); string pk = System.Convert.ToBase64String(plainTextBytes); IBuffer keyBuffer = CryptographicBuffer.DecodeFromBase64String(pk); [...] read more
c#
encryption
windows-phone-8.1
rsa
win-universal-app
0votes
1answer

Use PGP public key to cipher with Windows CryptoApi in C++

I don't know if this is possible at all. A pair of RSA keys are generated with GNUPG, and the public key is exported to a file. My program receives such file and then it has to encrypt some data with the public RSA key in that file. The program [...] read more
c++
encryption
cryptoapi
gnupg

Comments

Leave a comment

(plain text only)

Sources

  1. winerror.h from Windows SDK 10.0.14393.0
  2. https://msdn.microsoft.com/en-us/library/cc231198.aspx

User contributions licensed under CC BY-SA 3.0