5

I've problems verifying a certificate which is signed with ECDSA with SHA384 on Android 6.0 and up. However, it is working for Android 4.1 - 5.1. I tracked it down to an error in the Certificate class. An exception is thrown in the verify method: 

java.lang.RuntimeException: error:0f092074:elliptic curve routines:ec_asn1_pkparameters2group:NON_NAMED_CURVE

Any idea why this is happening with Android 6.0 and how it can be fixed? I already tested it with Spongycastle as a security provider, but the verify function always throws that exception.

Thanks & Regards

Romanski
  • 730
  • 8
  • 27

2 Answers2

5

Finally found the issue - not the verification of the signature itself was the problem, but loading of the intermediate certificate which holds the ec public key. 

    Subject Public Key Info:
        Public Key Algorithm: id-ecPublicKey
        Unable to load Public Key
2536673920:error:0f092074:elliptic curve routines:ec_asn1_pkparameters2group:NON_NAMED_CURVE:external/boringssl/src/crypto/ec/ec_asn1.c:225:
2536673920:error:0f07f076:elliptic curve routines:d2i_ECPKParameters:PKPARAMETERS2GROUP_FAILURE:external/boringssl/src/crypto/ec/ec_asn1.c:253:
2536673920:error:0f08000f:elliptic curve routines:d2i_ECParameters:elliptic curve routines:external/boringssl/src/crypto/ec/ec_asn1.c:503:
2536673920:error:0608808f:public key routines:eckey_type2param:DECODE_ERROR:external/boringssl/src/crypto/evp/p_ec_asn1.c:140:
2536673920:error:0608600f:public key routines:eckey_pub_decode:elliptic curve routines:external/boringssl/src/crypto/evp/p_ec_asn1.c:180:
2536673920:error:0b07c07c:X.509 certificate routines:X509_PUBKEY_get:PUBLIC_KEY_DECODE_ERROR:external/boringssl/src/crypto/x509/x_pubkey.c:168:

This leads to the question - why does BoringSSL have problems decoding the public key in this certificate? And I guess this has to be a bug in BoringSSL. I checked the certificate with OpenSSL and had no problems there.

When the Spongycastle Provider is explicitly used when loading the intermediate certificate and later verifying the signature of the document signing certificate, everything works fine.

Romanski
  • 730
  • 8
  • 27
  • 1
    THANK YOU! This solved my problem for using secp256k1 aswell. I was getting: java.security.InvalidKeyException: java.lang.RuntimeException: error:0f00007b:elliptic curve routines:OPENSSL_internal:UNKNOWN_GROUP – joakimb Aug 20 '17 at 12:17
0

I ran into the same issue on Android 6.0. Using the Spongycastle Provider explicitly didn't seem to help, unless I did something wrong. Here is the stack trace:

W/System.err: java.lang.RuntimeException: error:0f092074:elliptic curve routines:ec_asn1_pkparameters2group:NON_NAMED_CURVE
W/System.err:     at com.android.org.conscrypt.NativeCrypto.X509_get_pubkey(Native Method)
W/System.err:     at com.android.org.conscrypt.OpenSSLX509Certificate.getPublicKey(OpenSSLX509Certificate.java:418)
W/System.err:     at org.spongycastle.jce.provider.CertPathValidatorUtilities.findTrustAnchor(CertPathValidatorUtilities.java:182)
W/System.err:     at org.spongycastle.jce.provider.PKIXCertPathValidatorSpi.engineValidate(PKIXCertPathValidatorSpi.java:95)
W/System.err:     at java.security.cert.CertPathValidator.validate(CertPathValidator.java:193)
W/System.err:     at ***.(***.java:##)
W/System.err:     at android.app.Activity.dispatchActivityResult(Activity.java:7137)
W/System.err:     at android.app.ActivityThread.deliverResults(ActivityThread.java:4916)
W/System.err:     at android.app.ActivityThread.handleSendResult(ActivityThread.java:4963)
W/System.err:     at android.app.ActivityThread.access$1600(ActivityThread.java:221)
W/System.err:     at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1848)
W/System.err:     at android.os.Handler.dispatchMessage(Handler.java:102)
W/System.err:     at android.os.Looper.loop(Looper.java:158)
W/System.err:     at android.app.ActivityThread.main(ActivityThread.java:7224)
W/System.err:     at java.lang.reflect.Method.invoke(Native Method)
W/System.err:     at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:1230)
W/System.err:     at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1120)

On Android 9.0 it works again, but I'd still like to get it working on 6.0. It fails on certPathValidator.validate():

KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
// keyStore = KeyStore.getInstance("BKS", "BC"); // explicitly use BC - also fails
// [...] populate key store
PKIXParameters params = new PKIXParameters(keyStore);
CertPathValidator certPathValidator = CertPathValidator.getInstance(CertPathValidator.getDefaultType()); // CertPathValidator.getDefaultType() = PKIX
PKIXCertPathValidatorResult pkixCertPathValidatorResult = (PKIXCertPathValidatorResult) certPathValidator.validate(certPath, params);

I am using these libraries:

implementation files('libs/core-1.58.0.0.jar')
implementation files('libs/prov-1.58.0.0.jar')
implementation files('libs/pkix-1.54.0.0.jar')
implementation files('libs/bcprov-jdk15on-1.64.jar')
implementation files('libs/bcpkix-jdk15on-1.64.jar')
IAmCoder
  • 3,179
  • 2
  • 27
  • 49