Inconsistent parsing problem with signify package in python

Question

I am trying to use signify to parse a Linux kernel (not the kernel of the machine where I am parsing). Parsing on some machines it succeeds, and on others the parse fails.

First, a success on one machine.

$ grep PRETTY /etc/os-release 
PRETTY_NAME="Ubuntu 18.04.5 LTS"

$ shasum -a 256 kernel
956df917ddbcc82cc0b8205bb86452eaee99b5cb4af218e23968f8e0f07bae0d  kernel

$ pip list  | grep signify
signify        0.3.0

$ python
Python 3.6.9 (default, Oct  8 2020, 12:12:24) 
[GCC 8.4.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> from signify.signed_pe import SignedPEFile
>>> kf = open('kernel', 'rb')
>>> spef = SignedPEFile(kf)
>>> list(spef.signed_datas)
[<signify.authenticode.AuthenticodeSignedData object at 0x7f3d5f37c0b8>]
>>>

Now, a failure on a different machine.

$ grep PRETTY /etc/os-release 
PRETTY_NAME="Ubuntu 18.04.5 LTS"

$ shasum -a 256 kernel 
956df917ddbcc82cc0b8205bb86452eaee99b5cb4af218e23968f8e0f07bae0d  kernel

$ pip list | grep signify
signify                      0.3.0

$ python
Python 3.6.9 (default, Oct  8 2020, 12:12:24) 
[GCC 8.4.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> from signify.signed_pe import SignedPEFile
>>> kf = open('kernel', 'rb')
>>> spef = SignedPEFile(kf)
>>> list(spef.signed_datas)
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/local/lib/python3.6/dist-packages/signify/signed_pe.py", line 221, in signed_datas
    yield AuthenticodeSignedData.from_envelope(certificate['certificate'], pefile=self)
  File "/usr/local/lib/python3.6/dist-packages/signify/signeddata.py", line 41, in from_envelope
    signed_data = cls(data, *args, **kwargs)
  File "/usr/local/lib/python3.6/dist-packages/signify/authenticode.py", line 139, in __init__
    super().__init__(data)
  File "/usr/local/lib/python3.6/dist-packages/signify/signeddata.py", line 26, in __init__
    self._parse()
  File "/usr/local/lib/python3.6/dist-packages/signify/authenticode.py", line 158, in _parse
    raise AuthenticodeParseError("SignedData.crls is present, but that is unexpected.")
signify.exceptions.AuthenticodeParseError: SignedData.crls is present, but that is unexpected.
>>>

What's going on here?

score 0 · Answer 1 · answered Feb 23 '21 at 16:57

Apparently it is easy to have too-old versions of certain dependencies. On the failing machine, I had the following.

$ pip list | grep -i asn
asn1crypto                   0.24.0
pyasn1                       0.4.5
pyasn1-modules               0.2.8

On that same machine, the parsing succeeds after I upgrade to the following.

$ pip list | grep asn1
asn1crypto                   1.4.0
pyasn1                       0.4.8
pyasn1-modules               0.2.8

Inconsistent parsing problem with signify package in python

1 Answers1