oscrypto
oscrypto copied to clipboard
Published
20 hours ago •
wbond
wbond
Undefined OSStatus when loading certain public keys
When loading certain public keys through oscrypto.asymetric.load_certificate then trying to inspect any property (say algorithm) an OSError such as OSStatus 62339392 is thrown. The exact error code is always different but undefined within Apple docs.
The error appears to be coming from SecCertificateCopyPublicKey(_:) which I note has been deprecated for a long time now in favour of SecCertificateCopyKey(_:)
System Version: macOS 13.0 (22A5321d) Kernel Version: Darwin 22.0.
Example cert:
-----BEGIN CERTIFICATE-----
MIIDuTCCAqGgAwIBAgIQfCoOUTBOfHengHo4iS1DmjANBgkqhkiG9w0BAQsFADBM
MSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xv
YmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0yMjA4MDcwMDAwMDBaFw0y
MjExMTUwMDAwMDBaMFsxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWdu
IG52LXNhMTEwLwYDVQQDEyhHbG9iYWxTaWduIE9DU1AgZm9yIFJvb3QgUjMgLSBT
aWduZXIgMS4yMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrYtuWRO
QRqEM8cSyLzpgbIVeZ7n/dG7DIpGHcl4SBo99ji0IEFab/Mi7k2ML9hTQ8jaWUPa
zllvmpMrKqzU/nobvcq5XGewtXPY8XNQfHDch9ruqI5Xii/mxCfX0dxbP5pHOm2Y
FfJe+ObYHpZy4jtifd3GtYlGODnfSkrL+s6NwZX3b4pAZVt7MWjKg3UQI5W3hskO
zhAdOmhWacMeM4HeyHCwMz/S9caQ2v+g8ZC8eTQoeqfGzknvMNl9GbipED4CWYgG
++4cKYmIbXlgdOm1I6jDtVjWjmXahQKYGh/EC39wlVukWoUhtSfE6oK3TXq5hdg3
JXcAlu970y0ErQIDAQABo4GHMIGEMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAK
BggrBgEFBQcDCTAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQpps1+5UkBfCYf2+XI
r2Cd+Tw2fjAfBgNVHSMEGDAWgBSP8Et/qC5FJK5NUPpjmove4t0bvDAPBgkrBgEF
BQcwAQUEAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQDEdJsZuNVxwdR4jSluEWXmVW16
RDarknBhHxd8Cq1q4FPfN+BcltDoBUDISEvOHffKm1VPCjOTxvWuvSd630u6TQSn
9Uut/IrjeAnq1eRrEkdDE09772G/Q5tfBHGB+cZdFqICv94YqGHlT1f5tNWfTmV6
/3wd86AxrBOWcYnd4HgXBid5kBiRoFcP4v8z94A9zuPsZDLmHrbrqqLH4zi9Z+ak
YMCBTfYQUAJuT/kUbGX4PuxDYT3CnYW54ukUrfmsWHtSUA/cUGY+WlyNxG2y+cD+
3GgZxwTQpy7ik8wj1McBYh6X99Nud8D29Hfkj9YtBIqrjPXUM9F2ik+x0u3l
-----END CERTIFICATE-----
Minimum reproducing code:
import asn1crypto.pem
import asn1crypto.x509
import oscrypto.asymmetric
with open('cert.pem', 'rb') as f:
pem_bytes = f.read()
_, _, der_bytes = asn1crypto.pem.unarmor(pem_bytes)
cert = asn1crypto.x509.Certificate.load(der_bytes)
key_object = oscrypto.asymmetric.load_certificate(cert)
print(key_object.algorithm)
I have confirmed that changing SecCertificateCopyPublicKey(_:) to SecCertificateCopyKey(_:) fixes the error. I will make a PR shortly with this change.
