Uh oh!
There was an error while loading.Please reload this page.
- Notifications
You must be signed in to change notification settings - Fork10.9k
openssl asn1parse doesnt display all characters in serial number:#23244
Uh oh!
There was an error while loading.Please reload this page.
Uh oh!
There was an error while loading.Please reload this page.
-
OpenSSL 3.0.12 24 Oct 2023 (Library: OpenSSL 3.0.12 24 Oct 2023) |
BetaWas this translation helpful?Give feedback.
All reactions
Point is that asn1parse is supposed to show what it parsed rather than a somewhat frivolous interpretation.
When asn1parse parses a signed number, I expect it to show me a signed number, so either C9F97F52C320766D6DF0D55DD229559E or -360680AD3CDF8992920F2AA22DD6AA62 as appropriate. In this case it is clearly encoded as a positive integer in the DER, so the correct presentation is C9F97F52C320766D6DF0D55DD229559E. This is completely unambiguous and printing the leading 0 is incorrect IMO.
This is not a bug.
Replies: 14 comments 7 replies
-
|
BetaWas this translation helpful?Give feedback.
All reactions
Uh oh!
There was an error while loading.Please reload this page.
Uh oh!
There was an error while loading.Please reload this page.
-
Here is a hex dump of the first bytes of that cert, ending immediately after the encoding of the serial number: I agree that the serial number is encoded using 17 octets. However, the fact that only 16 octets are displayed by the command-line utility is intentional. When displaying an asn1 INTEGER in printable hex, if the leading octet is zero, then it is not displayed. This behaviour can be surprising, and we have had some internal discussions on it (I will link to the related github issue if I can find it). |
BetaWas this translation helpful?Give feedback.
All reactions
Uh oh!
There was an error while loading.Please reload this page.
Uh oh!
There was an error while loading.Please reload this page.
-
converting this to der format and dumping it out in hexedit shows this: Byte 0 (0x30) is the start of the sequence in asn1parse However, if you look at byte 15 which is the first byte of the serial number, its zero (0x0). Since the value is encoded as an integer, I would imagine that the decode is truncating the leading zero, as a zero padded integer is just the integer However https://www.itu.int/ITU-T/studygroups/com10/languages/X.690_1297.pdf Indicates that when encoding an integer the bits of the first octet and bit 8 of the second octect:
To ensure minimal space during encoding. But bit 8 of the second octet (0xc9) is 1 meaning both of those requirements would be met, and truncating the leading zero would result in a sign change. The truncation would have been ok if bit 8 of the second octet were zero, but since, its not that would lead to a sign change, which definately seems like a bug to me |
BetaWas this translation helpful?Give feedback.
All reactions
Uh oh!
There was an error while loading.Please reload this page.
Uh oh!
There was an error while loading.Please reload this page.
-
Here is a related PR (unmerged): Above, I said:
After re-reading the discussion in that PR, I see that my comment isn't completely accurate. There is some inconsistency in how openssl treats leading zero octets when displaying an asn1 INTEGER. |
BetaWas this translation helpful?Give feedback.
All reactions
👍 1
-
It seems to me that the leading zero in this case has to be included as truncating it results in the sign of the represented integer being flipped. |
BetaWas this translation helpful?Give feedback.
All reactions
-
The leading zero is just a DER encoding artifact. The serial number is a number, thus the leading zero would not be displayed. This is not a bug. |
BetaWas this translation helpful?Give feedback.
All reactions
👍 2
Uh oh!
There was an error while loading.Please reload this page.
Uh oh!
There was an error while loading.Please reload this page.
-
The serial number isn'tjust a number... it's a signed number. Point is that I'd regard this as a bug, but perhaps not a terribly important one |
BetaWas this translation helpful?Give feedback.
All reactions
-
Changing my mind on this because it was shown that negative numbers are shown as actual negative numbers (with a minus sign). Not a bug |
BetaWas this translation helpful?Give feedback.
All reactions
-
Github seems to be having issues at the moment, but IIRC#8136 indicated that openssl x509 -text was showing a simmilar issue |
BetaWas this translation helpful?Give feedback.
All reactions
-
When asn1parse parses a signed number, I expect it to show me a signed number, so either C9F97F52C320766D6DF0D55DD229559E or -360680AD3CDF8992920F2AA22DD6AA62 as appropriate. In this case it is clearly encoded as a positive integer in the DER, so the correct presentation is C9F97F52C320766D6DF0D55DD229559E. This is completely unambiguous and printing the leading 0 is incorrect IMO. This is not a bug. |
BetaWas this translation helpful?Give feedback.
All reactions
👍 4
-
Ok, I see now, DER encoded the a 16 byte integer using a minimum of 17 bytes because the DER encoding has to preserve the sign of the integer being encoded. Whatever did the encoding interpreted the serial number as positive, so the DER encoding added an extra zero pad to record the fact that the value was positive (rather than negative as would have been the interpretation if the zero pad wasn't there). asn1parse is smart enough to prepend a '-' (negative) notation in front of a number that it parses from DER when the leading bit is zero, so we can correctly interpret a printed integer value (even one in hex with the MSB set), as positive or negative based on the presence or lack of '-'. In fact editing the provided file to make the uppper octet in DER 0xFF results in this print out: So we can see how we handle +/- integers, and that the encoding size doesn't necessecarily match the number of octets printed because of said padding. I agree now, this isn't a bug |
BetaWas this translation helpful?Give feedback.
All reactions
👍 2
-
Oh! I hadn't caught on to this display of negative numbers in asn1parse... Ok then |
BetaWas this translation helpful?Give feedback.
All reactions
-
Thanks to all for the discussion/explanation. Now I have to convince a vendor that their display of the 00 is wrong. |
BetaWas this translation helpful?Give feedback.
All reactions
👍 1
-
Their display isn't necessarily wrong, just a different design choice. |
BetaWas this translation helpful?Give feedback.
All reactions
-
Would be great if you could also convince Mozilla. |
BetaWas this translation helpful?Give feedback.
All reactions
-
before you commit too fiercely to one side of the discussion, please note that other tools for displaying ASN1 data in a human-readable form have made different design choices than e.g. |
BetaWas this translation helpful?Give feedback.
All reactions
-
The Outputting it as if it was part of the number is confusing and inconsistent. |
BetaWas this translation helpful?Give feedback.
All reactions
-
The sad part is to "add insult to injury" the vendor's code renders the serial number as a set of 16 hex bytes, adding a newline before the 17th byte e.g. Serial Number: 00 B6 94 C3 AE A4 A3 58 E5 5F 7F 03 F9 F4 18 55 which means that you are unable to grep the output of the tool for "Serial Number" and get the full serial number. |
BetaWas this translation helpful?Give feedback.
All reactions
Uh oh!
There was an error while loading.Please reload this page.
Uh oh!
There was an error while loading.Please reload this page.
-
Yeah, just another sad example of needless hickups incurred by |
BetaWas this translation helpful?Give feedback.
All reactions
-
Unfortunately, not so many people these days have a sufficient understanding of ASN.1 BER encoding (including its variant DER). |
BetaWas this translation helpful?Give feedback.
All reactions
-
This is much too rigid a view of the design space. |
BetaWas this translation helpful?Give feedback.
All reactions
This discussion was converted from issue #23236 on January 09, 2024 19:23.