search

FiloSottile / Heartbleed

A checker (site and tool) for CVE-2014-0160
http://filippo.io/Heartbleed
MIT License
2.31k stars 465 forks source link

negative serial number? #67

Open BillWeiss opened 10 years ago

BillWeiss commented 10 years ago 
$ repos/heartbleed/bin/Heartbleed (a Cisco ASA)
2014/04/12 23:48:39 (my ASA) - ERROR: tls: failed to parse certificate from server: x509: negative serial number

Any idea what that is about? The browser deals with it. Chrome reports the serial as 2257982035. It is a self-signed cert generated by the device, so I can imagine it's wrong, but I'm surprised at that.

yakatz commented 10 years ago

Do you mind submitting the certificate (not the key) so I can look into this?

BillWeiss commented 10 years ago 
-----BEGIN CERTIFICATE-----
MIIB1zCCAUCgAwIBAgIEhpYSUzANBgkqhkiG9w0BAQUFADAwMS4wLAYDVQQDEyVB
U0EgVGVtcG9yYXJ5IFNlbGYgU2lnbmVkIENlcnRpZmljYXRlMB4XDTE0MDMwMjAy
MjUwOVoXDTI0MDIyODAyMjUwOVowMDEuMCwGA1UEAxMlQVNBIFRlbXBvcmFyeSBT
ZWxmIFNpZ25lZCBDZXJ0aWZpY2F0ZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC
gYEAsrYAfyVs5BozfnxMCS6XIQFF0/Z58qp7mzriWxeE+QYQU7PjzE9Pwat066y4
QwUmsT8jxUjtPE5x4dwZo41I0fr7c+TvTZc4KiTJtbBsZyF68tiZReevtfh4ci8Q
6cYHgBACzWWSMM4itKhvQW2FqEN5hSY9iHsXNH0Lof8D2msCAwEAATANBgkqhkiG
9w0BAQUFAAOBgQCr9+e0Ys3vKHbgADG1L9LAaxxFMreOpDIZfmZHdFhPoB1AdoRo
PwgNth6bEcxpIHMbIE5dp5Szx1lw+S50HYwhvBP2sERTj8INnqQEZFXjm+ajW44M
SDLmZv0lJe1N6CuGouh61fHWYJ05Sk0r4oj2f+3Ohc3/6MIBGpZbLYG/Pg==
-----END CERTIFICATE-----
BillWeiss commented 10 years ago

Here's what openssl has to say about that:

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: -2036985261 (-0x7969edad)
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: CN=ASA Temporary Self Signed Certificate
        Validity
            Not Before: Mar  2 02:25:09 2014 GMT
            Not After : Feb 28 02:25:09 2024 GMT
        Subject: CN=ASA Temporary Self Signed Certificate
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
            RSA Public Key: (1024 bit)
                Modulus (1024 bit):
                    00:b2:b6:00:7f:25:6c:e4:1a:33:7e:7c:4c:09:2e:
                    97:21:01:45:d3:f6:79:f2:aa:7b:9b:3a:e2:5b:17:
                    84:f9:06:10:53:b3:e3:cc:4f:4f:c1:ab:74:eb:ac:
                    b8:43:05:26:b1:3f:23:c5:48:ed:3c:4e:71:e1:dc:
                    19:a3:8d:48:d1:fa:fb:73:e4:ef:4d:97:38:2a:24:
                    c9:b5:b0:6c:67:21:7a:f2:d8:99:45:e7:af:b5:f8:
                    78:72:2f:10:e9:c6:07:80:10:02:cd:65:92:30:ce:
                    22:b4:a8:6f:41:6d:85:a8:43:79:85:26:3d:88:7b:
                    17:34:7d:0b:a1:ff:03:da:6b
                Exponent: 65537 (0x10001)
    Signature Algorithm: sha1WithRSAEncryption
        ab:f7:e7:b4:62:cd:ef:28:76:e0:00:31:b5:2f:d2:c0:6b:1c:
        45:32:b7:8e:a4:32:19:7e:66:47:74:58:4f:a0:1d:40:76:84:
        68:3f:08:0d:b6:1e:9b:11:cc:69:20:73:1b:20:4e:5d:a7:94:
        b3:c7:59:70:f9:2e:74:1d:8c:21:bc:13:f6:b0:44:53:8f:c2:
        0d:9e:a4:04:64:55:e3:9b:e6:a3:5b:8e:0c:48:32:e6:66:fd:
        25:25:ed:4d:e8:2b:86:a2:e8:7a:d5:f1:d6:60:9d:39:4a:4d:
        2b:e2:88:f6:7f:ed:ce:85:cd:ff:e8:c2:01:1a:96:5b:2d:81:
        bf:3e
yakatz commented 10 years ago

So the certificate really does have a negative number and it is not a parsing problem. RFC5280 says they should not be, but users should try to handle them anyway. I do not immediately see a way to override this in Go.

BillWeiss commented 10 years ago

Bummer.