search

oxidecomputer / pki-playground

Tool for generating non-trivial X.509 certificate chains
Mozilla Public License 2.0
29 stars 2 forks source link

Incorrect time encoding for `notBefore` #14

Closed mkeeter closed 1 year ago

mkeeter commented 1 year ago

Generating certificate chains with examples/Gimlet_RoT_Stage0_Code_Signing/config.kdl, I attempted to validate them with OpenSSL.

This required converting them from der to pem

$ openssl x509 -inform der -in "TEST USE ONLY - Gimlet RoT Stage0 Code Signing Engineering Offline CA A Trust Anchor.cert.der" -outform pem -out "TEST USE ONLY - Gimlet RoT Stage0 Code Signing Engineering Offline CA A Trust Anchor.cert.pem"
$ openssl x509 -inform der -in "TEST USE ONLY - Gimlet RoT Stage0 Code Signing Engineering Online Signer A1.cert.der" -outform pem -out "TEST USE ONLY - Gimlet RoT Stage0 Code Signing Engineering Online Signer A1.cert.pem"
$ openssl verify -verbose -CAfile "TEST USE ONLY - Gimlet RoT Stage0 Code Signing Engineering Offline CA A Trust Anchor.cert.pem" "TEST USE ONLY - Gimlet RoT Stage0 Code Signing Engineering Online Signer A1.cert.pem"
CN = US, ST = California, L = Emeryville, O = Oxide Computer Company, OU = Manufacturing, CN = TEST USE ONLY - Gimlet RoT Stage0 Code Signing Engineering Offline CA A
error 13 at 1 depth lookup:format error in certificate's notBefore field
CN = US, ST = California, L = Emeryville, O = Oxide Computer Company, OU = Manufacturing, CN = TEST USE ONLY - Gimlet RoT Stage0 Code Signing Engineering Offline CA A
error 13 at 1 depth lookup:format error in certificate's notBefore field
CN = US, ST = California, L = Emeryville, O = Oxide Computer Company, OU = Manufacturing, CN = TEST USE ONLY - Gimlet RoT Stage0 Code Signing Engineering Offline CA A
error 13 at 1 depth lookup:format error in certificate's notBefore field
CN = US, ST = California, L = Emeryville, O = Oxide Computer Company, OU = Manufacturing, CN = TEST USE ONLY - Gimlet RoT Stage0 Code Signing Engineering Offline CA A
error 13 at 1 depth lookup:format error in certificate's notBefore field
CN = US, ST = California, L = Emeryville, O = Oxide Computer Company, OU = Manufacturing, CN = TEST USE ONLY - Gimlet RoT Stage0 Code Signing Engineering Offline CA A
error 13 at 1 depth lookup:format error in certificate's notBefore field
TEST USE ONLY - Gimlet RoT Stage0 Code Signing Engineering Online Signer A1.cert.pem: verification failed: 13 (format error in certificate's notBefore field)

It looks like the certificate does not use the correct encoding type for the notBefore field. RFC5280 specifies that dates before the year 2050 must use UTCTIME not GENERALIZEDTIME:

CAs conforming to this profile MUST always encode certificate validity dates through the year 2049 as UTCTime; certificate validity dates in 2050 or later MUST be encoded as GeneralizedTime.

(4.1.2.5)

However, I see GENERALIZEDTIME used for both notBefore and notAfter:

$ openssl asn1parse -inform der -in "TEST USE ONLY - Gimlet RoT Stage0 Code Signing Engineering Offline CA A Trust Anchor.cert.der"
[...]
  226:d=2  hl=2 l=  34 cons: SEQUENCE
  228:d=3  hl=2 l=  15 prim: GENERALIZEDTIME   :20230302203047Z
  245:d=3  hl=2 l=  15 prim: GENERALIZEDTIME   :99991231235959Z

Here's another example of this issue in the wild