CA

[Wh1terat]

I worked on similar back in 5.6.x and just wanted to comment that I really enjoyed to read your write up.

Amazing to see some 5+ years later they still use the same RSA-155 pub key for aes key derivation. 🤣

For the newer versions with embedded certificates, what certificate chain validates these?

I ask because Fortinet used to include a fixed sub CA in old versions used for content inspection (they moved to "first boot" generation later for obvious reasons) for which it was possible to extract the private key.

[rrrrrrri]

It's nice to see you've looked into that too. As far as I know, the system uses the FTNT_TRUSTED(fortinet-subca2001) to verify those certificates.

I didn't bother to find the private key(not sure if the private key still exists) because we would need to modify the init binary to bypass integrity verification anyway.

But if we can get the private key, we might be able to build the appropriate firmware without having to modify the init binary.

I might look into it in my spare time, I'd appreciate it if you could share your research.

[Wh1terat]

I looked into this and also the reversible password format - unfortunately neither I could publish at the time and someone else got the glory for the 2nd CVE.

Unfortunately this ca is not issued by fortinet-subca2001, it could well just be a standalone CA not included in any other chains.

If interested in either let me know and I'll find a method to communicate the priv keys with you. I suspect much of my research is vastly out of date now.

FortiGate CA.

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1594129161 (0x5f047b09)
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: C = US, ST = California, L = Sunnyvale, O = Fortinet, OU = Certificate Authority, CN = FortiGate CA, emailAddress = support@fortinet.com
        Validity
            Not Before: Jan 13 18:47:57 2016 GMT
            Not After : Jan 13 18:47:57 2026 GMT
        Subject: C = US, ST = California, L = Sunnyvale, O = Fortinet, OU = Certificate Authority, CN = FortiGate CA, emailAddress = support@fortinet.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:e1:28:a2:93:fa:35:1a:cd:43:16:50:33:72:
                    8a:59:89:e9:6b:26:68:3a:25:5d:69:87:fe:5e:c5:
                    33:03:1c:19:2f:dd:09:0f:78:0b:d2:0a:b8:31:1a:
                    5e:d0:95:d9:f4:11:75:47:bf:15:0a:a7:62:ef:82:
                    6c:6c:fa:f8:ee:a9:db:08:59:97:47:16:00:38:95:
                    ea:c8:7a:32:32:97:24:06:a2:f2:12:18:ec:2a:89:
                    dc:3f:7a:91:0b:f1:c4:c0:dc:44:e9:f1:7b:d6:41:
                    17:77:6f:5a:a0:13:0a:dc:dc:43:69:55:7d:d1:e7:
                    3c:28:52:9c:64:2c:bc:b1:28:49:ff:b0:36:f3:cc:
                    60:9e:04:94:7a:bf:bc:3c:7e:ed:b5:b3:6c:c7:e5:
                    f0:04:7c:2c:51:8e:ea:5c:00:db:8e:71:e4:d6:f9:
                    24:86:85:51:77:69:82:bb:de:c7:e0:7e:fe:56:fb:
                    ac:42:54:58:64:27:dd:24:24:33:ca:43:5b:79:21:
                    18:88:ac:c3:f3:78:5a:d5:a5:20:ee:1b:c4:fb:10:
                    34:cd:92:1c:51:86:74:5b:13:f3:ee:8e:f0:6e:6f:
                    07:83:5e:f4:78:b9:87:07:ab:60:b7:bc:bb:4e:27:
                    42:98:44:e8:ca:11:fa:b0:8e:0b:96:4b:f5:7c:aa:
                    ab:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: 
                CA:TRUE
    Signature Algorithm: sha1WithRSAEncryption
         50:ab:bd:51:77:ad:b7:e7:35:a5:86:e1:9c:10:92:ef:43:f0:
         78:60:1d:17:ba:2e:2f:c4:44:8d:03:59:ff:1f:d5:46:ea:01:
         64:69:a1:e6:60:ad:58:17:c0:e6:6c:26:3e:44:07:12:4c:50:
         d7:b8:44:ff:76:0e:55:1b:38:c4:1a:ff:d2:f0:c7:29:1c:d2:
         9c:b0:d4:11:f4:c6:64:5e:e4:fe:66:59:72:4c:64:b5:fc:40:
         25:1f:e0:eb:13:ed:d0:83:c0:9d:84:03:03:b2:be:3e:07:82:
         ba:5d:69:fd:e6:d3:eb:e9:c6:69:06:11:91:67:c3:66:fb:e2:
         b2:c5:9b:ab:7a:23:1d:4b:ca:7a:4b:fd:6d:bd:b6:07:a9:92:
         b8:8e:7f:c9:3b:12:b1:a8:11:53:91:fc:b0:b7:95:d3:d2:b0:
         e1:b5:a0:60:07:3d:44:98:58:5e:1c:5b:a9:eb:83:28:40:f3:
         5b:e3:8c:af:63:81:af:8c:86:a2:85:1c:93:fd:96:7c:a6:0b:
         e5:cb:95:40:db:01:51:66:9f:a8:f3:7e:85:31:ad:55:45:1c:
         a0:74:82:a3:4a:9f:5f:4d:0e:2e:6c:11:93:33:21:06:4c:7d:
         a8:ae:c0:06:a4:56:82:eb:92:a3:8a:b4:7b:00:fd:24:0a:dd:
         b0:e4:f8:01

Also the "Fortigate" non CA, support issued cert:

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 40906 (0x9fca)
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: C = US, ST = California, L = Sunnyvale, O = Fortinet, OU = Certificate Authority, CN = support, emailAddress = support@fortinet.com
        Validity
            Not Before: Feb 21 21:13:18 2011 GMT
            Not After : Jan 19 03:14:07 2038 GMT
        Subject: C = US, ST = California, L = Sunnyvale, O = Fortinet, OU = FortiGate, CN = FortiGate, emailAddress = support@fortinet.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (512 bit)
                Modulus:
                    00:cf:b8:21:07:4c:9a:df:d7:95:1f:8e:da:b0:22:
                    9d:29:5b:b7:14:b1:18:ec:a5:f6:87:99:5a:fd:5d:
                    c0:f2:dd:ed:b0:7e:1c:0c:a3:00:f6:84:6d:3d:9b:
                    95:8f:5a:d5:ae:67:d0:61:0d:33:54:47:ef:6b:49:
                    15:7d:41:d2:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: 
                CA:FALSE
    Signature Algorithm: sha1WithRSAEncryption
         42:db:69:fd:8a:d7:cc:c4:3e:ca:f1:32:e2:be:04:36:a0:be:
         9e:21:93:f1:26:27:3a:fe:3c:42:d5:44:73:c1:15:14:0b:51:
         f3:1c:6c:04:c0:dd:40:b2:40:ca:2a:30:34:85:aa:69:7f:e7:
         de:ef:1f:99:8b:03:e3:60:c0:e4:54:e0:f9:39:55:2c:cf:f8:
         57:95:35:0c:3a:8c:62:4d:3f:20:50:ec:b6:da:5d:a7:e7:d6:
         92:50:ab:3b:b1:c1:d0:5f:0b:43:10:25:e9:73:21:dc:f3:9f:
         81:ec:91:4d:c7:38:b6:9f:b7:45:de:04:2d:e0:d5:39:eb:ca:
         46:27:83:b6:93:8f:64:ef:17:78:72:1d:7b:f7:bd:59:9f:0f:
         1f:b1:fc:74:41:d1:aa:4d:8a:3c:69:85:21:17:43:36:49:b2:
         b4:2c:7e:29:ba:03:06:26:03:fa:0c:e4:ed:e9:fc:ae:3c:71:
         2b:e9:9e:59:ee:6b:10:0c:ef:3e:6c:d7:c4:fc:b3:32:c2:61:
         46:97:c0:55:d6:02:b6:8e:57:db:72:55:30:46:67:5b:9b:7d:
         ae:8f:37:59:0b:4e:eb:4b:d8:41:78:d6:f0:67:8b:44:fc:72:
         7f:07:1d:1c:e9:86:22:47:09:ad:4f:5e:ce:fa:4a:68:2c:b2:
         fe:67:cb:a2