Skip to content

support negative serials in certificate parsing #6626

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 6 commits into from
Nov 20, 2021
Merged

support negative serials in certificate parsing #6626

merged 6 commits into from
Nov 20, 2021

Conversation

reaperhulk
Copy link
Member

but raise a warning every time we see it. also proactively raise on
initial parse of the certificate, not just when accessing the
serial_number attribute

@reaperhulk
support negative serials in certificate parsing
1346fae 
but raise a warning every time we see it. also proactively raise on
initial parse of the certificate, not just when accessing the
serial_number attribute
alex
alex reviewed Nov 20, 2021
View reviewed changes
src/rust/src/asn1.rs Outdated
v: asn1::BigUint<'_>,
v: &'_ [u8],
) -> pyo3::PyResult<&'p pyo3::PyAny> {
let signed = big_byte_slice_is_negative(py, v)?;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This seems like a weird way to solve this, why not just take signed as a parameter that teh caller specifies based on context?

src/rust/src/asn1.rs Outdated
bytes: &'_ [u8],
) -> pyo3::PyResult<bool> {
if bytes[0] & 0x80 != 0 {
let cryptography_warning = py.import("cryptography.utils")?.getattr("DeprecatedIn36")?;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is not the right place for this warning. This function has an ostensibly generic purpose and instead it's got behavior that's totally specific to serials.

src/rust/src/x509/certificate.rs Outdated
cert_version(py, raw.borrow_value().tbs_cert.version)?;
// determine if the serial is negative and raise a warning if it is. We want to drop support
// for this sort of invalid encoding eventually.
big_byte_slice_is_negative(py, raw.borrow_value().tbs_cert.serial.as_bytes())?;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See! This functions behavior in no way matches it's name.

alex
alex reviewed Nov 20, 2021
View reviewed changes
src/rust/src/asn1.rs Outdated
v: asn1::BigUint<'_>,
v: &'_ [u8],
) -> pyo3::PyResult<&'p pyo3::PyAny> {
warn_if_negative(py, v)?;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I still object to this being part of the behavior of `big_byte_slice_to_py_int.

Functions behavior should be predictable and well factored -- generic functions like type conversion shouldn't have context specific warnings like this. Just put warn_if_negative calls in the serial accessors. And please also name it warn_if_negative_serial based on the warning message.

reaperhulk and others added 2 commits November 20, 2021 09:48
alex
alex previously approved these changes Nov 20, 2021
View reviewed changes
@alex alex enabled auto-merge (squash) November 20, 2021 01:55
alex
alex reviewed Nov 20, 2021
View reviewed changes
src/rust/src/x509/ocsp_req.rs Outdated
Ok(big_byte_slice_to_py_int(
py,
self.cert_id()?.serial_number.as_bytes(),
)?)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is uncovered because of silliness. assign self.cert_id()?.serial_number.as_bytes() to a local var

@alex alex linked an issue Nov 20, 2021 that may be closed by this pull request
Unable to load certificate with negative serial number #6609
Closed
@alex alex merged commit 458e9eb into pyca:main Nov 20, 2021
@reaperhulk reaperhulk deleted the negative-serials branch October 9, 2022 18:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@alex alex alex approved these changes

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Unable to load certificate with negative serial number
2 participants
@reaperhulk @alex