Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

New Let's Encrypt certificate with SHA384 parsing error #2156

Closed
krizhanovsky opened this issue Jun 29, 2024 · 2 comments · Fixed by #2157
Closed

New Let's Encrypt certificate with SHA384 parsing error #2156

krizhanovsky opened this issue Jun 29, 2024 · 2 comments · Fixed by #2157
Assignees
Milestone

Comments

@krizhanovsky
Copy link
Contributor

Let's Encrypt now goes with SHA384 instead of SHA256 signature and Tempesta can't load the certificate:

[   16.932088] [tempesta tls] Warning: PK - Elliptic curve with OID 1.3.132.0.34 is unsupported
[   16.933888] [tempesta fw] ERROR: tls_certificate: Invalid certificate specified (ffffffff)
[   16.935456] [tempesta fw] ERROR: configuration parsing error:
                 31: tls_certificate /etc/tempesta/fullchain.pem;
                     ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

The certificate uses prime256r1, just as previous, so probably we have a certificate parsing bug.

# openssl x509 -text -in  /var/www/html/tfw-root.crt
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:3d:55:5a:02:cb:e1:45:43:49:7a:f4:1b:c9:4f:5d:b2:f5
        Signature Algorithm: ecdsa-with-SHA384
        Issuer: C = US, O = Let's Encrypt, CN = E5
        Validity
            Not Before: Jun 29 17:42:24 2024 GMT
            Not After : Sep 27 17:42:23 2024 GMT
        Subject: CN = tempesta-tech.com
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:42:4c:5c:e5:d6:8c:5f:69:44:23:ee:2b:9f:05:
                    85:f3:f9:df:39:4a:65:ef:81:50:97:ea:5f:e5:1f:
                    f7:e0:3a:38:5e:4e:a0:a7:10:dd:cd:e5:57:a2:18:
                    40:96:0f:96:d6:4c:b1:6f:fc:2b:c2:9a:44:dd:b0:
                    4a:42:6a:be:77
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                54:50:94:62:88:D2:42:8D:89:12:B4:6D:D7:26:85:A0:47:B4:EF:7B
            X509v3 Authority Key Identifier: 
                9F:2B:5F:CF:3C:21:4F:9D:04:B7:ED:2B:2C:C4:C6:70:8B:D2:D7:0D
            Authority Information Access: 
                OCSP - URI:http://e5.o.lencr.org
                CA Issuers - URI:http://e5.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:tempesta-tech.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
                                ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
                    Timestamp : Jun 29 18:42:24.691 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:AE:EF:0C:5E:69:45:99:4F:35:03:54:
                                EE:39:CB:6D:2F:8F:11:54:EA:5E:EA:AC:8C:EE:DC:27:
                                C4:84:6F:37:DC:02:20:2B:0A:25:2D:B6:2C:A1:0A:96:
                                2D:63:B8:3B:F7:63:57:80:68:A5:24:77:BF:E0:B8:92:
                                EA:36:BA:75:9D:AE:A7
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Jun 29 18:42:26.694 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:46:D3:35:79:35:A9:A3:8B:5A:79:39:06:
                                C7:F6:56:A1:3A:25:D6:1A:55:8B:3A:E7:C8:80:F1:31:
                                93:0D:BE:D6:02:21:00:C3:C0:3C:5D:91:73:D0:0D:09:
                                79:9C:57:D2:F2:25:9B:9A:7F:A1:0A:C5:3D:C6:53:52:
                                04:78:34:8F:85:CB:37
    Signature Algorithm: ecdsa-with-SHA384
    Signature Value:
        30:65:02:31:00:a2:71:8b:dc:3d:54:79:53:84:7d:8d:f8:2d:
        60:6d:af:be:74:ef:bb:71:b6:d6:fc:3f:4c:f3:7c:19:58:a4:
        ad:b4:f0:a1:02:a8:78:22:25:89:07:d8:47:04:46:80:73:02:
        30:44:bc:70:cd:9c:5d:e2:41:c3:49:da:cf:41:5f:d3:19:36:
        7e:2f:32:42:9d:92:91:e1:a4:37:b6:7c:87:07:c3:65:66:1b:
        f5:68:cc:cb:bf:8c:cc:fa:9d:7c:0c:dd:0b
-----BEGIN CERTIFICATE-----
MIIDgzCCAwmgAwIBAgISBD1VWgLL4UVDSXr0G8lPXbL1MAoGCCqGSM49BAMDMDIx
CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJF
NTAeFw0yNDA2MjkxNzQyMjRaFw0yNDA5MjcxNzQyMjNaMBwxGjAYBgNVBAMTEXRl
bXBlc3RhLXRlY2guY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEQkxc5daM
X2lEI+4rnwWF8/nfOUpl74FQl+pf5R/34Do4Xk6gpxDdzeVXohhAlg+W1kyxb/wr
wppE3bBKQmq+d6OCAhMwggIPMA4GA1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAUBggr
BgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUVFCUYojS
Qo2JErRt1yaFoEe073swHwYDVR0jBBgwFoAUnytfzzwhT50Et+0rLMTGcIvS1w0w
VQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vZTUuby5sZW5jci5v
cmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9lNS5pLmxlbmNyLm9yZy8wHAYDVR0RBBUw
E4IRdGVtcGVzdGEtdGVjaC5jb20wEwYDVR0gBAwwCjAIBgZngQwBAgEwggEEBgor
BgEEAdZ5AgQCBIH1BIHyAPAAdgA/F0tP1yJHWJQdZRyEvg0S7ZA3fx+FauvBvyiF
7PhkbgAAAZBlTj0zAAAEAwBHMEUCIQCu7wxeaUWZTzUDVO45y20vjxFU6l7qrIzu
3CfEhG833AIgKwolLbYsoQqWLWO4O/djV4BopSR3v+C4kuo2unWdrqcAdgBIsONr
2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+rOdiEcwAAAZBlTkUGAAAEAwBHMEUCIEbT
NXk1qaOLWnk5Bsf2VqE6JdYaVYs658iA8TGTDb7WAiEAw8A8XZFz0A0JeZxX0vIl
m5p/oQrFPcZTUgR4NI+FyzcwCgYIKoZIzj0EAwMDaAAwZQIxAKJxi9w9VHlThH2N
+C1gba++dO+7cbbW/D9M83wZWKSttPChAqh4IiWJB9hHBEaAcwIwRLxwzZxd4kHD
SdrPQV/TGTZ+LzJCnZKR4aQ3tnyHB8NlZhv1aMzLv4zM+p18DN0L
-----END CERTIFICATE-----
@krizhanovsky
Copy link
Contributor Author

The following test from tempesta-tech/tempesta-test@5beb3e6 passes, while it generates very similar certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            72:0b:ab:97:89:52:72:78:da:ed:06:11:9c:b2:8e:4f:82:52:4d:86
        Signature Algorithm: ecdsa-with-SHA384
        Issuer: C = US, ST = Washington, L = Seattle, O = Tempesta Technologies Inc., OU = Testing, CN = tempesta-tech.com, emailAddress = info@tempesta-tech.com
        Validity
            Not Before: Jun 29 10:52:31 2024 GMT
            Not After : Jun 30 10:52:31 2025 GMT
        Subject: C = US, ST = Washington, L = Seattle, O = Tempesta Technologies Inc., OU = Testing, CN = tempesta-tech.com, emailAddress = info@tempesta-tech.com
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:8b:32:4e:cc:0e:4e:25:34:69:48:1a:91:9c:4a:
                    70:81:8f:5b:8f:4b:6f:89:6e:8e:d0:c9:33:e5:d3:
                    67:5d:72:d1:29:79:95:09:2a:5b:8f:0d:70:77:75:
                    79:d0:d4:e4:9d:71:38:5d:b6:6c:2c:6c:90:20:d2:
                    8e:12:38:96:29
                ASN1 OID: prime256v1
                NIST CURVE: P-256
    Signature Algorithm: ecdsa-with-SHA384
    Signature Value:
        30:45:02:21:00:db:16:5e:e8:fa:9c:34:70:25:b3:de:22:03:
        38:f8:1a:74:a3:d2:56:13:da:9e:af:9a:fa:e2:3b:2e:e8:97:
        2f:02:20:65:e7:c3:fa:55:be:f2:6e:1f:04:e5:e7:89:91:ae:
        7c:55:ca:e4:29:dc:b1:c8:1c:17:46:4b:8b:46:45:85:98
-----BEGIN CERTIFICATE-----
MIICXjCCAgSgAwIBAgIUcgurl4lScnja7QYRnLKOT4JSTYYwCgYIKoZIzj0EAwMw
ga4xCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
ZWF0dGxlMSMwIQYDVQQKDBpUZW1wZXN0YSBUZWNobm9sb2dpZXMgSW5jLjEQMA4G
A1UECwwHVGVzdGluZzEaMBgGA1UEAwwRdGVtcGVzdGEtdGVjaC5jb20xJTAjBgkq
hkiG9w0BCQEWFmluZm9AdGVtcGVzdGEtdGVjaC5jb20wHhcNMjQwNjI5MTA1MjMx
WhcNMjUwNjMwMTA1MjMxWjCBrjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hp
bmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxIzAhBgNVBAoMGlRlbXBlc3RhIFRlY2hu
b2xvZ2llcyBJbmMuMRAwDgYDVQQLDAdUZXN0aW5nMRowGAYDVQQDDBF0ZW1wZXN0
YS10ZWNoLmNvbTElMCMGCSqGSIb3DQEJARYWaW5mb0B0ZW1wZXN0YS10ZWNoLmNv
bTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABIsyTswOTiU0aUgakZxKcIGPW49L
b4lujtDJM+XTZ11y0Sl5lQkqW48NcHd1edDU5J1xOF22bCxskCDSjhI4likwCgYI
KoZIzj0EAwMDSAAwRQIhANsWXuj6nDRwJbPeIgM4+Bp0o9JWE9qer5r64jsu6Jcv
AiBl58P6Vb7ybh8E5eeJka58VcrkKdyxyBwXRkuLRkWFmA==
-----END CERTIFICATE-----

@krizhanovsky
Copy link
Contributor Author

The problem is actually in that Let's Encrypt sends us a certificate bundle, it's certificate concatinated with a CA certificate, and the CA uses secp384r1 EC, which we don't support:

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            83:8f:6c:63:ce:b1:39:8c:62:06:62:83:15:c9:fd:de
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C = US, O = Internet Security Research Group, CN = ISRG Root X1
        Validity
            Not Before: Mar 13 00:00:00 2024 GMT
            Not After : Mar 12 23:59:59 2027 GMT
        Subject: C = US, O = Let's Encrypt, CN = E5
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (384 bit)
                pub:
                    04:0d:0b:3a:8a:6b:61:8e:b6:ef:dc:5f:58:e7:c6:
                    42:45:54:ab:63:f6:66:61:48:0a:2e:59:75:b4:81:
                    02:37:50:b7:3f:16:79:dc:98:ec:a1:28:97:72:20:
                    1c:2c:cf:d5:7c:52:20:4e:54:78:5b:84:14:6b:c0:
                    90:ae:85:ec:c0:51:41:3c:5a:87:7f:06:4d:d4:fe:
                    60:d1:fa:6c:2d:e1:7d:95:10:88:a2:08:54:0f:99:
                    1a:4c:e6:ea:0a:ac:d8
                ASN1 OID: secp384r1
                NIST CURVE: P-384
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Certificate Sign, CRL Sign
            X509v3 Extended Key Usage: 
                TLS Web Client Authentication, TLS Web Server Authentication
            X509v3 Basic Constraints: critical
                CA:TRUE, pathlen:0
            X509v3 Subject Key Identifier: 
                9F:2B:5F:CF:3C:21:4F:9D:04:B7:ED:2B:2C:C4:C6:70:8B:D2:D7:0D
            X509v3 Authority Key Identifier: 
                79:B4:59:E6:7B:B6:E5:E4:01:73:80:08:88:C8:1A:58:F6:E9:9B:6E
            Authority Information Access: 
                CA Issuers - URI:http://x1.i.lencr.org/
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://x1.c.lencr.org/
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        1f:72:9d:34:45:42:41:da:a4:d0:b2:b2:b8:d2:26:4c:a7:51:
        25:8d:42:da:ec:36:48:96:a3:ba:1a:a4:c8:63:d8:f0:2f:b3:
        ce:cb:9f:67:e9:a0:9e:19:ea:d4:0d:8a:55:03:92:ca:43:84:
        9d:46:f1:d5:cc:ba:df:ba:c1:02:28:71:f7:ba:fe:6d:cc:1b:
        64:ce:ac:4c:32:1a:12:b8:91:fc:f2:e4:e8:b2:ac:f4:17:b4:
        ba:85:71:80:e2:83:72:91:bd:b2:f0:f7:dc:9f:86:f4:b7:1f:
        bf:52:bd:96:e0:e6:49:38:06:e9:73:45:20:de:6f:7c:8e:60:
        b3:f9:4c:3f:2a:23:10:c7:48:cc:af:5b:95:c9:76:ff:5b:ca:
        c4:ef:16:18:27:23:be:c4:35:9c:9f:cf:c2:df:0b:41:90:5f:
        38:5c:95:5c:ff:2e:6c:0a:7f:6a:ed:dd:73:81:0a:58:6f:4c:
        3b:9c:dc:c7:5a:93:f7:e3:57:44:67:55:5b:11:af:98:11:51:
        01:a8:dc:88:c7:d7:30:4d:59:b8:69:a4:df:f1:8e:92:80:0c:
        ed:99:23:66:69:5e:ca:89:0f:d4:b1:b3:99:f2:5c:51:df:6c:
        ed:e7:ae:d7:ff:7f:7a:0e:57:95:77:7f:e7:91:ad:62:30:0c:
        f8:2e:03:1b:98:bb:79:a3:6a:72:6d:85:fb:2c:58:20:fb:7a:
        71:b6:ed:61:53:49:08:67:c7:5a:a1:c4:43:81:58:4a:d5:32:
        16:7b:fc:b2:3c:aa:53:cc:a9:81:96:8d:27:d6:95:71:64:88:
        08:b3:88:13:5f:d0:bf:fe:e8:2a:c9:d9:09:62:7d:db:ac:14:
        e9:1a:86:d4:e6:0f:18:e8:b5:ce:e0:01:84:bc:3a:d5:cb:8f:
        54:34:f6:f2:74:12:fd:ee:b3:f7:97:09:5e:ad:1e:2b:50:5c:
        68:9e:9f:25:9b:26:6e:34:60:0f:9a:77:9a:f1:1f:e6:f7:50:
        33:b3:02:12:f5:34:b4:76:ec:c7:62:39:98:71:c9:a0:00:47:
        6f:c2:95:06:05:a9:fe:57:17:19:68:96:69:e3:b2:07:b4:4f:
        f8:e7:c3:b6:f8:b6:3a:c6:a9:c5:78:95:ee:f3:55:b3:b7:cc:
        96:b4:63:63:58:e8:29:aa:a6:9b:27:27:06:f0:2a:d7:80:04:
        6e:dc:8b:b1:57:ce:4b:ae:81:f1:aa:64:78:55:f6:35:8e:17:
        3c:46:15:e1:94:82:7b:c5:47:3e:b7:6b:11:19:36:c0:82:c6:
        dd:3f:c4:1a:64:88:90:26:15:50:c4:a7:8e:62:5d:55:00:fd:
        17:a3:5a:ff:ec:e6:5c:27
-----BEGIN CERTIFICATE-----
MIIEVzCCAj+gAwIBAgIRAIOPbGPOsTmMYgZigxXJ/d4wDQYJKoZIhvcNAQELBQAw
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjQwMzEzMDAwMDAw
WhcNMjcwMzEyMjM1OTU5WjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
RW5jcnlwdDELMAkGA1UEAxMCRTUwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQNCzqK
a2GOtu/cX1jnxkJFVKtj9mZhSAouWXW0gQI3ULc/FnncmOyhKJdyIBwsz9V8UiBO
VHhbhBRrwJCuhezAUUE8Wod/Bk3U/mDR+mwt4X2VEIiiCFQPmRpM5uoKrNijgfgw
gfUwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
ATASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBSfK1/PPCFPnQS37SssxMZw
i9LXDTAfBgNVHSMEGDAWgBR5tFnme7bl5AFzgAiIyBpY9umbbjAyBggrBgEFBQcB
AQQmMCQwIgYIKwYBBQUHMAKGFmh0dHA6Ly94MS5pLmxlbmNyLm9yZy8wEwYDVR0g
BAwwCjAIBgZngQwBAgEwJwYDVR0fBCAwHjAcoBqgGIYWaHR0cDovL3gxLmMubGVu
Y3Iub3JnLzANBgkqhkiG9w0BAQsFAAOCAgEAH3KdNEVCQdqk0LKyuNImTKdRJY1C
2uw2SJajuhqkyGPY8C+zzsufZ+mgnhnq1A2KVQOSykOEnUbx1cy637rBAihx97r+
bcwbZM6sTDIaEriR/PLk6LKs9Be0uoVxgOKDcpG9svD33J+G9Lcfv1K9luDmSTgG
6XNFIN5vfI5gs/lMPyojEMdIzK9blcl2/1vKxO8WGCcjvsQ1nJ/Pwt8LQZBfOFyV
XP8ubAp/au3dc4EKWG9MO5zcx1qT9+NXRGdVWxGvmBFRAajciMfXME1ZuGmk3/GO
koAM7ZkjZmleyokP1LGzmfJcUd9s7eeu1/9/eg5XlXd/55GtYjAM+C4DG5i7eaNq
cm2F+yxYIPt6cbbtYVNJCGfHWqHEQ4FYStUyFnv8sjyqU8ypgZaNJ9aVcWSICLOI
E1/Qv/7oKsnZCWJ926wU6RqG1OYPGOi1zuABhLw61cuPVDT28nQS/e6z95cJXq0e
K1BcaJ6fJZsmbjRgD5p3mvEf5vdQM7MCEvU0tHbsx2I5mHHJoABHb8KVBgWp/lcX
GWiWaeOyB7RP+OfDtvi2OsapxXiV7vNVs7fMlrRjY1joKaqmmycnBvAq14AEbtyL
sVfOS66B8apkeFX2NY4XPEYV4ZSCe8VHPrdrERk2wILG3T/EGmSIkCYVUMSnjmJd
VQD9F6Na/+zmXCc=
-----END CERTIFICATE-----

We send the authority certificate only as is and do not use in any way, so we should not parse it and do not sepend memory for the certificate descriptor.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging a pull request may close this issue.

1 participant