X25519Kyber768Draft00 by default. The default can be reverted using the
[`tlskyber` setting](/pkg/crypto/tls/#Config.CurvePreferences).
+Go 1.23 changed the behavior of
+[crypto/x509.ParseCertificate](/pkg/crypto/x509/#ParseCertificate) to reject
+serial numbers that are negative. This change can be reverted with
+the the [`x509negativeserial` setting](/pkg/crypto/x509/#ParseCertificate).
+
### Go 1.22
Go 1.22 adds a configurable limit to control the maximum acceptable RSA key size
"encoding/asn1"
"errors"
"fmt"
+ "internal/godebug"
"math/big"
"net"
"net/url"
return nil
}
+var x509negativeserial = godebug.New("x509negativeserial")
+
func parseCertificate(der []byte) (*Certificate, error) {
cert := &Certificate{}
if !tbs.ReadASN1Integer(serial) {
return nil, errors.New("x509: malformed serial number")
}
- // we ignore the presence of negative serial numbers because
- // of their prevalence, despite them being invalid
- // TODO(rolandshoemaker): revisit this decision, there are currently
- // only 10 trusted certificates with negative serial numbers
- // according to censys.io.
+ if serial.Sign() == -1 {
+ if x509negativeserial.Value() != "1" {
+ return nil, errors.New("x509: negative serial number")
+ } else {
+ x509negativeserial.IncNonDefault()
+ }
+ }
cert.SerialNumber = serial
var sigAISeq cryptobyte.String
}
// ParseCertificate parses a single certificate from the given ASN.1 DER data.
+//
+// Before Go 1.23, ParseCertificate accepted certificates with negative serial
+// numbers. This behavior can be restored by including "x509negativeserial=1" in
+// the GODEBUG environment variable.
func ParseCertificate(der []byte) (*Certificate, error) {
cert, err := parseCertificate(der)
if err != nil {
}
}
-const certISOOID = `
------BEGIN CERTIFICATE-----
-MIIB5TCCAVKgAwIBAgIQtwyL3RPWV7dJQp34HwZG9DAJBgUrDgMCHQUAMBExDzAN
+const certISOOID = `-----BEGIN CERTIFICATE-----
+MIIB5TCCAVKgAwIBAgIQNwyL3RPWV7dJQp34HwZG9DAJBgUrDgMCHQUAMBExDzAN
BgNVBAMTBm15dGVzdDAeFw0xNjA4MDkyMjExMDVaFw0zOTEyMzEyMzU5NTlaMBEx
DzANBgNVBAMTBm15dGVzdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArzIH
GsyDB3ohIGkkvijF2PTRUX1bvOtY1eUUpjwHyu0twpAKSuaQv2Ha+/63+aHe8O86
}
const uniqueIDPEM = `-----BEGIN CERTIFICATE-----
-MIIFsDCCBJigAwIBAgIIrOyC1ydafZMwDQYJKoZIhvcNAQEFBQAwgY4xgYswgYgG
+MIIFsDCCBJigAwIBAgIILOyC1ydafZMwDQYJKoZIhvcNAQEFBQAwgY4xgYswgYgG
A1UEAx6BgABNAGkAYwByAG8AcwBvAGYAdAAgAEYAbwByAGUAZgByAG8AbgB0ACAA
VABNAEcAIABIAFQAVABQAFMAIABJAG4AcwBwAGUAYwB0AGkAbwBuACAAQwBlAHIA
dABpAGYAaQBjAGEAdABpAG8AbgAgAEEAdQB0AGgAbwByAGkAdAB5MB4XDTE0MDEx
func TestParseNegativeSerial(t *testing.T) {
pemBlock, _ := pem.Decode([]byte(negativeSerialCert))
_, err := ParseCertificate(pemBlock.Bytes)
- if err != nil {
- t.Fatalf("failed to parse certificate: %s", err)
+ if err == nil {
+ t.Fatal("parsed certificate with negative serial")
}
}
{Name: "tlsunsafeekm", Package: "crypto/tls", Changed: 22, Old: "1"},
{Name: "winreadlinkvolume", Package: "os", Changed: 22, Old: "0"},
{Name: "winsymlink", Package: "os", Changed: 22, Old: "0"},
+ {Name: "x509negativeserial", Package: "crypto/x509", Changed: 23, Old: "1"},
{Name: "x509sha1", Package: "crypto/x509"},
{Name: "x509usefallbackroots", Package: "crypto/x509"},
{Name: "x509usepolicies", Package: "crypto/x509"},
The number of non-default behaviors executed by the os package
due to a non-default GODEBUG=winsymlink=... setting.
+ /godebug/non-default-behavior/x509negativeserial:events
+ The number of non-default behaviors executed by the crypto/x509
+ package due to a non-default GODEBUG=x509negativeserial=...
+ setting.
+
/godebug/non-default-behavior/x509sha1:events
The number of non-default behaviors executed by the crypto/x509
package due to a non-default GODEBUG=x509sha1=... setting.