Open Bug 1853500 Opened 2 years ago Updated 4 months ago

certificate viewer doesn't handle keyUsage extensions that are unexpectedly long

Categories

(Firefox :: Security, defect)

Product:
Firefox
Component:
Security
Type:
defect

Tracking

()

People

(Reporter: 2295456556, Unassigned)

References

(Blocks 1 open bug)

Details

Attachments

(10 files)

about_file.zip
53.09 KB, application/x-zip-compressed
Details
mutated_keyuse_diff.der
1.66 KB, application/x-x509-ca-cert
Details
mutated_keyuse_diff.pem
2.34 KB, application/octet-stream
Details
rsa_praviatekey_2048bit.pem
1.69 KB, application/octet-stream
Details
chrome_without_mutation.png
18.85 KB, image/png
Details
firefox_without_mutation.png
4.25 KB, image/png
Details
mutated_firefox.png
4.44 KB, image/png
Details
mutated_chrom.png
22.27 KB, image/png
Details
keyUsage-firefox.png
51.86 KB, image/png
Details
keyUsage-openssl.png
297.99 KB, image/png
Details
Attached file about_file.zip

User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36 Edg/116.0.1938.69

Steps to reproduce:

1.In Firefox, visit the url about:certificate?cert=(processed pem data) containing the certificate information.
2.Use Python to create a local server (e.g. using Flask) and specify a mutated certificate and private key. Access the Flask provided url in Chrome.
3.In your own developers' way, let the browser parse mutated certificate files, then observe the results.

Actual results:

Description: We tested with a mutated digital certificate as a test case. We have discovered differences in the parsing results of the certificate key usage extension for mutated digital certificates between Google Chrome and Mozilla Firefox browsers.
OS: Windows 10 22H2 19045.2604
Supplement: The mutated certificate is from this URL:'https://www.csdn.net/'.And The mutation certificate did not change the parsing result of key usage in Firefox
My exception: Confirm whether the discrepancy is a bug or not.

Expected results:

I don't know which of these two different certificate key usages is correct, but I want both browsers to have the same interpretation of the digital certificate. So I need you to confirm whether this difference is a bug or not.

The Bugbug bot thinks this bug should belong to the 'Core::Security: PSM' component, and is moving the bug to that component. Please correct in case you think the bot is wrong.

Component: Untriaged → Security: PSM
Product: Firefox → Core

Can you just post the certificate in question? I'm not opening that zip file.

Flags: needinfo?(2295456556)
Flags: needinfo?(2295456556)
Attached image mutated_firefox.png
Attached image mutated_chrom.png

Thanks!
This is a bug in how Firefox displays some keyUsage extensions, but it doesn't affect certificate validation.

Severity: -- → S4
Component: Security: PSM → Security
Product: Core → Firefox
Version: 17 Branch → unspecified
Summary: Chrome and Firefox parse certificate key usage information in digital certificates differently. → certificate viewer doesn't handle keyUsage extensions that are unexpectedly long

Dana, since you worked on this issue can I mark it as new for further investigations? Thank you.

Flags: needinfo?(dkeeler)

Sure.

Status: UNCONFIRMED → NEW
Ever confirmed: true
Flags: needinfo?(dkeeler)

Dear [Developer],

As you may know, my team has been testing browser certificate parsing correctness to uncover potential security vulnerabilities. Relevant research such as the SBDT paper (https://dl.acm.org/doi/10.1145/3597926.3598110) has shown parsing errors can lead to security issues, as not all problems manifest in certificate validation - certificates may fail earlier in parsing.

I understand you have categorized the issues we found as "display bugs" in the certificate viewer. However, we have reason to believe the viewer reflects the internal state of the parser. In other words, if the viewer shows incorrect data, it indicates the parser erred when initially parsing certificates. Hence these could still be security issues.

If the certificate viewer does indeed not accurately reflect parser internals, would it be possible to add interfaces for direct access to raw parser output? This would allow us to further investigate. Or might you know of any methods to directly obtain certificate parsing results from the parser itself? That would help improve our methodology and avoid over-relying on the certificate viewer.

Thanks again for your help!

Like I said in bug 1867580, the parser implementation behind the certificate viewer in Firefox is PKIjs. The code for it is available at https://github.com/PeculiarVentures/PKI.js. You should file the bug you've been filing here at https://github.com/PeculiarVentures/PKI.js/issues.

Blocks: 1974179

Seems like this no longer happens in Firefox 143.0.1 (64-bit). Tested with the mutated_keyuse_diff.pem file with firefox certificate viewer and openssl 3.2.4, both display the same keyUsage.

Attached image keyUsage-firefox.png
Attached image keyUsage-openssl.png
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: