PHP :: Bug #52093 :: openssl_csr_sign truncates $serial

Bug #52093

openssl_csr_sign truncates $serial

Submitted:

2010-06-16 11:34 UTC

Modified:

2021-06-30 13:51 UTC

Votes:	3
Avg. Score:	3.3 ± 1.2
Reproduced:	3 of 3 (100.0%)
Same Version:	1 (33.3%)
Same OS:	1 (33.3%)

From:

dreuzel at belgacom dot net

Assigned:

cmb (profile)

Status:

Closed

Package:

OpenSSL related

PHP Version:

5.3.2

OS:

win7

Private report:

CVE-ID:

None

View Add Comment Developer Edit

Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.

php.net Username: php.net Password:

Quick Fix:	(description)
	Block user comment
Status:		Assign to:
Package:
Bug Type:
Summary:
From:	dreuzel at belgacom dot net
New email:
PHP Version:		OS:

New/Additional Comment:

[2010-06-16 11:34 UTC] dreuzel at belgacom dot net

Description:
------------
The  Certificat  defintion OpenSSL   allows for  numerical serial numbers up to 
20 positions or more..    
In PHP  there is  build  in integer   rerstriction only allowing  half the serial
numbers .....   higher  numbers  have a cleared  part......


The serial needs to be  numerical no problem  but it need not be an integer
or limited by that  (allow  higher numbers)

Patches

Add a Patch

Pull Requests

Pull requests:

Fix #52093: openssl_csr_sign silently truncates $serial (php-src/7209)

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2017-08-02 14:27 UTC] narf at devilix dot net

There's a worse problem with this ... It's not even supposed to be a decimal number.

[2018-02-28 19:52 UTC] cmb@php.net

-Package: Unknown/Other Function +Package: OpenSSL related

[2019-08-18 20:35 UTC] hunterr83 at hotmail dot com

Not sure if the same thing, but very related.

When I do print(PHP_INT_MAX), I get a value of 9223372036854775807. However, when I try to pass in that value to the serial number parameter, the certificate that is generated shows a serial value of ff, which is 255.

Similarly, if I go down one count in value and pass in 9223372036854775806, then I get a final serial number of fe, which is 254.

If I pass in 4294967290, then I get fa, which is 250.

Some rough testing shows that the maximum value the function is willing to accept is something a bit higher than 4,000,000,000. Once you go above whatever the actual cap is, you start to see some really strange serial numbers. I feel if it's too difficult to support the PHP_INT_MAX value, then we could at least throw an error if the integer being passed in is more than the function can support.

[2021-06-30 12:37 UTC] cmb@php.net

-Status: Open +Status: Verified -Assigned To: +Assigned To: cmb

[2021-06-30 12:37 UTC] cmb@php.net

The following pull request has been associated:

Patch Name: Fix #52093: openssl_csr_sign silently truncates $serial
On GitHub:  https://github.com/php/php-src/pull/7209
Patch:      https://github.com/php/php-src/pull/7209.patch

[2021-06-30 13:51 UTC] cmb@php.net

-Summary: Openssl_csr_sign (serial) +Summary: openssl_csr_sign truncates $serial

[2021-07-01 13:46 UTC] git@php.net

Automatic comment on behalf of cmb69
Revision: https://github.com/php/php-src/commit/334387bb7097840789fbc95bd38c425645705d30
Log: Fix #52093: openssl_csr_sign truncates $serial

[2021-07-01 13:46 UTC] git@php.net

-Status: Verified +Status: Closed

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2021 The PHP Group All rights reserved.	Last updated: Sun Aug 01 20:01:24 2021 UTC