Ravikumar Chennaparapu
2018-01-03 13:47:53 UTC
Hi,
We found an issue with strongswan 5.2.2; peer is accepting CERT payload
even though digital signature field in CERT payload is tampered.
As per the below code, there is no validation for the peer's pub key
certificate; peer's public key is added to the cache without any
validation. We do see this as a security vulnerability, could you check
this? Is our understanding correct ?
static void process_x509(cert_payload_t *payload, auth_cfg_t *auth,
cert_encoding_t encoding, bool *first)
{
certificate_t *cert;
char *url;
cert = try_get_cert(payload);
if (cert)
{
if (*first)
{ /* the first is an end entity certificate */
DBG1(DBG_IKE, "received end entity cert \"%Y\"",
cert->get_subject(cert));
auth->add(auth, AUTH_HELPER_SUBJECT_CERT, cert);
*first = FALSE;
}
else
{
DBG1(DBG_IKE, "received issuer cert \"%Y\"",
cert->get_subject(cert));
auth->add(auth, AUTH_HELPER_IM_CERT, cert);
}
}
else if (encoding == ENC_X509_HASH_AND_URL)
{
/* we fetch the certificate not yet, but only if
* it is really needed during authentication */
url = payload->get_url(payload);
if (!url)
{
DBG1(DBG_IKE, "received invalid hash-and-url "
"encoded cert, ignore");
return;
}
url = strdup(url);
if (*first)
{ /* first URL is for an end entity certificate */
DBG1(DBG_IKE, "received hash-and-url for end entity cert \"%s\"",
url);
auth->add(auth, AUTH_HELPER_SUBJECT_HASH_URL, url);
*first = FALSE;
}
else
{
DBG1(DBG_IKE, "received hash-and-url for issuer cert \"%s\"", url);
auth->add(auth, AUTH_HELPER_IM_HASH_URL, url);
}
}
}
Thanks and Regards,
Ravi
We found an issue with strongswan 5.2.2; peer is accepting CERT payload
even though digital signature field in CERT payload is tampered.
As per the below code, there is no validation for the peer's pub key
certificate; peer's public key is added to the cache without any
validation. We do see this as a security vulnerability, could you check
this? Is our understanding correct ?
static void process_x509(cert_payload_t *payload, auth_cfg_t *auth,
cert_encoding_t encoding, bool *first)
{
certificate_t *cert;
char *url;
cert = try_get_cert(payload);
if (cert)
{
if (*first)
{ /* the first is an end entity certificate */
DBG1(DBG_IKE, "received end entity cert \"%Y\"",
cert->get_subject(cert));
auth->add(auth, AUTH_HELPER_SUBJECT_CERT, cert);
*first = FALSE;
}
else
{
DBG1(DBG_IKE, "received issuer cert \"%Y\"",
cert->get_subject(cert));
auth->add(auth, AUTH_HELPER_IM_CERT, cert);
}
}
else if (encoding == ENC_X509_HASH_AND_URL)
{
/* we fetch the certificate not yet, but only if
* it is really needed during authentication */
url = payload->get_url(payload);
if (!url)
{
DBG1(DBG_IKE, "received invalid hash-and-url "
"encoded cert, ignore");
return;
}
url = strdup(url);
if (*first)
{ /* first URL is for an end entity certificate */
DBG1(DBG_IKE, "received hash-and-url for end entity cert \"%s\"",
url);
auth->add(auth, AUTH_HELPER_SUBJECT_HASH_URL, url);
*first = FALSE;
}
else
{
DBG1(DBG_IKE, "received hash-and-url for issuer cert \"%s\"", url);
auth->add(auth, AUTH_HELPER_IM_HASH_URL, url);
}
}
}
Thanks and Regards,
Ravi