Failure to Check for Certificate Revocation

From Guidance Share

Contents 1 Description 2 Applies To 3 Example 4 Impact 5 Vulnerabilities 6 Countermeasures 7 Vulnerability Patterns 8 How Tos

Description

If a certificate is used without first checking to ensure it was not revoked, the certificate may be compromised.

Applies To

• Languages: Any language which does not abstract out this part of the process
• Operating platforms: All

Example

The following code, uses a certificate:

if (!(cert = SSL_get_peer(certificate(ssl)) || !host)

... without a call to get_verify_results to check for certificate revocation.

Impact

• Authentication: Trust may be assigned to an entity impersonating a trusted entity.
• Integrity: Data from an untrusted (and possibly malicious) source may be integrated.
• Confidentiality: Data may be disclosed to an entity impersonating a trusted entity, resulting in information disclosure.

Vulnerabilities

• Failure to use a certificate without checking for revocation.

Countermeasures

• Design: Ensure that certificates are checked for revoked status.

Vulnerability Patterns

• Failure to Check for Certificate Revocation Vulnerability Pattern

How Tos

• How To Recognize Failure to Check for Certificate Revocation Vulnerabilities
• How To Protect from Failure to Check for Certificate Revocation
• How To Perform an Attack Based On Failure to Check for Certificate Revocation