Failure to Follow Chain of Trust in Certificate Validation

From Guidance Share

Jump to: navigation, search

Contents

Description

Failure to follow the chain of trust when validating a certificate results in the trust of a given resource which has no connection to trusted root-certificate entities.

Applies To

  • Languages: All
  • Platforms: All

Example

The following example shows a certificate being used without checking the entire chain of trust up to the root certificate:

if (!(cert = SSL_get_peer(certificate(ssl)) || !host)
foo=SSL_get_veryify_result(ssl);
if ((X509_V_OK==foo) || X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN==foo))
//do stuff 

Impact

  • Authentication: Exploitation of this flaw can lead to the trust of data that may have originated with a spoofed source.
  • Accountability: Data, requests, or actions taken by the attacking entity can be carried out as a spoofed benign entity.

Vulnerabilities

  • Failure to follow the chain of trust to a trusted root certificate when validating a certificate.

Countermeasures

  • Design: Ensure that proper certificate checking is included in the system design.
  • Implementation: Understand, and properly implement all checks necessary to ensure the integrity of certificate trust integrity.

Vulnerability Patterns

How Tos

Personal tools