|
|
Authentication Bypass: OpenSSL CTX Object Modified after SSL Objects are Created Status: Draft Weakness ID: 593 (Weakness Variant)Description Summary The software modifies the SSL context after connection creation has begun. Common Consequences Authentication no authentication takes place in this process, bypassing an assumed protection of encryption Confidentiality the encrypted communication between a user and a trusted host may be subject to a "man in the middle" sniffing attack Potential Mitigations Architecture and Design Use a language which provides a cryptography framework at a higher level of abstraction. Implementation Most SSL_CTX functions have SSL counterparts that act on SSL-type objects. Demonstrative Examples C Example: #define CERT "secret.pem" #define CERT2 "secret2.pem" int main(){ SSL_CTX *ctx; SSL *ssl; init_OpenSSL(); seed_prng(); ctx = SSL_CTX_new(SSLv23_method()); if (SSL_CTX_use_certificate_chain_file(ctx, CERT) != 1) int_error("Error loading certificate from file"); if (SSL_CTX_use_PrivateKey_file(ctx, CERT, SSL_FILETYPE_PEM)
!= 1) int_error("Error loading private key from file"); if (!(ssl = SSL_new(ctx))) int_error("Error creating an SSL context"); if ( SSL_CTX_set_default_passwd_cb(ctx, "new default password"
!= 1)) int_error("Doing something which is dangerous to do
anyways"); if (!(ssl2 = SSL_new(ctx))) int_error("Error creating an SSL context"); }
Other Notes Applications should set up an SSL_CTX completely, before creating SSL objects from it.If one did modify the SSL_CTX object after creating objects from it, there is the possibility that older SSL objects created from that context could all be affected by that change. Relationships
Time of Introduction  Architecture and Design ImplementationRelated Attack Patterns
Content History Modifications Eric Dalci. Cigital. 2008-07-01. (External) updated Time_of_Introduction CWE Content Team. MITRE. 2008-09-08. (Internal) updated Common_Consequences, Relationships, Other_Notes |
|
|
|||
