[UNIX] Vulnerability in OpenCA Signature Verification
From: SecuriTeam (support_at_securiteam.com)
To: firstname.lastname@example.org Date: 19 Jan 2004 12:56:17 +0200
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
The SecuriTeam alerts list - Free, Accurate, Independent.
Get your security news from a reliable source.
- - - - - - - - -
Vulnerability in OpenCA Signature Verification
<http://www.openca.org/> OpenCA Project is "an open organization aimed to
provide a framework for PKI studying and development of related projects".
A flaw in OpenCA could cause OpenCA to accept a signature from a
certificate if the certificate's chain is trusted byte chain directory of
OpenCA. This means that a certificate from another PKI can authorize
operations on the used PKI if the chain of the used signature certificate
can establish a trust relationship to the actually used PKI.
* OpenCA version 0.9.1.6 and prior
* OpenCA version 0.9.1.7 and newer
OpenCA has a library for common crypto operations - crypto-utils.lib. This
library includes a function to check a signature(libCheckSignature). The
function loads the used signature certificate from OpenCA's database and
finally ensures that the used signature certificate is identical with the
certificate in the database. The comparison of the certificate in the
database and the certificate of the signer was only performed on base of
the serial of the certificate. The design of the function can cause the
acceptance of a signature if the chain of the signature can create a trust
relationship to the chain directory of OpenCA and a certificate with a
matching serial exists in the used PKI.
A security risk is present for people who are using digital signatures to
secure approved requests or role based access control (RBAC).
The following patch can be applied to fix the vulnerability:
--- src/common/lib/functions/crypto-utils.lib 2004-01-15
+++ src/common/lib/functions/crypto-utils.lib.new 2004-01-15
@@ -201,7 +201,7 @@
- last if ( $tmpCert->getSerial() eq $sigCert->getSerial()
+ last if ( $tmpCert->getPEM() eq $sigCert->getPEM() );
$sigCert = undef;
Upgrade to 0.9.1.7 and use newer snapshots than
The information has been provided by
<mailto:email@example.com> Michael Bell.
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: firstname.lastname@example.org
In order to subscribe to the mailing list, simply forward this email to: email@example.com
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.