[ssh_x509] information for OCSP enabled installations

ssh_x509 at roumenpetrov.info ssh_x509 at roumenpetrov.info
Wed Feb 6 23:28:17 EET 2013


Dear list members,

Roumen Petrov wrote:
> Dear list members,
>
> A X.509 certificate used in authentication always is verified against
> locally stored trusted certificates. If addition it could be validated
> using OCSP protocol vy a validation authority.
>
> If setup is with configuration VAType = none (default), i.e. do not
> validated X.509 certificate by OCSP you could skip this email.
>
>
> Today OpenSSL team publish updated version to address some security
> vulnerability. One of issues is with number CVE-2013-0166.
>
>
> In case of explicitly set OCSP responder (VAType=ocspspec) you could
> avoid openssl issue by adding responder signing certificate into
> additional local store specified by VACertificateFile. Ensure that
> public key could be extracted from this certificate. It is unlikely such
> responder to return malicious response.
>
> If OCSP validation is performed by specified into certificate OCSP
> Service Locator then you may consider to switch off OCSP or upgrade
> openssl.

Currently upgrade to 1.0.1d is not recommended if you use VAType = 
ocspcert, i.e.
  validate only certificates that specify ‘OCSP Service Locator’ URL.

You could patch openssl instead:
-----
diff -ur '--exclude=Makefile*' 
openssl-1.0.1c_fips/crypto/ocsp/ocsp_vfy.c 
openssl-1.0.1d_fips/crypto/ocsp/ocsp_vfy.c
--- openssl-1.0.1c_fips/crypto/ocsp/ocsp_vfy.c	2008-12-29 
18:11:55.000000000 +0200
+++ openssl-1.0.1d_fips/crypto/ocsp/ocsp_vfy.c	2013-02-05 
13:47:28.000000000 +0200
@@ -91,9 +91,12 @@
  		{
  		EVP_PKEY *skey;
  		skey = X509_get_pubkey(signer);
-		ret = OCSP_BASICRESP_verify(bs, skey, 0);
-		EVP_PKEY_free(skey);
-		if(ret <= 0)
+		if (skey)
+			{
+			ret = OCSP_BASICRESP_verify(bs, skey, 0);
+			EVP_PKEY_free(skey);
+			}
+		if(!skey || ret <= 0)
  			{
  			OCSPerr(OCSP_F_OCSP_BASIC_VERIFY, OCSP_R_SIGNATURE_FAILURE);
  			goto end;
@@ -108,6 +111,7 @@
  			init_res = X509_STORE_CTX_init(&ctx, st, signer, bs->certs);
  		if(!init_res)
  			{
+			ret = -1;
  			OCSPerr(OCSP_F_OCSP_BASIC_VERIFY,ERR_R_X509_LIB);
  			goto end;
  			}
-----


> Severity of CVE-2013-0166 is considered low as is not enabled by default.


Yours sincerely,
Roumen Petrov





More information about the ssh_x509 mailing list