CWE-299: Improper Check for Certificate Revocation

What is Improper Check for Certificate Revocation?

• Overview: Improper Check for Certificate Revocation (CWE-299) occurs when software does not verify the revocation status of a digital certificate, potentially allowing the use of a compromised certificate. This can lead to security breaches as the certificate could be used maliciously.

• Exploitation Methods:

• Attackers can exploit this vulnerability by using a revoked certificate that appears valid because its status hasn't been checked.
• Common attack patterns include man-in-the-middle attacks where a revoked certificate is used to intercept communications.

• Security Impact:

• Direct consequences include unauthorized access to sensitive data and systems, as attackers can impersonate legitimate entities.
• Potential cascading effects can involve further breaches into other systems relying on the compromised certificate.
• Business impact could be severe, leading to data breaches, loss of customer trust, legal issues, and financial loss.

• Prevention Guidelines:

• Specific code-level fixes include implementing proper certificate validation checks that include revocation status using OCSP (Online Certificate Status Protocol) or CRL (Certificate Revocation List).
• Security best practices involve regular updates to certificate validation libraries and configuration to ensure they check revocation status by default.
• Recommended tools and frameworks include using robust libraries and APIs that handle certificate revocation checks appropriately, such as OpenSSL or Java's built-in security libraries, and ensuring they are configured to enforce revocation checking.

Corgea can automatically detect and fix Improper Check for Certificate Revocation in your codebase. [Try Corgea free today](https://corgea.app).

Technical Details

Likelihood of Exploit: Medium

Affected Languages: Not Language-Specific

Affected Technologies: Not specified

Vulnerable Code Example

import ssl
import urllib.request

# Vulnerable code: The SSL context does not check certificate revocation status
def fetch_data(url):
    context = ssl.create_default_context()
    # Revocation check is not enabled, which means revoked certificates are trusted
    response = urllib.request.urlopen(url, context=context)
    return response.read()

Explanation:

• The above code uses Python's ssl module to create a default SSL context.
• The key issue is that it does not enable certificate revocation checking.
• This means the code could trust a certificate that has been revoked, potentially allowing a man-in-the-middle attack.

How to fix Improper Check for Certificate Revocation?

To fix this vulnerability, you need to enforce certificate revocation checking by enabling Online Certificate Status Protocol (OCSP) and/or Certificate Revocation Lists (CRL). These methods allow the SSL context to verify whether a certificate has been revoked before establishing a connection.

Best Practices:

1. Use SSLContext with verify_flags set to include ssl.VERIFY_CRL_CHECK_LEAF.
2. Enable OCSP by setting ocsp_enabled to True if supported.
3. Keep the revocation lists and OCSP responses updated to ensure accurate checks.

Fixed Code Example

import ssl
import urllib.request

def fetch_data(url):
    context = ssl.create_default_context()
    
    # Fixed code: Enable certificate revocation checks
    context.verify_flags |= ssl.VERIFY_CRL_CHECK_LEAF  # Ensure CRL check for leaf certificates
    
    # Optionally enable OCSP stapling
    # Note: OCSP stapling requires server support and Python 3.10+
    if hasattr(context, 'ocsp_enabled'):
        context.ocsp_enabled = True
    
    response = urllib.request.urlopen(url, context=context)
    return response.read()

Explanation:

• The fixed code sets verify_flags on the SSL context to include ssl.VERIFY_CRL_CHECK_LEAF, ensuring that the certificate's revocation status is checked against a CRL.
• If using Python 3.10 or newer and the server supports it, ocsp_enabled is set to True to enable OCSP stapling, which can provide more up-to-date revocation status.
• By enabling these checks, the application can ensure that it does not trust certificates that have been revoked, thereby mitigating the risk of man-in-the-middle attacks using compromised certificates.