CWE-299: Improper Check for Certificate Revocation

What is Improper Check for Certificate Revocation?

• Overview: Improper Check for Certificate Revocation (CWE-299) occurs when software does not verify the revocation status of a digital certificate, potentially allowing the use of a compromised certificate. This can lead to security breaches as the certificate could be used maliciously.

• Exploitation Methods:

• Attackers can exploit this vulnerability by using a revoked certificate that appears valid because its status hasn't been checked.
• Common attack patterns include man-in-the-middle attacks where a revoked certificate is used to intercept communications.

• Security Impact:

• Direct consequences include unauthorized access to sensitive data and systems, as attackers can impersonate legitimate entities.
• Potential cascading effects can involve further breaches into other systems relying on the compromised certificate.
• Business impact could be severe, leading to data breaches, loss of customer trust, legal issues, and financial loss.

• Prevention Guidelines:

• Specific code-level fixes include implementing proper certificate validation checks that include revocation status using OCSP (Online Certificate Status Protocol) or CRL (Certificate Revocation List).
• Security best practices involve regular updates to certificate validation libraries and configuration to ensure they check revocation status by default.
• Recommended tools and frameworks include using robust libraries and APIs that handle certificate revocation checks appropriately, such as OpenSSL or Java's built-in security libraries, and ensuring they are configured to enforce revocation checking.

Corgea can automatically detect and fix Improper Check for Certificate Revocation in your codebase. Try Corgea free today.

Technical Details

Likelihood of Exploit: Medium

Affected Languages: Not Language-Specific

Affected Technologies: Not specified

Vulnerable Code Example

import ssl
import urllib.request

# Vulnerable code: The SSL context does not check certificate revocation status
def fetch_data(url):
    context = ssl.create_default_context()
    # Revocation check is not enabled, which means revoked certificates are trusted
    response = urllib.request.urlopen(url, context=context)
    return response.read()

Explanation:

• The above code uses Python's ssl module to create a default SSL context.
• The key issue is that it does not enable certificate revocation checking.
• This means the code could trust a certificate that has been revoked, potentially allowing a man-in-the-middle attack.

How to fix Improper Check for Certificate Revocation?

To fix this vulnerability, you need to enforce certificate revocation checking by enabling Online Certificate Status Protocol (OCSP) and/or Certificate Revocation Lists (CRL). These methods allow the SSL context to verify whether a certificate has been revoked before establishing a connection.

Best Practices:

1. Use SSLContext with verify_flags set to include ssl.VERIFY_CRL_CHECK_LEAF.
2. Enable OCSP by setting ocsp_enabled to True if supported.
3. Keep the revocation lists and OCSP responses updated to ensure accurate checks.

Fixed Code Example

import ssl
import urllib.request

def fetch_data(url):
    context = ssl.create_default_context()
    
    # Fixed code: Enable certificate revocation checks
    context.verify_flags |= ssl.VERIFY_CRL_CHECK_LEAF  # Ensure CRL check for leaf certificates
    
    # Optionally enable OCSP stapling
    # Note: OCSP stapling requires server support and Python 3.10+
    if hasattr(context, 'ocsp_enabled'):
        context.ocsp_enabled = True
    
    response = urllib.request.urlopen(url, context=context)
    return response.read()

Explanation:

• The fixed code sets verify_flags on the SSL context to include ssl.VERIFY_CRL_CHECK_LEAF, ensuring that the certificate's revocation status is checked against a CRL.
• If using Python 3.10 or newer and the server supports it, ocsp_enabled is set to True to enable OCSP stapling, which can provide more up-to-date revocation status.
• By enabling these checks, the application can ensure that it does not trust certificates that have been revoked, thereby mitigating the risk of man-in-the-middle attacks using compromised certificates.