CWE-347: Improper Verification of Cryptographic Signature
Learn about CWE-347 (Improper Verification of Cryptographic Signature), its security impact, exploitation methods, and prevention guidelines.
What is Improper Verification of Cryptographic Signature?
• Overview: The vulnerability CWE-347 refers to situations where a software product either does not verify or incorrectly verifies the cryptographic signature of data, which can lead to unauthorized actions or access.
• Exploitation Methods:
- Attackers can exploit this vulnerability by crafting data with a forged or tampered signature that bypasses verification checks.
- Common attack patterns include the use of manipulated tokens, certificates, or signed messages that the system fails to authenticate properly due to improper verification logic.
• Security Impact:
- Direct consequences include unauthorized data access, execution of malicious code, or data integrity breaches.
- Potential cascading effects can involve data leakage, privilege escalation, and further network infiltration.
- Business impact may consist of reputational damage, legal liabilities, financial losses, and compromised trust with customers or partners.
• Prevention Guidelines:
- Ensure that cryptographic signature verification is implemented correctly, following secure coding practices and using well-tested libraries.
- Apply security best practices such as validating the entire certificate chain and checking for certificate revocation.
- Use recommended tools and frameworks that provide robust cryptographic functions and regularly update them to address known vulnerabilities.
Corgea can automatically detect and fix Improper Verification of Cryptographic Signature in your codebase. Try Corgea free today.
Technical Details
Likelihood of Exploit: Not specified
Affected Languages: Not Language-Specific
Affected Technologies: Not specified
Vulnerable Code Example
// Import cryptographic library
const crypto = require('crypto');
// Function to verify a message using a digital signature
function verifySignature(publicKey, message, signature) {
// Create a verifier object
const verifier = crypto.createVerify('SHA256');
verifier.update(message);
verifier.end();
// Vulnerability: Does not specify the encoding of the signature
// This might lead to improper verification if the default encoding is not suitable
return verifier.verify(publicKey, signature); // Signature encoding not specified
}
// Example usage
const publicKey = '-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQ...';
const message = 'This is a message';
const signature = '...'; // Signature obtained from some source
const isValid = verifySignature(publicKey, message, signature);
console.log('Signature valid:', isValid);
How to fix Improper Verification of Cryptographic Signature?
The vulnerability in the above code arises from improper verification of the cryptographic signature due to unspecified or incorrect encoding. Signature verification functions typically require the signature to be provided in a specific encoding format (e.g., Base64, hex). If the encoding is not specified, it may default to an unintended format, leading to incorrect verification results.
To fix this, always explicitly specify the encoding format of the signature when calling the verify method. This ensures that the signature is correctly interpreted and verified against the message.
Fixed Code Example
// Import cryptographic library
const crypto = require('crypto');
// Function to verify a message using a digital signature
function verifySignature(publicKey, message, signature) {
// Create a verifier object
const verifier = crypto.createVerify('SHA256');
verifier.update(message);
verifier.end();
// Fix: Specify the encoding format of the signature explicitly
// Here, assuming the signature is in 'base64' format, change as appropriate
return verifier.verify(publicKey, signature, 'base64'); // Explicitly specify encoding
}
// Example usage
const publicKey = '-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQ...';
const message = 'This is a message';
const signature = '...'; // Signature obtained from some source, encoded in base64
const isValid = verifySignature(publicKey, message, signature);
console.log('Signature valid:', isValid);
In the fixed code, the verify method now explicitly specifies the encoding of the signature as 'base64'. This ensures that the function correctly interprets the signature and verifies it, thus preventing security vulnerabilities due to improper verification of cryptographic signatures. Always choose the encoding that matches the format used when the signature was created.