Skip to content
master
Switch branches/tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 

TestableSecurity

This is a small proof-of-concept that lifts out the vulnerable SSLVerifySignedServerKeyExchange() from Apple's libsecurity_ssl to demonstrate that the signing code is readily unit testable in isolation.

While there's been some talk that this bug wasn't easily tested, the code in question verifies signatures based on straight-forward preconditions, and is readily testable for both positive and negative validation cases; there's no reason or excuse for it not being fully tested for:

  • Incorrect clientRandom.
  • Incorrect serverRandom.
  • Incorrect signedParams
  • Incorrect signature (which is essentially equivalent to any of the above)

Try running the unit tests yourself, and then simply comment out the errant 'goto' to see the tests pass:

if ((err = SSLHashSHA1.update(&hashCtx, &signedParams)) != 0)
    goto fail;
// goto fail;

About

Demonstrating that SSLVerifySignedServerKeyExchange() is trivially testable.

Resources

Releases

No releases published

Packages

No packages published