summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichael Tänzer <neo@nhng.de>2011-06-15 17:08:26 +0200
committerMichael Tänzer <neo@nhng.de>2011-06-15 17:08:26 +0200
commit5adba778b0e1d1b73555b561a5acfae23e9ba66c (patch)
tree63bf62fb9a64608975359a6c07663765133d136c
parent403fb7c3907c337f75c40d306147b339aa6a5d1c (diff)
parent7f1f10b52ab565d582de1ddb933872ce12e104f3 (diff)
downloadcacert-devel-2011-06-15.tar.gz
cacert-devel-2011-06-15.tar.xz
cacert-devel-2011-06-15.zip
Merge branch 'bug-918' into release2011-06-15
-rw-r--r--README1
-rw-r--r--includes/account.php157
-rw-r--r--includes/account_stuff.php357
-rwxr-xr-xscripts/DumpWeakCerts.pl179
-rwxr-xr-xscripts/mail-weak-keys.php161
-rw-r--r--scripts/perl_mysql.sample6
-rw-r--r--www/api/ccsr.php6
7 files changed, 851 insertions, 16 deletions
diff --git a/README b/README
index 6e07b04..7f2ca78 100644
--- a/README
+++ b/README
@@ -9,6 +9,7 @@ PHP
GetText
UFPDF - PDF generation library from http://acko.net/node/56
OpenSSL - X.509 toolkit from http://www.openssl.org/
+openssl-vulnkey including blacklists for all common key sizes
GnuPG - OpenPGP toolkit from http://www.gnupg.org/
whois - whois client from http://www.linux.it/~md/software/
XEnroll - Enrollment Active-X control for IE5/6 from Microsoft (search for xenroll.cab)
diff --git a/includes/account.php b/includes/account.php
index 685b53a..14702b9 100644
--- a/includes/account.php
+++ b/includes/account.php
@@ -299,6 +299,15 @@
$_SESSION['_config']['rootcert'] = 1;
$emails .= "SPKAC = $spkac";
+ if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
+ {
+ $id = 4;
+ showheader(_("My CAcert.org Account!"));
+ echo $weakKey;
+ showfooter();
+ exit;
+ }
+
$query = "insert into emailcerts set
`CN`='$defaultemail',
`keytype`='NS',
@@ -330,6 +339,16 @@
} else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype'] == "VI") {
if($csr == "")
$csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."\n-----END CERTIFICATE REQUEST-----\n";
+
+ if (($weakKey = checkWeakKeyCSR($csr)) !== "")
+ {
+ $id = 4;
+ showheader(_("My CAcert.org Account!"));
+ echo $weakKey;
+ showfooter();
+ exit;
+ }
+
$tmpfname = tempnam("/tmp", "id4CSR");
$fp = fopen($tmpfname, "w");
fputs($fp, $csr);
@@ -613,17 +632,23 @@
if($process != "" && $oldid == 10)
{
$CSR = clean_csr($_REQUEST['CSR']);
- $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id10CSR");
- $fp = fopen($_SESSION['_config']['tmpfname'], "w");
if(strpos($CSR,"---BEGIN")===FALSE)
{
// In case the CSR is missing the ---BEGIN lines, add them automatically:
- fputs($fp,"-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."\n-----END CERTIFICATE REQUEST-----\n");
+ $CSR = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."\n-----END CERTIFICATE REQUEST-----\n";
}
- else
+
+ if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
{
- fputs($fp, $CSR);
+ showheader(_("My CAcert.org Account!"));
+ echo $weakKey;
+ showfooter();
+ exit;
}
+
+ $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id10CSR");
+ $fp = fopen($_SESSION['_config']['tmpfname'], "w");
+ fputs($fp, $CSR);
fclose($fp);
$CSR = $_SESSION['_config']['tmpfname'];
$_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
@@ -658,6 +683,23 @@
if($process != "" && $oldid == 11)
{
+ if(!file_exists($_SESSION['_config']['tmpfname']))
+ {
+ showheader(_("My CAcert.org Account!"));
+ printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
+ showfooter();
+ exit;
+ }
+
+ if (($weakKey = checkWeakKeyCSR(file_get_contents(
+ $_SESSION['_config']['tmpfname']))) !== "")
+ {
+ showheader(_("My CAcert.org Account!"));
+ echo $weakKey;
+ showfooter();
+ exit;
+ }
+
$id = 11;
if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
{
@@ -731,13 +773,6 @@
mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
$CSRname=generatecertpath("csr","server",$CSRid);
- if(!file_exists($_SESSION['_config']['tmpfname']))
- {
- showheader(_("My CAcert.org Account!"));
- printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
- showfooter();
- exit;
- }
rename($_SESSION['_config']['tmpfname'], $CSRname);
chmod($CSRname,0644);
mysql_query("update `domaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
@@ -780,8 +815,17 @@
printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br/>\n", $id);
continue;
}
- mysql_query("update `domaincerts` set `renewed`='1' where `id`='$id'");
+
$row = mysql_fetch_assoc($res);
+
+ if (($weakKey = checkWeakKeyX509(file_get_contents(
+ $row['crt_name']))) !== "")
+ {
+ echo $weakKey, "<br/>\n";
+ continue;
+ }
+
+ mysql_query("update `domaincerts` set `renewed`='1' where `id`='$id'");
$query = "insert into `domaincerts` set
`domid`='".$row['domid']."',
`CN`='".mysql_real_escape_string($row['CN'])."',
@@ -946,8 +990,17 @@
printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
continue;
}
- mysql_query("update `emailcerts` set `renewed`='1' where `id`='$id'");
+
$row = mysql_fetch_assoc($res);
+
+ if (($weakKey = checkWeakKeyX509(file_get_contents(
+ $row['crt_name']))) !== "")
+ {
+ echo $weakKey, "<br/>\n";
+ continue;
+ }
+
+ mysql_query("update `emailcerts` set `renewed`='1' where `id`='$id'");
$query = "insert into emailcerts set
`memid`='".$row['memid']."',
`CN`='".mysql_real_escape_string($row['CN'])."',
@@ -1378,6 +1431,15 @@
$_SESSION['_config']['rootcert'] = 1;
$emails .= "SPKAC = $spkac";
+ if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
+ {
+ $id = 17;
+ showheader(_("My CAcert.org Account!"));
+ echo $weakKey;
+ showfooter();
+ exit;
+ }
+
$query = "insert into `orgemailcerts` set
`CN`='$defaultemail',
`keytype`='NS',
@@ -1408,6 +1470,16 @@
mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
} else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype']=="VI") {
$csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."-----END CERTIFICATE REQUEST-----\n";
+
+ if (($weakKey = checkWeakKeyCSR($csr)) !== "")
+ {
+ $id = 17;
+ showheader(_("My CAcert.org Account!"));
+ echo $weakKey;
+ showfooter();
+ exit;
+ }
+
$tmpfname = tempnam("/tmp", "id17CSR");
$fp = fopen($tmpfname, "w");
fputs($fp, $csr);
@@ -1514,8 +1586,17 @@
printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
continue;
}
- mysql_query("update `orgemailcerts` set `renewed`='1' where `id`='$id'");
+
$row = mysql_fetch_assoc($res);
+
+ if (($weakKey = checkWeakKeyX509(file_get_contents(
+ $row['crt_name']))) !== "")
+ {
+ echo $weakKey, "<br/>\n";
+ continue;
+ }
+
+ mysql_query("update `orgemailcerts` set `renewed`='1' where `id`='$id'");
if($row['revoke'] > 0)
{
printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
@@ -1625,6 +1706,16 @@
if($process != "" && $oldid == 20)
{
$CSR = clean_csr($_REQUEST['CSR']);
+
+ if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
+ {
+ $id = 20;
+ showheader(_("My CAcert.org Account!"));
+ echo $weakKey;
+ showfooter();
+ exit;
+ }
+
$_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id20CSR");
$fp = fopen($_SESSION['_config']['tmpfname'], "w");
fputs($fp, $CSR);
@@ -1674,6 +1765,23 @@
if($process != "" && $oldid == 21)
{
$id = 21;
+
+ if(!file_exists($_SESSION['_config']['tmpfname']))
+ {
+ showheader(_("My CAcert.org Account!"));
+ printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
+ showfooter();
+ exit;
+ }
+
+ if (($weakKey = checkWeakKeyCSR(file_get_contents(
+ $_SESSION['_config']['tmpfname']))) !== "")
+ {
+ showheader(_("My CAcert.org Account!"));
+ echo $weakKey;
+ showfooter();
+ exit;
+ }
if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
{
@@ -1799,8 +1907,17 @@
printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
continue;
}
- mysql_query("update `orgdomaincerts` set `renewed`='1' where `id`='$id'");
+
$row = mysql_fetch_assoc($res);
+
+ if (($weakKey = checkWeakKeyX509(file_get_contents(
+ $row['crt_name']))) !== "")
+ {
+ echo $weakKey, "<br/>\n";
+ continue;
+ }
+
+ mysql_query("update `orgdomaincerts` set `renewed`='1' where `id`='$id'");
if($row['revoke'] > 0)
{
printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
@@ -2497,6 +2614,14 @@
showfooter();
exit;
}
+
+ if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
+ {
+ showheader(_("My CAcert.org Account!"));
+ echo $weakKey;
+ showfooter();
+ exit;
+ }
$query = "insert into `domaincerts` set
`CN`='".$_SESSION['_config']['0.CN']."',
diff --git a/includes/account_stuff.php b/includes/account_stuff.php
index fa6757b..7c8980c 100644
--- a/includes/account_stuff.php
+++ b/includes/account_stuff.php
@@ -284,4 +284,361 @@ function hideall() {
</body>
</html><?
}
+
+ /**
+ * Produces a log entry with the error message with log level E_USER_WARN
+ * and a random ID an returns a message that can be displayed to the user
+ * including the generated ID
+ *
+ * @param $errormessage string
+ * The error message that should be logged
+ * @return string containing the generated ID that can be displayed to the
+ * user
+ */
+ function failWithId($errormessage) {
+ $errorId = rand();
+ trigger_error("$errormessage. ID: $errorId", E_USER_WARNING);
+ return sprintf(_("Something went wrong when processing your request. ".
+ "Please contact %s for help and provide them with the ".
+ "following ID: %d"),
+ "<a href='mailto:support@cacert.org?subject=System%20Error%20-%20".
+ "ID%3A%20$errorId'>support@cacert.org</a>",
+ $errorId);
+ }
+
+ /**
+ * Checks whether the given CSR contains a vulnerable key
+ *
+ * @param $csr string
+ * The CSR to be checked
+ * @param $encoding string [optional]
+ * The encoding the CSR is in (for the "-inform" parameter of OpenSSL,
+ * currently only "PEM" (default) or "DER" allowed)
+ * @return string containing the reason if the key is considered weak,
+ * empty string otherwise
+ */
+ function checkWeakKeyCSR($csr, $encoding = "PEM")
+ {
+ // non-PEM-encodings may be binary so don't use echo
+ $descriptorspec = array(
+ 0 => array("pipe", "r"), // STDIN for child
+ 1 => array("pipe", "w"), // STDOUT for child
+ );
+ $encoding = escapeshellarg($encoding);
+ $proc = proc_open("openssl req -inform $encoding -text -noout",
+ $descriptorspec, $pipes);
+
+ if (is_resource($proc))
+ {
+ fwrite($pipes[0], $csr);
+ fclose($pipes[0]);
+
+ $csrText = "";
+ while (!feof($pipes[1]))
+ {
+ $csrText .= fread($pipes[1], 8192);
+ }
+ fclose($pipes[1]);
+
+ if (($status = proc_close($proc)) !== 0 || $csrText === "")
+ {
+ return _("I didn't receive a valid Certificate Request, hit ".
+ "the back button and try again.");
+ }
+ } else {
+ return failWithId("checkWeakKeyCSR(): Failed to start OpenSSL");
+ }
+
+
+ return checkWeakKeyText($csrText);
+ }
+
+ /**
+ * Checks whether the given X509 certificate contains a vulnerable key
+ *
+ * @param $cert string
+ * The X509 certificate to be checked
+ * @param $encoding string [optional]
+ * The encoding the certificate is in (for the "-inform" parameter of
+ * OpenSSL, currently only "PEM" (default), "DER" or "NET" allowed)
+ * @return string containing the reason if the key is considered weak,
+ * empty string otherwise
+ */
+ function checkWeakKeyX509($cert, $encoding = "PEM")
+ {
+ // non-PEM-encodings may be binary so don't use echo
+ $descriptorspec = array(
+ 0 => array("pipe", "r"), // STDIN for child
+ 1 => array("pipe", "w"), // STDOUT for child
+ );
+ $encoding = escapeshellarg($encoding);
+ $proc = proc_open("openssl x509 -inform $encoding -text -noout",
+ $descriptorspec, $pipes);
+
+ if (is_resource($proc))
+ {
+ fwrite($pipes[0], $cert);
+ fclose($pipes[0]);
+
+ $certText = "";
+ while (!feof($pipes[1]))
+ {
+ $certText .= fread($pipes[1], 8192);
+ }
+ fclose($pipes[1]);
+
+ if (($status = proc_close($proc)) !== 0 || $certText === "")
+ {
+ return _("I didn't receive a valid Certificate Request, hit ".
+ "the back button and try again.");
+ }
+ } else {
+ return failWithId("checkWeakKeyCSR(): Failed to start OpenSSL");
+ }
+
+
+ return checkWeakKeyText($certText);
+ }
+
+ /**
+ * Checks whether the given SPKAC contains a vulnerable key
+ *
+ * @param $spkac string
+ * The SPKAC to be checked
+ * @param $spkacname string [optional]
+ * The name of the variable that contains the SPKAC. The default is
+ * "SPKAC"
+ * @return string containing the reason if the key is considered weak,
+ * empty string otherwise
+ */
+ function checkWeakKeySPKAC($spkac, $spkacname = "SPKAC")
+ {
+ /* Check for the debian OpenSSL vulnerability */
+
+ $spkac = escapeshellarg($spkac);
+ $spkacname = escapeshellarg($spkacname);
+ $spkacText = `echo $spkac | openssl spkac -spkac $spkacname`;
+ if ($spkacText === null) {
+ return _("I didn't receive a valid Certificate Request, hit the ".
+ "back button and try again.");
+ }
+
+ return checkWeakKeyText($spkacText);
+ }
+
+ /**
+ * Checks whether the given text representation of a CSR or a SPKAC contains
+ * a weak key
+ *
+ * @param $text string
+ * The text representation of a key as output by the
+ * "openssl <foo> -text -noout" commands
+ * @return string containing the reason if the key is considered weak,
+ * empty string otherwise
+ */
+ function checkWeakKeyText($text)
+ {
+ /* Which public key algorithm? */
+ if (!preg_match('/^\s*Public Key Algorithm: ([^\s]+)$/m', $text,
+ $algorithm))
+ {
+ return failWithId("checkWeakKeyText(): Couldn't extract the ".
+ "public key algorithm used");
+ } else {
+ $algorithm = $algorithm[1];
+ }
+
+
+ if ($algorithm === "rsaEncryption")
+ {
+ if (!preg_match('/^\s*RSA Public Key: \((\d+) bit\)$/m', $text,
+ $keysize))
+ {
+ return failWithId("checkWeakKeyText(): Couldn't parse the RSA ".
+ "key size");
+ } else {
+ $keysize = intval($keysize[1]);
+ }
+
+ if ($keysize < 1024)
+ {
+ return sprintf(_("The keys that you use are very small ".
+ "and therefore insecure. Please generate stronger ".
+ "keys. More information about this issue can be ".
+ "found in %sthe wiki%s"),
+ "<a href='//wiki.cacert.org/WeakKeys#SmallKey'>",
+ "</a>");
+ } elseif ($keysize < 2048) {
+ // not critical but log so we have some statistics about
+ // affected users
+ trigger_error("checkWeakKeyText(): Certificate for small ".
+ "key (< 2048 bit) requested", E_USER_NOTICE);
+ }
+
+
+ $debianVuln = checkDebianVulnerability($text, $keysize);
+ if ($debianVuln === true)
+ {
+ return sprintf(_("The keys you use have very likely been ".
+ "generated with a vulnerable version of OpenSSL which ".
+ "was distributed by debian. Please generate new keys. ".
+ "More information about this issue can be found in ".
+ "%sthe wiki%s"),
+ "<a href='//wiki.cacert.org/WeakKeys#DebianVulnerability'>",
+ "</a>");
+ } elseif ($debianVuln === false) {
+ // not vulnerable => do nothing
+ } else {
+ return failWithId("checkWeakKeyText(): Something went wrong in".
+ "checkDebianVulnerability()");
+ }
+
+ if (!preg_match('/^\s*Exponent: (\d+) \(0x[0-9a-fA-F]+\)$/m', $text,
+ $exponent))
+ {
+ return failWithId("checkWeakKeyText(): Couldn't parse the RSA ".
+ "exponent");
+ } else {
+ $exponent = $exponent[1]; // exponent might be very big =>
+ //handle as string using bc*()
+
+ if (bccomp($exponent, "3") === 0)
+ {
+ return sprintf(_("The keys you use might be insecure. ".
+ "Although there is currently no known attack for ".
+ "reasonable encryption schemes, we're being ".
+ "cautious and don't allow certificates for such ".
+ "keys. Please generate stronger keys. More ".
+ "information about this issue can be found in ".
+ "%sthe wiki%s"),
+ "<a href='//wiki.cacert.org/WeakKeys#SmallExponent'>",
+ "</a>");
+ } elseif (!(bccomp($exponent, "65537") >= 0 &&
+ (bccomp($exponent, "100000") === -1 ||
+ // speed things up if way smaller than 2^256
+ bccomp($exponent, bcpow("2", "256")) === -1) )) {
+ // 65537 <= exponent < 2^256 recommended by NIST
+ // not critical but log so we have some statistics about
+ // affected users
+ trigger_error("checkWeakKeyText(): Certificate for ".
+ "unsuitable exponent '$exponent' requested",
+ E_USER_NOTICE);
+ }
+ }
+ }
+
+ /* No weakness found */
+ return "";
+ }
+
+ /**
+ * Reimplement the functionality of the openssl-vulnkey tool
+ *
+ * @param $text string
+ * The text representation of a key as output by the
+ * "openssl <foo> -text -noout" commands
+ * @param $keysize int [optional]
+ * If the key size is already known it can be provided so it doesn't
+ * have to be parsed again. This also skips the check whether the key
+ * is an RSA key => use wisely
+ * @return TRUE if key is vulnerable, FALSE otherwise, NULL in case of error
+ */
+ function checkDebianVulnerability($text, $keysize = 0)
+ {
+ $keysize = intval($keysize);
+
+ if ($keysize === 0)
+ {
+ /* Which public key algorithm? */
+ if (!preg_match('/^\s*Public Key Algorithm: ([^\s]+)$/m', $text,
+ $algorithm))
+ {
+ trigger_error("checkDebianVulnerability(): Couldn't extract ".
+ "the public key algorithm used", E_USER_WARNING);
+ return null;
+ } else {
+ $algorithm = $algorithm[1];
+ }
+
+ if ($algorithm !== "rsaEncryption") return false;
+
+ /* Extract public key size */
+ if (!preg_match('/^\s*RSA Public Key: \((\d+) bit\)$/m', $text,
+ $keysize))
+ {
+ trigger_error("checkDebianVulnerability(): Couldn't parse the ".
+ "RSA key size", E_USER_WARNING);
+ return null;
+ } else {
+ $keysize = intval($keysize[1]);
+ }
+ }
+
+ // $keysize has been made sure to contain an int
+ $blacklist = "/usr/share/openssl-blacklist/blacklist.RSA-$keysize";
+ if (!(is_file($blacklist) && is_readable($blacklist)))
+ {
+ if (in_array($keysize, array(512, 1024, 2048, 4096)))
+ {
+ trigger_error("checkDebianVulnerability(): Blacklist for ".
+ "$keysize bit keys not accessible. Expected at ".
+ "$blacklist", E_USER_ERROR);
+ return null;
+ }
+
+ trigger_error("checkDebianVulnerability(): $blacklist is not ".
+ "readable. Unsupported key size?", E_USER_WARNING);
+ return false;
+ }
+
+
+ /* Extract RSA modulus */
+ if (!preg_match('/^\s*Modulus \(\d+ bit\):\n'.
+ '((?:\s*[0-9a-f][0-9a-f]:(?:\n)?)+[0-9a-f][0-9a-f])$/m',
+ $text, $modulus))
+ {
+ trigger_error("checkDebianVulnerability(): Couldn't extract the ".
+ "RSA modulus", E_USER_WARNING);
+ return null;
+ } else {
+ $modulus = $modulus[1];
+ // strip whitespace and colon leftovers
+ $modulus = str_replace(array(" ", "\t", "\n", ":"), "", $modulus);
+
+ // when using "openssl xxx -text" first byte was 00 in all my test
+ // cases but 00 not present in the "openssl xxx -modulus" output
+ if ($modulus[0] === "0" && $modulus[1] === "0")
+ {
+ $modulus = substr($modulus, 2);
+ } else {
+ trigger_error("checkDebianVulnerability(): First byte is not ".
+ "zero", E_USER_NOTICE);
+ }
+
+ $modulus = strtoupper($modulus);
+ }
+
+
+ /* calculate checksum and look it up in the blacklist */
+ $checksum = substr(sha1("Modulus=$modulus\n"), 20);
+
+ // $checksum and $blacklist should be safe, but just to make sure
+ $checksum = escapeshellarg($checksum);
+ $blacklist = escapeshellarg($blacklist);
+ exec("grep $checksum $blacklist", $dummy, $debianVuln);
+ if ($debianVuln === 0) // grep returned something => it is on the list
+ {
+ return true;
+ } elseif ($debianVuln === 1) { // grep returned nothing
+ return false;
+ } else {
+ trigger_error("checkDebianVulnerability(): Something went wrong ".
+ "when looking up the key with checksum $checksum in the ".
+ "blacklist $blacklist", E_USER_ERROR);
+ return null;
+ }
+
+ // Should not get here
+ return null;
+ }
?>
diff --git a/scripts/DumpWeakCerts.pl b/scripts/DumpWeakCerts.pl
new file mode 100755
index 0000000..85648fe
--- /dev/null
+++ b/scripts/DumpWeakCerts.pl
@@ -0,0 +1,179 @@
+#!/usr/bin/perl
+# Script to dump weak RSA certs (Exponent 3 or Modulus size < 1024) according to https://bugs.cacert.org/view.php?id=918
+# and https://wiki.cacert.org/Arbitrations/a20110312.1
+
+use strict;
+use warnings;
+
+use DBI;
+
+my $cacert_db_config;
+my $cacert_db_user;
+my $cacert_db_password;
+
+# Read database access data from the config file
+eval `cat perl_mysql`;
+
+my $dbh = DBI->connect($cacert_db_config, $cacert_db_user, $cacert_db_password, { RaiseError => 1, AutoCommit => 0 } ) || die "Cannot connect database: $DBI::errstr";
+
+my $sth_certs;
+my $sth_userdata;
+
+my $cert_domid;
+my $cert_userid;
+my $cert_orgid;
+my $cert_CN;
+my $cert_expire;
+my $cert_filename;
+my $cert_serial;
+
+my $user_email;
+my $user_firstname;
+
+my $reason;
+
+my @row;
+
+sub IsWeak($) {
+ my ($CertFileName) = @_;
+
+ my $ModulusSize = 0;
+ my $Exponent = 0;
+ my $result = 0;
+
+ # Do key size and exponent checking for RSA keys
+ open(CERTTEXT, '-|', "openssl x509 -in $CertFileName -noout -text") || die "Cannot start openssl";
+ while (<CERTTEXT>) {
+ if (/^ +([^ ]+) Public Key:/) {
+ last if ($1 ne "RSA");
+ }
+ if (/^ +Modulus \((\d+) bit\)/) {
+ $ModulusSize = $1;
+ }
+ if (/^ +Exponent: (\d+)/) {
+ $Exponent = $1;
+ last;
+ }
+ }
+ close(CERTTEXT);
+ if ($ModulusSize > 0 && $Exponent > 0) {
+ if ($ModulusSize < 1024 || $Exponent==3) {
+ $result = "SmallKey";
+ }
+ }
+
+ if (!$result) {
+ # Check with openssl-vulnkey
+ # This is currently not tested, if you don't know what you are doing leave it commented!
+ if (system("openssl-vulnkey -q $CertFileName") != 0) {
+ $result = "openssl-vulnkey";
+ }
+ }
+
+ return $result;
+}
+
+# Select only certificates expiring in more than two weeks, since two weeks will probably be needed as turnaround time
+# Get all domain certificates
+$sth_certs = $dbh->prepare(
+ "SELECT `dc`.`domid`, `dc`.`CN`, `dc`.`expire`, `dc`.`crt_name`, `dc`.`serial` ".
+ " FROM `domaincerts` AS `dc` ".
+ " WHERE `dc`.`revoked`=0 AND `dc`.`expire` > DATE_ADD(NOW(), INTERVAL 14 DAY)");
+$sth_certs->execute();
+
+$sth_userdata = $dbh->prepare(
+ "SELECT `u`.`email`, `u`.`fname` ".
+ " FROM `domains` AS `d`, `users` AS `u` ".
+ " WHERE `d`.`memid`=`u`.`id` AND `d`.`id`=?");
+
+while(($cert_domid, $cert_CN, $cert_expire, $cert_filename, $cert_serial) = $sth_certs->fetchrow_array) {
+ if (-f $cert_filename) {
+ $reason = IsWeak($cert_filename);
+ if ($reason) {
+ $sth_userdata->execute($cert_domid);
+ ($user_email, $user_firstname) = $sth_userdata->fetchrow_array();
+ print join("\t", ('DomainCert', $user_email, $user_firstname, $cert_expire, $cert_CN, $reason, $cert_serial)). "\n";
+ $sth_userdata->finish();
+ }
+ }
+}
+$sth_certs->finish();
+
+# Get all email certificates
+$sth_certs = $dbh->prepare(
+ "SELECT `ec`.`memid`, `ec`.`CN`, `ec`.`expire`, `ec`.`crt_name`, `ec`.`serial` ".
+ " FROM `emailcerts` AS `ec` ".
+ " WHERE `ec`.`revoked`=0 AND `ec`.`expire` > DATE_ADD(NOW(), INTERVAL 14 DAY)");
+$sth_certs->execute();
+
+$sth_userdata = $dbh->prepare(
+ "SELECT `u`.`email`, `u`.`fname` ".
+ " FROM `users` AS `u` ".
+ " WHERE `u`.`id`=?");
+
+while(($cert_userid, $cert_CN, $cert_expire, $cert_filename, $cert_serial) = $sth_certs->fetchrow_array) {
+ if (-f $cert_filename) {
+ $reason = IsWeak($cert_filename);
+ if ($reason) {
+ $sth_userdata->execute($cert_userid);
+ ($user_email, $user_firstname) = $sth_userdata->fetchrow_array();
+ print join("\t", ('EmailCert', $user_email, $user_firstname, $cert_expire, $cert_CN, $reason, $cert_serial)). "\n";
+ $sth_userdata->finish();
+ }
+ }
+}
+$sth_certs->finish();
+
+# Get all Org Server certificates, notify all admins of the Org!
+$sth_certs = $dbh->prepare(
+ "SELECT `dc`.`orgid`, `dc`.`CN`, `dc`.`expire`, `dc`.`crt_name`, `dc`.`serial` ".
+ " FROM `orgdomaincerts` AS `dc` ".
+ " WHERE `dc`.`revoked`=0 AND `dc`.`expire` > DATE_ADD(NOW(), INTERVAL 14 DAY)");
+$sth_certs->execute();
+
+$sth_userdata = $dbh->prepare(
+ "SELECT `u`.`email`, `u`.`fname` ".
+ " FROM `users` AS `u`, `org` ".
+ " WHERE `u`.`id`=`org`.`memid` and `org`.`orgid`=?");
+
+while(($cert_orgid, $cert_CN, $cert_expire, $cert_filename, $cert_serial) = $sth_certs->fetchrow_array) {
+ if (-f $cert_filename) {
+ $reason = IsWeak($cert_filename);
+ if ($reason) {
+ $sth_userdata->execute($cert_orgid);
+ while(($user_email, $user_firstname) = $sth_userdata->fetchrow_array()) {
+ print join("\t", ('OrgServerCert', $user_email, $user_firstname, $cert_expire, $cert_CN, $reason, $cert_serial)). "\n";
+ }
+ $sth_userdata->finish();
+ }
+ }
+}
+$sth_certs->finish();
+
+# Get all Org Email certificates, notify all admins of the Org!
+$sth_certs = $dbh->prepare(
+ "SELECT `ec`.`orgid`, `ec`.`CN`, `ec`.`expire`, `ec`.`crt_name`, `ec`.`serial` ".
+ " FROM `orgemailcerts` AS `ec` ".
+ " WHERE `ec`.`revoked`=0 AND `ec`.`expire` > DATE_ADD(NOW(), INTERVAL 14 DAY)");
+$sth_certs->execute();
+
+$sth_userdata = $dbh->prepare(
+ "SELECT `u`.`email`, `u`.`fname` ".
+ " FROM `users` AS `u`, `org` ".
+ " WHERE `u`.`id`=`org`.`memid` and `org`.`orgid`=?");
+
+while(($cert_orgid, $cert_CN, $cert_expire, $cert_filename, $cert_serial) = $sth_certs->fetchrow_array) {
+ if (-f $cert_filename) {
+ $reason = IsWeak($cert_filename);
+ if ($reason) {
+ $sth_userdata->execute($cert_orgid);
+ while(($user_email, $user_firstname) = $sth_userdata->fetchrow_array()) {
+ print join("\t", ('OrgEmailCert', $user_email, $user_firstname, $cert_expire, $cert_CN, $reason, $cert_serial)). "\n";
+ }
+ $sth_userdata->finish();
+ }
+ }
+}
+$sth_certs->finish();
+
+$dbh->disconnect();
diff --git a/scripts/mail-weak-keys.php b/scripts/mail-weak-keys.php
new file mode 100755
index 0000000..018bd64
--- /dev/null
+++ b/scripts/mail-weak-keys.php
@@ -0,0 +1,161 @@
+#!/usr/bin/php -q
+<? # Companion script to DumpWeakCerts.pl, takes output and sends a mail to each owner of a weak cert
+
+ function SendServerCertMail($cert_type, $cert_email, $owner_name, $cert_expire, $cert_CN, $reason, $cert_serial, $action_date) {
+ $mail_text =
+"Dear $owner_name,
+
+CAcert recently became aware that some of the certificates signed by CAcert pose a security
+risk because they are backed by private keys that are vulnerable to attack.
+
+The security issues identified are:
+Private keys with a small key size. These keys are vulnerable to brute force attack.
+Private keys with an unsafe exponent. These keys are vulnerable to some specialised attacks.
+Private keys generated by a compromised version of OpenSSL distributed by Debian.
+
+You received this email because a certificate issued to you is vulnerable:
+
+Server Certificate, Serial $cert_serial, expiring $cert_expire, CN $cert_CN
+
+To rectify the problem CAcert will revoke all vulnerable certificates (including yours) on $action_date.
+CAcert will no longer accept vulnerable certificate requests for signing. In future all Certficate
+Signing Requests must be backed by private keys with a key length at least 2048 bits and no other known vulnerabilities.
+
+You should submit a new Certificate Signing Request of acceptable strength as soon as possible
+and replace your existing certificate.
+
+If you are interested in background information on this change please refer to this document:
+http://csrc.nist.gov/publications/nistpubs/800-78-3/sp800-78-3.pdf
+
+Kind regards
+CAcert Suport Team
+";
+ mail($cert_email, "[CAcert.org]CAcert Server Certificate - Urgent Action Required", $mail_text, "From: CAcert Support <support@cacert.org>\nReply-To: returns@cacert.org");
+ }
+
+ function SendClientMail($cert_type, $cert_email, $owner_name, $cert_expire, $cert_CN, $reason, $cert_serial, $action_date) {
+ $mail_text =
+"Dear $owner_name,
+
+CAcert recently became aware that some of the certificates signed by CAcert pose a security
+risk because they are backed by private keys that are vulnerable to attack.
+
+The security issues identified are:
+Private keys with a small key size. These keys are vulnerable to brute force attack.
+Private keys with an unsafe exponent. These keys are vulnerable to some specialised attacks.
+Private keys generated by a compromised version of OpenSSL distributed by Debian.
+
+You received this email because a certificate issued to you is vulnerable:
+
+Client Certificate, Serial $cert_serial, expiring $cert_expire, CN $cert_CN
+
+To rectify the problem CAcert will revoke all vulnerable certificates (including yours) on $action_date.
+CAcert will no longer accept vulnerable certificate requests for signing. In future all
+client certficates must be backed by private keys with a key length at least 1024 bits
+and no other known vulnerabilities.
+
+This means that you should replace your current certificate with a new one of acceptable strength.
+If you use Firefox or Chrome, select 'Keysize: High Grade' before 'Create Certificate Request'.
+If you use Internet Explorer, select 'Microsoft Strong Cryptographic Provider'. If you select an
+option that generates a weak key (eg 'Microsoft Base Cryptographic Provider v1.0') your certficate
+request will be rejected.
+
+Kind regards
+CAcert Suport Team
+";
+ mail($cert_email, "[CAcert.org]CAcert Client Certificate - Urgent Action Required", $mail_text, "From: CAcert Support <support@cacert.org>\nReply-To: returns@cacert.org");
+ }
+
+ function SendOrgServerCertMail($cert_type, $cert_email, $owner_name, $cert_expire, $cert_CN, $reason, $cert_serial, $action_date) {
+ $mail_text =
+"Dear $owner_name,
+
+CAcert recently became aware that some of the certificates signed by CAcert pose a security
+risk because they are backed by private keys that are vulnerable to attack.
+
+The security issues identified are:
+Private keys with a small key size. These keys are vulnerable to brute force attack.
+Private keys with an unsafe exponent. These keys are vulnerable to some specialised attacks.
+Private keys generated by a compromised version of OpenSSL distributed by Debian.
+
+You received this email because a certificate issued to you is vulnerable:
+
+Organisation Server Certificate, Serial $cert_serial, expiring $cert_expire, CN $cert_CN
+
+To rectify the problem CAcert will revoke all vulnerable certificates (including yours) on $action_date.
+CAcert will no longer accept vulnerable certificate requests for signing. In future all Certficate
+Signing Requests must be backed by private keys with a key length at least 2048 bits and no other known vulnerabilities.
+
+You should submit a new Certificate Signing Request of acceptable strength as soon as possible
+and replace your existing certificate.
+
+If you are interested in background information on this change please refer to this document:
+http://csrc.nist.gov/publications/nistpubs/800-78-3/sp800-78-3.pdf
+
+Kind regards
+CAcert Suport Team
+";
+ mail($cert_email, "[CAcert.org]CAcert Organisation Server Certificate - Urgent Action Required", $mail_text, "From: CAcert Support <support@cacert.org>\nReply-To: returns@cacert.org");
+ }
+
+ function SendOrgClientMail($cert_type, $cert_email, $owner_name, $cert_expire, $cert_CN, $reason, $cert_serial, $action_date) {
+ $mail_text =
+"Dear $owner_name,
+
+CAcert recently became aware that some of the certificates signed by CAcert pose a security
+risk because they are backed by private keys that are vulnerable to attack.
+
+The security issues identified are:
+Private keys with a small key size. These keys are vulnerable to brute force attack.
+Private keys with an unsafe exponent. These keys are vulnerable to some specialised attacks.
+Private keys generated by a compromised version of OpenSSL distributed by Debian.
+
+You received this email because a certificate issued to you is vulnerable:
+
+Organisation Client Certificate, Serial $cert_serial, expiring $cert_expire, CN $cert_CN
+
+To rectify the problem CAcert will revoke all vulnerable certificates (including yours) on $action_date.
+CAcert will no longer accept vulnerable certificate requests for signing. In future all
+client certficates must be backed by private keys with a key length at least 1024 bits
+and no other known vulnerabilities.
+
+This means that you should replace your current certificate with a new one of acceptable strength.
+If you use Firefox or Chrome, select 'Keysize: High Grade' before 'Create Certificate Request'.
+If you use Internet Explorer, select 'Microsoft Strong Cryptographic Provider'. If you select an
+option that generates a weak key (eg 'Microsoft Base Cryptographic Provider v1.0') your certficate
+request will be rejected.
+
+Kind regards
+CAcert Suport Team
+";
+ mail($cert_email, "[CAcert.org]CAcert Organisation Client Certificate - Urgent Action Required", $mail_text, "From: CAcert Support <support@cacert.org>\nReply-To: returns@cacert.org");
+ }
+
+ # Main
+
+ $num_domain = 0;
+ $num_client = 0;
+ $num_orgdomain = 0;
+ $num_orgclient = 0;
+ $action_date = '2011-04-??';
+ $in = fopen("php://stdin", "r");
+ while($in_string = rtrim(fgets($in, 255))) {
+ list($cert_type, $cert_email, $owner_name, $cert_expire, $cert_CN, $reason, $cert_serial) = explode("\t", $in_string);
+
+ if ($cert_type == "DomainCert") {
+ SendServerCertMail($cert_type, $cert_email, $owner_name, $cert_expire, $cert_CN, $reason, $cert_serial, $action_date);
+ $num_domain++;
+ } else if ($cert_type == "EmailCert") {
+ SendClientMail($cert_type, $cert_email, $owner_name, $cert_expire, $cert_CN, $reason, $cert_serial, $action_date);
+ $num_client++;
+ } else if ($cert_type == "OrgServerCert") {
+ SendOrgServerCertMail($cert_type, $cert_email, $owner_name, $cert_expire, $cert_CN, $reason, $cert_serial, $action_date);
+ $num_orgdomain++;
+ } else if ($cert_type == "OrgEmailCert") {
+ SendOrgClientMail($cert_type, $cert_email, $owner_name, $cert_expire, $cert_CN, $reason, $cert_serial, $action_date);
+ $num_orgclient++;
+ }
+ }
+ fclose($in);
+ echo "Mails sent: $num_domain server certs, $num_client client certs, $num_orgdomain Org server certs, $num_orgclient Org client certs.\n";
+?>
diff --git a/scripts/perl_mysql.sample b/scripts/perl_mysql.sample
new file mode 100644
index 0000000..4800289
--- /dev/null
+++ b/scripts/perl_mysql.sample
@@ -0,0 +1,6 @@
+# This file contains the data needed to connect to the database to be
+# used in perl scripts
+
+$cacert_db_config = 'DBI:mysql:database=cacert;host=127.0.0.1';
+$cacert_db_user = 'cacert';
+$cacert_db_password = '<put_password_here>'; \ No newline at end of file
diff --git a/www/api/ccsr.php b/www/api/ccsr.php
index e81c738..a4ec71e 100644
--- a/www/api/ccsr.php
+++ b/www/api/ccsr.php
@@ -59,6 +59,12 @@
$codesign = 1;
$CSR = trim($_REQUEST['optionalCSR']);
+
+ if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
+ {
+ die("403, $weakKey");
+ }
+
$incsr = tempnam("/tmp", "ccsrIn");
$checkedcsr = tempnam("/tmp", "ccsrOut");
$fp = fopen($incsr, "w");