I'm trying to fix an old binary (sources unavailable of course...) that fails to connect now, probably because it's using outdated list of CAs.
However, when running through strace I don't see the binary attempting to read my CAs from /etc/ssl/certs.
Is it possible the list of CAs has been bundled into the binary itself ?
Thanks a lot,
Adam
To be clear, since you say source unavailable I assume you mean a custom program that uses OpenSSL library, since the source for the utility commandline-interface progam named openssl is still available for versions dating back to last century (and until 1.1.0 didn't change much, even when it probably should have).
Yes, definitely. A program using libssl (and libcrypto) can choose whether to use the standard file(s) for its truststore, or some other (custom) file(s) it specifies (often from configuration), or hardcoded data as you ask or data from some other source like a (secure, we hope!) database, or even no truststore at all if it uses ciphersuites that don't use certificate authentication -- anonymous, PSK or SRP -- which is rarely used but is supported by OpenSSL.
You might try strings on the program to see if they were basic enough to embed certs (and maybe other things) in PEM -- IINM that's how Lenovo Superfish was found. If they embedded binary 'DER', that still has enough redundancy you could find it, but not so easily.
Look at the network traffic with Wireshark or similar, or if you have access to the server check its logs, to see if the program is sending an alert in the range 41 to 49 in response to the server's first flight i.e. just after ServerHelloDone.
That would definitively indicate a certificate problem.
Related
Can a running nodejs program cryptographically prove that it is the same as a published source code version in a way that could not be tampered with?
Said another way, is there a way to ensure that the commands/code executed by a nodejs program are all and only the commands and code specified in a publicly disclosed repository?
The motivation for this question is the following: In an age of highly sophisticated hackers as well as pressures from government agencies for "backdoors" that allow them to snoop on private transactions and exchanges, can we ensure that an application has been neither been hacked nor had a backdoor added?
As an example, consider an open source-based nodejs application like lesspass (lesspass/lesspass on github) which is used to manage passwords and available for use here (https://lesspass.com/#/).
Or an alternative program for a similar purpose encryptr (SpiderOak/Encryptr on github) with its downloadable version (https://spideroak.com/solutions/encryptr).
Is there a way to ensure that the versions available on their sites to download/use/install are running exactly the same code as is presented in the open source code?
Even if we have 100% faith in the integrity of the the teams behind applications like these, how can we be sure they have not been coerced by anyone to alter the running/downloadable version of their program to create a backdoor for example?
Thank you for your help with this important issue.
sadly no.
simple as that.
the long version:
you are dealing with the outputs of a program, and want to ensure that the output is generated by a specific version of one specific program
lets check a few things:
can an attacker predict the outputs of said program?
if we are talking about open source programs, yes, an attacker can predict what you are expecting to see and even can reproduce all underlying crypto checks against the original source code, or against all internal states of said program
imagine running the program inside a virtual machine with full debugging support like firing up events at certain points in code, directly reading memory to extract cryptographic keys and so on. the attacker does not even have to modify the program, to be able to keep copys of everything you do in plaintext
so ... even if you could cryptographically make sure that the code itself was not tampered with, it would be worth nothing: the environment itself could be designed to do something harmful, and as Maarten Bodewes wrote: in the end you need to trust something.
one could argue that TPM could solve this but i'm afraid of the world that leads to: in the end ... you still have to trust something like a manufacturer or worse a public office signing keys for TPMs ... and as we know those would never... you hear? ... never have other intentions than what's good for you ... so basically you wouldn't win anything with a centralized TPM based infrastructure
You can do this cryptographically by having a runtime that checks signatures before running any code. Of course, you'd have to trust that runtime environment as well. Unless you have such an environment you're out of luck - that is, unless you do a full code review.
Furthermore you can sign the build by placing a signature within the build system. The build system and developer access in turn can be audited. This is usually how secure development environments are build. But in the end you need to trust something.
If you're just afraid that a particular download is corrupted you can test against an official hash published at one or more trusted locations.
I have a desktop application built by InstallJammer. The application is not a problem but when it is installed on user's machine, the anti-virus on user's machine stops the services created by my application and so it stops communicating with my server. I need to get it whitelisted so that it won't be treated as a risk to the machine and the anti-virus won't stop it.
What I've known so far is
Adding a 'Publisher' to the application may help it to be treated as not risky as this process has steps of authenticating my application with a certificate. (Though I don't know if this is correct. I've refereed this link)
Googling about it I found some anti-viruses site asking me to register with my application there.
My questions:
Adding 'publisher' would serve my purpose? If yes, how would it whitelist my application?
If the above option doesn't work, do I need to get whitelisted with each and every anti-virus software product?
Answer after I achieved all that I wanted to for this.
tl;dr;
For the people directly reading the answer:
I had an installer for windows(built using InstallJammer) that creates windows services on the user's machine, which got frequently blacklisted by anti-virus programs and firewall. Also downloading it in your browser would show a message like the picture below.
Why does this occur:
This occurs because the anti-virus softwares and the firewall does not recognise your code(that is, it cannot verify that it has come from a trustworthy source). Hence it attempts to block the download or blacklist the services(services because I'm referring to my application) by stopping it or does not allow it to communicate through the network.
Solution:
You'll need to get your code verified(i.e. get your code digitally signed) by a code signing certificate(from here forward will be refereed to as CSC). These certificates are provided by Certificate Authorities(from here forward will be refereed to as CA).
Some the examples of CA(s) are : Symantec(the one that I used, because we had our SSL certificate for webapp from this CA), GlobalSign, DigiCert, Comodo, etc.)
This page shows a pricing list of CSC from different CAs.
The process to get the certificate:
This is a bit tedious process, as it has certain standards and rules to adhere to. The process of acquiring a certificate typically takes a few days. For instance, the validation process requires to fax a copy of license and a few utility bills to the Certificate Authority, for reasonable proof of my identity. They also validate phone number and there might be a need to speak to a representative.(I'm a little unsure about this process as it was done by my client back in USA).
After you get CSC:
You'll need to save the certificate as a .p12 file which will then be used to sign your code.
How to sign:
Microsoft SDK includes a the tool(signtool.exe) that can be used to sign your code (generally located at C:\Program Files (x86)\Windows Kits\8.0\bin\x86, depending upon the version of SDK installed, '8.0' can be different in our machine.
If you are a newb and have either not reached to a time where you need automation in your process of signing files(ambiguous to signing code) or have very a few files to sign(max 3 or 4) or have a lot a files to sign and are a crazy person with plenty of time, you might want to use this excellent utility provided by DigiCert that provides a really good UI(might be sarcasm) to sign and also check if your files are actually signed. Thank you DigiCert people.
How to check if your files are signed:
Of course the simplest process would be to check the properties of your file whether it contains a tab for digital signature. Other way is that Microsoft has tools that can check if your code is digitally signed, it can be found out by easy googling.
How I did my CODE Signing(automation):
For the main windows executable application that I build, it has quite some binaries and executables. So I created a batch file that does the following signing and building tasks. (I've used Microsoft's SignTool to sign the files from command line)
Asks me what environment do I want to make a build for(dev, staging or production).
Copies all those required(for build) files to a main folder.
Signs all the inner binaries and executables.
Performs an InstallJammer build from the command line itself(as I mentioned earlier, my application is built using InstallJammer). It outputs the final Setup.exe file.
And then Setup.exe too gets signed.
P.S. :
After code signing, the success and failure of your software getting whitelisted(authenticated or verified by anti-virus software and firewall) depends upon the reputation of your certificate. This reputation is determined heuristically and a good reputation means lesser chances of your application getting blocked.
Tip for Geeky people lurking out there
Try to buy a CSC subscription with a longest time period. This will help you avoid certificate rollover.
What is certificate roll over?
Certificate rollover occurs when your old certificate expires and you begin signing your code with a new replacement certificate; all of your reputation that was gained against the old certificate might be hampered, and hence there may be a time lag for your new certificate to acquire a good reputation.
So for the conditions when your CSC expires and you want to avoid mishaps, you might want to sign your software from the start using timestamp. Googling about it's(signing using timestamp) will make you 5 inches smarter.
For the people, blogs and sites that helped me throughout; more details can be found on Didier Stevens's blog.
Also a detailed explanation all about this and the mighty friend of all web developers, Internet Explorer's smart filter can be found on MSDN blog.
I would like to sign ELF files, preferably with a PGP key and later be able to verify the signature. Failing that I'll also go with a Authenticode or SSL certificate for signing if that makes more sense. Existing options, such as signelf, seem to be only available under copyleft licenses (even if it's the LGPL, but it imposes restrictions that prevent me from using it) or old/unmaintained.
What options do I have that can be used in a proprietary program?
Note: we can limit the scope of the question to Linux even though ELF isn't particular to Linux.
Even if there is no ready to use program and/or library under a liberal (non-copyleft) FLOSS license, I would appreciate pointers to standardization documents in case some kind of de-facto standard has emerged. I'm not aware of one, but then that's the reason I ask.
From what I see all distros seem to rely on signing the packages and verify these. That's fine in general but I would like to take it a step further.
I am looking for a way to integrate OpenSSL and Node.js for a while now.
My goals are:
I want to be platform independent, hence a solution should work on OS X, Linux and Windows.
I want to avoid unnecessary disk operations. E.g., a private key might not be in a file, but in a database (may be a stupid example, but let's consider this to be a valid requirement).
I want to support creating keys, csrs, signing csrs, creating ca certs, ... all the certificate stuff, from end to end.
Now the options I have considered are:
Use the OpenSSL library which is integrated within Node.js. Unfortunately, the crypto module does not provide the certificate things.
Use the OpenSSL library using an external module. Unfortunately, I don't know how to do this, probably due to missing knowledge in C/C++.
Use the OpenSSL binary as a child process. Given that OpenSSL is available, this should work on all platforms. It's not nice, but it works.
Question #1: As I have written I do not have the slightest idea on how access the OpenSSL library directly that comes bundled with Node.js. How would I approach this?
At the moment, I stick with using the binary as a child process. Unfortunately, this requires that all the things such as private keys and so on are either given as files (which I explicitly want to avoid), or that I hand over everything using /dev/stdin (which does not work on Windows).
Question #2: How could I deal with this? Would a solution to #1 solve this issue, too?
The answer to question #1 is that you cannot. Without bindings, you can only access the functions exposed by nodejs.
Unfortunately there doesn't seem to be a way work around for /dev/stdin in windows. Namedpipes would be an option but nodejs does not support them. You may be able to have nodejs launch openssl.exe in interactive mode and send commands through stdin, and read the output through stdout but this seems very inefficient.
So the answer is question #2 is that you cannot deal with the windows problem.
Writing your won binding seems to be the only option. It's actually not so difficult - something I'm sure you could get collaborators to help with.
I am facing the following situation: for some reasons I have to run a linux binary provided by someone.
I can see (at least tcpdump can see it) that this binary is sending something over SSL when I run it - so I already know it's doing something it shouldn't be doing. My question: is it possible to find what it's doing ? I was thinking of going two routes:
Try to decompile it
Set up my SSL so it feeds me unencrypted traffic
I have already checked and it's statically linked, so the second option might not be possible.
I need to stress that this is a completely legitimate attempt at trying to find out what others want to find about me. Thank you for your time.
It's almost certainty linked with OpenSSL.
This procedure might work:
Create a new root certificate
Install the root certificate into your certificate store
Redirect its traffic to your receiver using host remapping or ipfw.
Capture the traffic from your endpoint, re-encrypt and send to the real one.
If it doesn't you need to find the encryption points in the binary and intercept those calls. Kind of hard, unfortunately.
strace it and see which files it opens.