Add checking for a blacklist of known-compromised 1024-bit RSA keys.

InCommon · Nov 25, 2013 · 2a79098 · 2a79098
1 parent 3a8c0ff
commit 2a79098
Show file tree

Hide file tree

Showing 6 changed files with 43 additions and 6 deletions.
diff --git a/build.xml b/build.xml
@@ -964,7 +964,9 @@
     	<CHANNEL.do verb="importProduction" channel="it_idem"/>
     	<CHANNEL.do verb="importProduction" channel="jp_gakunin"/>
     	<CHANNEL.do verb="importProduction" channel="lv_laife"/>
+    	<!--
     	<CHANNEL.do verb="importProduction" channel="nl_surfnet"/>
+    	-->
     	<CHANNEL.do verb="importProduction" channel="no_feide"/>
     	<CHANNEL.do verb="importProduction" channel="nz_tuakiri"/>
     	<CHANNEL.do verb="importProduction" channel="se_swamid"/>

diff --git a/mdx/_openssl_blacklists/compromised-1024.txt b/mdx/_openssl_blacklists/compromised-1024.txt
@@ -0,0 +1,18 @@
+#
+# This is a list of known-compromised 1024-bit keys in OpenSSL format.
+#
+# Derive new values from a private key file as follows:
+#
+#   openssl rsa -noout -modulus -in /tmp/key.pem | sha1sum | cut -d ' ' -f 1
+#
+# You can also derive a new blacklist value from an X.509 certificate as follows:
+#
+#   openssl x509 -noout -modulus -in /tmp/cert.pem | sha1sum | cut -d ' ' -f 2
+#
+# In either case, you should then remove the first 20 characters; in other words,
+# the blacklist line should be the lower 80 bits of the fingerprint).
+#
+# simpleSAMLphp example key, shipped up to version 1.11
+4817f3e0b5df319289ad
+# Shibboleth SP dummy key, shipped in pre-2.0.0 releases
+8a69bcdc8677c7ecb37a
diff --git a/mdx/common-beans.xml b/mdx/common-beans.xml
@@ -942,6 +942,8 @@
                             <ref bean="debian.1024"/>
                             <ref bean="debian.2048"/>
                             <ref bean="debian.4096"/>
+                            <!-- Compromised key blacklists. -->
+                            <ref bean="compromised.1024"/>
                         </list>
                     </property>
                 </bean>

diff --git a/mdx/uk/beans.xml b/mdx/uk/beans.xml
@@ -433,6 +433,8 @@
                             <ref bean="debian.1024"/>
                             <ref bean="debian.2048"/>
                             <ref bean="debian.4096"/>
+                            <!-- Compromised key blacklists. -->
+                            <ref bean="compromised.1024"/>
                         </list>
                     </property>
                 </bean>

diff --git a/mdx/uk/verbs.xml b/mdx/uk/verbs.xml
@@ -171,21 +171,19 @@
                 <ref bean="uk_populateIds"/>
                 <ref bean="populateRegistrationAuthorities"/>
 
+                <!--
+                    Additional X.509 certificate checks, over and above those
+                    performed in uk_registeredEntities.
+                -->
                 <bean parent="X509CertificateValidationStage"
                     p:id="checkCertificates">
                     <property name="validators">
                         <list>
                             <!-- Error on RSA key length less than 2048 bits. -->
                             <bean parent="X509CertificateRSAKeyLengthValidator"
                                 p:warningBoundary="0" p:errorBoundary="2048"/>
-                            <!-- Error on small RSA public exponents. -->
-                            <bean parent="X509CertificateRSAExponentValidator"/>
                             <!-- Error on inconsistent subjectAltNames. -->
                             <bean parent="X509CertificateConsistentNameValidator"/>
-                            <!-- Debian weak key blacklists. -->
-                            <ref bean="debian.1024"/>
-                            <ref bean="debian.2048"/>
-                            <ref bean="debian.4096"/>
                         </list>
                     </property>
                 </bean>
@@ -318,6 +316,8 @@
                             <ref bean="debian.1024"/>
                             <ref bean="debian.2048"/>
                             <ref bean="debian.4096"/>
+                            <!-- Compromised key blacklists. -->
+                            <ref bean="compromised.1024"/>
                         </list>
                     </property>
                 </bean>

diff --git a/mdx/validation-beans.xml b/mdx/validation-beans.xml
@@ -720,6 +720,19 @@
         </property>
     </bean>
 
+    <!--
+        Blacklist of known compromised 1024-bit keys, e.g., "dummy" keys shipped with
+        SAML products that are sometimes deployed by accident.
+    -->
+    <bean id="compromised.1024" parent="X509CertificateRSAOpenSSLBlacklistValidator"
+        p:id="compromised.1024" p:keySize="1024">
+        <property name="blacklistResource">
+            <bean parent="ClasspathResource">
+                <constructor-arg value="_openssl_blacklists/compromised-1024.txt"/>
+            </bean>
+        </property>
+    </bean>
+
     <!--
         *********************************************
         ***                                       ***