[CR2390] Identity spoofing/privelege escalation 71/25771/6
authorOleksandr Andrieiev <o.andrieiev@samsung.com>
Fri, 8 Jun 2018 13:54:23 +0000 (16:54 +0300)
committerNathan Heldt-Sheller <nathan.heldt-sheller@intel.com>
Thu, 14 Jun 2018 16:22:51 +0000 (16:22 +0000)
commitbc8c9fdc361c2a68e816b099439bf861d01dd8d9
tree0c29f1a501b077876f9e9e1cd26a7caf8697ed77
parent2b88e4e4751f32cbc99cf5737c47e8c6550b6f13
[CR2390] Identity spoofing/privelege escalation

For secure connections that use certificates the SubjectUUID
is retrieved from leaf certificate's CN. However, there is
no binding mechanism between Root CA and Device Id that it
can generate certificates for. Root CAs can issue certificates
with arbitrary UUIDs, which can be used to impersonate another
Device.

The fix adds callback to the certificate chain validation
function. This callback collects single-linked list of all
UUIDs associated with the certificate in cred entries.
When leaf certificate is reached, UUID of Device is retrieved
and matched against static list. If no matching UUID is
found, connection should be rejected.

Bug: https://jira.iotivity.org/browse/IOT-3087
Change-Id: I20333c980226dc6a0c257dc36aab1502202993d9
Signed-off-by: Oleksandr Andrieiev <o.andrieiev@samsung.com>
resource/csdk/connectivity/api/casecurityinterface.h
resource/csdk/connectivity/src/adapter_util/ca_adapter_net_ssl.c
resource/csdk/connectivity/src/caconnectivitymanager.c
resource/csdk/security/include/internal/credresource.h
resource/csdk/security/src/credresource.c
resource/csdk/security/src/secureresourcemanager.c