verify_mode maybe be modified by the attacker

Question

verify_mode maybe be modified by the attacker

jmp0x7c00 opened this issue 3 years ago · 1 comments

Hi,sir
TaLos is an awesome project , I like it, but here a security issue , and could you help me confirm it?
there is an ecall, that can be used to modify verify_mode

void
ecall_SSL_set_verify(SSL *s, int mode, void* cb)
{
	int (*callback)(int, X509_STORE_CTX*);
#ifdef COMPILE_WITH_INTEL_SGX
	ssl_set_verify_cb_address = (int (*)(int, X509_STORE_CTX*))cb;
	callback = ssl_set_verify_fake_cb;
#else
	callback = (int (*)(int, X509_STORE_CTX*))cb;
#endif

#ifdef COMPILE_WITH_INTEL_SGX
	SSL* out_s = s;

	hashmap* m = get_ssl_hardening();
	SSL* in_s = (SSL*) hashmapGet(m, (unsigned long)out_s);

	SSL_copy_fields_to_in_struct(in_s, out_s);
	SSL_set_verify(in_s, mode, callback);
	SSL_copy_fields_to_out_struct(in_s, out_s);
#else
	SSL_set_verify(s, mode, callback);
#endif
}
void
SSL_set_verify(SSL *s, int mode,
    int (*callback)(int ok, X509_STORE_CTX *ctx))
{
	s->verify_mode = mode;                            // verify_mode can be set to parameter mode by an ECALL                       
	if (callback != NULL)
		s->verify_callback = callback;
}

I think that verify_mode is an important flag, because

   /*
     * 0 don't care about verify failure.
     * 1 fail if verify fails
     */
    int verify_mode;

So the attack can modify verify_mode to 0 by invoking ecall_SSL_set_verify(s,0,b) to bypass the verification?

Answer 1 · 2022-03-10T02:28:56.000Z

Hi. Thank you for raising this issue. There might be security issues for running TaLoS in production, as it is only a research prototype and we needed to be able to easily inspect and modify protected data for running our various experiments.