CVE-2022-21449 (also dubbed Psychic Signatures in the vulnerability writeup by Neil Madden) Proof of Concept demonstrating its usage with a vulnerable client and a malicious TLS server.
The malicious server presents a valid (as of 2022-04-20) cert chain for www.google.com which has an ECDSA pub key (secp256r1). However, the
crypto/ecdsa package has been modified to present an invalid signature with
r = s = 0. The vulnerable client accepts this invalid signature, allowing the rest of the TLS handshake to continue.
Aside from the removed
*_test.go files while building & exploration, all the golang library changes made to get this PoC working are annotated with a comment. Search/grep for
CVE-2022-21449 in the
go/src directory to find them.
Requires some existing golang installation as well as maven, then run
Tested on Ubuntu 20.04.4 LTS (WSL2) with OpenJDK 16.0.1 (build 16.0.1+9-Ubuntu-120.04, 2021-04-20)