An application asks for userID and then it asks for the client certificate to authenticate. All the pages of the application are vulnerable to XFS. Now an attacker can get userID using XFS, but can it steal the user certificate too?
-
Are you asking about the certificate of a TLS (HTTPS) connection or some other kind of unspecified certificate? I'm not sure because the current tags do not indicate any relation to TLS. And in case of TLS are you asking if only the certificate itself (which is not that secret anyway) gets stolen or also the matching private key which is needed so that someone can identify himself with this certificate? – Steffen Ullrich Nov 07 '16 at 11:44
-
@SteffenUllrich , I am referring to the client certificate which is used by the server to authenticate the user. The application is accessible over SSL only. I want to know what kind of information can an attacker obtain about the certificate using XFS and can it include the private key too so that the attacker can identify himself with the certificate – one Nov 07 '16 at 11:54
1 Answers
The private key of the client certificate does not leave the client during the TLS connection same as the private key of the server does not leave the server (see How does SSL/TLS work for more details). Thus it is impossible for the attacker in your scenario to get the private key.
As for the certificate itself (i.e. the public part). If the attacker manages to setup a server this way that it requests a certificate from the client (maybe need to configure the accepted CA) then the client will authenticate itself with this certificate (maybe asking the client first) and thus the attacker can get the certificate itself, with all the public information it contains. The same information can be accessed by any attacker passively sniffing the connection with the original server since the client certificate (i.e. the public part) is transferred in clear.
- 184,332
- 29
- 363
- 424