CVE-2022-21449-TLS-PoC CVE-2022-21449 (also dubbed Psychic Si | HackGit
CVE-2022-21449-TLS-PoC
CVE-2022-21449 (also dubbed Psychic Signatures in the vulnerability writeup by Neil Madden) Proof of Concept demonstrating its usage with a vulnerable client and a malicious TLS server.
The malicious server presents a valid (as of 2022-04-20) cert chain for www.google.com which has an ECDSA pub key (secp256r1). However, the crypto/ecdsa package has been modified to present an invalid signature with r = s = 0. The vulnerable client accepts this invalid signature, allowing the rest of the TLS handshake to continue.
Aside from the removed *_test.go files while building & exploration, all the golang library changes made to get this PoC working are annotated with a comment. Search/grep for CVE-2022-21449 in the go/src directory to find them.
