Weak Authenticode signature ECDSA curve
ID PE174 Level ERROR Category Security
Description
Authenticode signature ECDSA curve is too weak. This may allow an attacker to modify the executable while keeping the signature valid.
Mitigation
- Use a stronger ECDSA curve your private key. Curves with the key size less than
256bits are considered insecure. - When using
opensslto generate the EC private key, use theec_paramgen_curveoption to specify the curve. Example:openssl genpkey -algorithm EC -pkeyopt ec_paramgen_curve:secp256k1 -out my.key.pem. See theopenssldocumentation for more details. - Some of the recommended curves:
secp256k1,secp256r1,secp384r1,secp521r1.
Arguments
This rule has the following output arguments:
-
signature_info- Readable affected signature name (e.g. "root signature", "timestamp root signature", "nested signature (index 1)") -
curve- Weak ECDSA curve used in the signature -
min_key_size- Recommended ECDSA curve key size
Loading...
Unable to load this documentation page.