v1 validate function does content checking before signature validation

CiscoDevNet / BootIntegrityValidator

Python module that validates the Boot Integrity Visibility output generated on a Cisco IOS-XE device

MIT License

6 stars 3 forks source link

v1 validate function does content checking before signature validation #4

Closed ministryofjay-cisco closed 2 years ago

ministryofjay-cisco commented 2 years ago

In the BootIntegrityValidator.validate function if the show platform integrity command includes a signature then the contents of the command output is check prior to the signature validation. Validation could/should be done prior to validating the contents of the output. Its not a security issue since the check is still performed but it is a normal security best practice to validate a signature first.

ministryofjay-cisco commented 2 years ago

Fixed in 6de48e8