Bouncy Castle Vulnerability VU#306792

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

Bouncy Castle Vulnerability VU#306792

Michael Ross-2
Hi,

There is a Vulnerability Note VU#306792 "Bouncy Castle BKS-V1 keystore files vulnerable to trivial hash collisions" - see:

Does anybody know if this issue fixed yet? If not fixed, are there any plans to fix it?

Thanks, 

Michael Ross
Senior Software Engineer, Zafin


Reply | Threaded
Open this post in threaded view
|

Re: Bouncy Castle Vulnerability VU#306792

Eckenfels. Bernd

The security note contains the answer:

 

Starting with Bouncy Castle 1.47, which was released on March 30, 2012, the BKS keystore format was updated to version 2, which uses a 160-bit MAC. Starting with Bouncy Castle 1.49, optional support for the original keystore format was reintroduced, as "BKS-V1."

 

“Don’t use “BKS-V1”, It cannot be fixed in code since the format of the file is the problem. (if it is a problem at all as integrity protection in keystores is questionable anyway)

 

Gruss

Bernd

 

Von: Michael Ross <[hidden email]>
Gesendet: Montag, 1. April 2019 18:06
An: [hidden email]
Betreff: [dev-crypto] Bouncy Castle Vulnerability VU#306792

 

Hi,

 

There is a Vulnerability Note VU#306792 "Bouncy Castle BKS-V1 keystore files vulnerable to trivial hash collisions" - see:

 

Does anybody know if this issue fixed yet? If not fixed, are there any plans to fix it?

 

Thanks, 

 

Michael Ross

Senior Software Engineer, Zafin

 

 






     


SEEBURGER AG   Vorstand/SEEBURGER Executive Board:
Sitz der Gesellschaft/Registered Office:   Axel Haas, Michael Kleeberg, Axel Otto, Dr. Martin Kuntz, Matthias Feßenbecker
Edisonstr. 1  
D-75015 Bretten Vorsitzende des Aufsichtsrats/Chairperson of the SEEBURGER Supervisory Board:
Tel.: 07252 / 96 - 0 Prof. Dr. Simone Zeuchner
Fax: 07252 / 96 - 2222
Internet: http://www.seeburger.de Registergericht/Commercial Register:
e-mail: [hidden email] HRB 240708 Mannheim


Dieses E-Mail ist nur für den Empfänger bestimmt, an den es gerichtet ist und kann vertrauliches bzw. unter das Berufsgeheimnis fallendes Material enthalten. Jegliche darin enthaltene Ansicht oder Meinungsäußerung ist die des Autors und stellt nicht notwendigerweise die Ansicht oder Meinung der SEEBURGER AG dar. Sind Sie nicht der Empfänger, so haben Sie diese E-Mail irrtümlich erhalten und jegliche Verwendung, Veröffentlichung, Weiterleitung, Abschrift oder jeglicher Druck dieser E-Mail ist strengstens untersagt. Weder die SEEBURGER AG noch der Absender (Eckenfels. Bernd) übernehmen die Haftung für Viren; es obliegt Ihrer Verantwortung, die E-Mail und deren Anhänge auf Viren zu prüfen.

This email is intended only for the recipient(s) to whom it is addressed. This email may contain confidential material that may be protected by professional secrecy. Any fact or opinion contained, or expression of the material herein, does not necessarily reflect that of SEEBURGER AG. If you are not the addressee or if you have received this email in error, any use, publication or distribution including forwarding, copying or printing is strictly prohibited. Neither SEEBURGER AG, nor the sender (Eckenfels. Bernd) accept liability for viruses; it is your responsibility to check this email and its attachments for viruses.

Reply | Threaded
Open this post in threaded view
|

Re: Bouncy Castle Vulnerability VU#306792

Michael Ross-2
Hello Bernd,

Thanks for the promt answer. So, do you mean that starting with Bouncy Castle 1.47 both  "BKS-V1" and (not sure) "BKS-V2" are supported? So, the Vulnerability Note VU#306792 is not exactly correct, or at least should not have high severiry?
Please confirm.

Thanks,
Michael

On Mon, Apr 1, 2019 at 12:19 PM Eckenfels. Bernd <[hidden email]> wrote:

The security note contains the answer:

 

Starting with Bouncy Castle 1.47, which was released on March 30, 2012, the BKS keystore format was updated to version 2, which uses a 160-bit MAC. Starting with Bouncy Castle 1.49, optional support for the original keystore format was reintroduced, as "BKS-V1."

 

“Don’t use “BKS-V1”, It cannot be fixed in code since the format of the file is the problem. (if it is a problem at all as integrity protection in keystores is questionable anyway)

 

Gruss

Bernd

 

Von: Michael Ross <[hidden email]>
Gesendet: Montag, 1. April 2019 18:06
An: [hidden email]
Betreff: [dev-crypto] Bouncy Castle Vulnerability VU#306792

 

Hi,

 

There is a Vulnerability Note VU#306792 "Bouncy Castle BKS-V1 keystore files vulnerable to trivial hash collisions" - see:

 

Does anybody know if this issue fixed yet? If not fixed, are there any plans to fix it?

 

Thanks, 

 

Michael Ross

Senior Software Engineer, Zafin

 

 






     


SEEBURGER AG   Vorstand/SEEBURGER Executive Board:
Sitz der Gesellschaft/Registered Office:   Axel Haas, Michael Kleeberg, Axel Otto, Dr. Martin Kuntz, Matthias Feßenbecker
Edisonstr. 1  
D-75015 Bretten Vorsitzende des Aufsichtsrats/Chairperson of the SEEBURGER Supervisory Board:
Tel.: 07252 / 96 - 0 Prof. Dr. Simone Zeuchner
Fax: 07252 / 96 - 2222
Internet: http://www.seeburger.de Registergericht/Commercial Register:
e-mail: [hidden email] HRB 240708 Mannheim


Dieses E-Mail ist nur für den Empfänger bestimmt, an den es gerichtet ist und kann vertrauliches bzw. unter das Berufsgeheimnis fallendes Material enthalten. Jegliche darin enthaltene Ansicht oder Meinungsäußerung ist die des Autors und stellt nicht notwendigerweise die Ansicht oder Meinung der SEEBURGER AG dar. Sind Sie nicht der Empfänger, so haben Sie diese E-Mail irrtümlich erhalten und jegliche Verwendung, Veröffentlichung, Weiterleitung, Abschrift oder jeglicher Druck dieser E-Mail ist strengstens untersagt. Weder die SEEBURGER AG noch der Absender (Eckenfels. Bernd) übernehmen die Haftung für Viren; es obliegt Ihrer Verantwortung, die E-Mail und deren Anhänge auf Viren zu prüfen.

This email is intended only for the recipient(s) to whom it is addressed. This email may contain confidential material that may be protected by professional secrecy. Any fact or opinion contained, or expression of the material herein, does not necessarily reflect that of SEEBURGER AG. If you are not the addressee or if you have received this email in error, any use, publication or distribution including forwarding, copying or printing is strictly prohibited. Neither SEEBURGER AG, nor the sender (Eckenfels. Bernd) accept liability for viruses; it is your responsibility to check this email and its attachments for viruses.



--

Michael Ross
Senior Software Engineer, Zafin
[hidden email] | O : 613-216-2504

Zafin - Canada 

Reply | Threaded
Open this post in threaded view
|

Re: Bouncy Castle Vulnerability VU#306792

Eckenfels. Bernd
In reply to this post by Michael Ross-2

The VU note has high severity for BC versions which do not support the version 2 (and for scenarios where you intentionally use the V1 format compatibility). (but you need to look at your actual usage, I guess in most cases its not a high severity).

 

The BC Specification document contains a keystore section in 6.4, it mentiones Keystore.BouncyCastle and UBER as well as PKCS12 and BCFKS.

 

https://www.bouncycastle.org/specifications.html

 

and their respective details.

 

BTW: this section fails to mention the –V1 comaptibility type and if the BKS type still works (and what it uses). (Also could be more formal in mentioning the keystore types).

 

Gruss

Bernd

 

Von: Michael Ross <[hidden email]>
Gesendet: Montag, 1. April 2019 18:52
An: Eckenfels. Bernd <[hidden email]>
Cc: [hidden email]
Betreff: Re: [dev-crypto] Bouncy Castle Vulnerability VU#306792

 

Hello Bernd,

 

Thanks for the promt answer. So, do you mean that starting with Bouncy Castle 1.47 both  "BKS-V1" and (not sure) "BKS-V2" are supported? So, the Vulnerability Note VU#306792 is not exactly correct, or at least should not have high severiry?

Please confirm.

 

Thanks,

Michael

 

On Mon, Apr 1, 2019 at 12:19 PM Eckenfels. Bernd <[hidden email]> wrote:

The security note contains the answer:

 

Starting with Bouncy Castle 1.47, which was released on March 30, 2012, the BKS keystore format was updated to version 2, which uses a 160-bit MAC. Starting with Bouncy Castle 1.49, optional support for the original keystore format was reintroduced, as "BKS-V1."

 

“Don’t use “BKS-V1”, It cannot be fixed in code since the format of the file is the problem. (if it is a problem at all as integrity protection in keystores is questionable anyway)

 

Gruss

Bernd

 

Von: Michael Ross <[hidden email]>
Gesendet: Montag, 1. April 2019 18:06
An: [hidden email]
Betreff: [dev-crypto] Bouncy Castle Vulnerability VU#306792

 

Hi,

 

There is a Vulnerability Note VU#306792 "Bouncy Castle BKS-V1 keystore files vulnerable to trivial hash collisions" - see:

 

Does anybody know if this issue fixed yet? If not fixed, are there any plans to fix it?

 

Thanks, 

 

Michael Ross

Senior Software Engineer, Zafin

 

 





 

 

 

 

SEEBURGER AG

 

Vorstand/SEEBURGER Executive Board:

Sitz der Gesellschaft/Registered Office:

 

Axel Haas, Michael Kleeberg, Axel Otto, Dr. Martin Kuntz, Matthias Feßenbecker

Edisonstr. 1

 

D-75015 Bretten

Vorsitzende des Aufsichtsrats/Chairperson of the SEEBURGER Supervisory Board:

Tel.: 07252 / 96 - 0

Prof. Dr. Simone Zeuchner

Fax: 07252 / 96 - 2222

Internet: http://www.seeburger.de

Registergericht/Commercial Register:

e-mail: [hidden email]

HRB 240708 Mannheim

 

Dieses E-Mail ist nur für den Empfänger bestimmt, an den es gerichtet ist und kann vertrauliches bzw. unter das Berufsgeheimnis fallendes Material enthalten. Jegliche darin enthaltene Ansicht oder Meinungsäußerung ist die des Autors und stellt nicht notwendigerweise die Ansicht oder Meinung der SEEBURGER AG dar. Sind Sie nicht der Empfänger, so haben Sie diese E-Mail irrtümlich erhalten und jegliche Verwendung, Veröffentlichung, Weiterleitung, Abschrift oder jeglicher Druck dieser E-Mail ist strengstens untersagt. Weder die SEEBURGER AG noch der Absender (Eckenfels. Bernd) übernehmen die Haftung für Viren; es obliegt Ihrer Verantwortung, die E-Mail und deren Anhänge auf Viren zu prüfen.

This email is intended only for the recipient(s) to whom it is addressed. This email may contain confidential material that may be protected by professional secrecy. Any fact or opinion contained, or expression of the material herein, does not necessarily reflect that of SEEBURGER AG. If you are not the addressee or if you have received this email in error, any use, publication or distribution including forwarding, copying or printing is strictly prohibited. Neither SEEBURGER AG, nor the sender (Eckenfels. Bernd) accept liability for viruses; it is your responsibility to check this email and its attachments for viruses.


 

--

 

Michael Ross

Senior Software Engineer, Zafin

[hidden email] | O : 613-216-2504


Zafin - Canada 

 






     


SEEBURGER AG   Vorstand/SEEBURGER Executive Board:
Sitz der Gesellschaft/Registered Office:   Axel Haas, Michael Kleeberg, Axel Otto, Dr. Martin Kuntz, Matthias Feßenbecker
Edisonstr. 1  
D-75015 Bretten Vorsitzende des Aufsichtsrats/Chairperson of the SEEBURGER Supervisory Board:
Tel.: 07252 / 96 - 0 Prof. Dr. Simone Zeuchner
Fax: 07252 / 96 - 2222
Internet: http://www.seeburger.de Registergericht/Commercial Register:
e-mail: [hidden email] HRB 240708 Mannheim


Dieses E-Mail ist nur für den Empfänger bestimmt, an den es gerichtet ist und kann vertrauliches bzw. unter das Berufsgeheimnis fallendes Material enthalten. Jegliche darin enthaltene Ansicht oder Meinungsäußerung ist die des Autors und stellt nicht notwendigerweise die Ansicht oder Meinung der SEEBURGER AG dar. Sind Sie nicht der Empfänger, so haben Sie diese E-Mail irrtümlich erhalten und jegliche Verwendung, Veröffentlichung, Weiterleitung, Abschrift oder jeglicher Druck dieser E-Mail ist strengstens untersagt. Weder die SEEBURGER AG noch der Absender (Eckenfels. Bernd) übernehmen die Haftung für Viren; es obliegt Ihrer Verantwortung, die E-Mail und deren Anhänge auf Viren zu prüfen.

This email is intended only for the recipient(s) to whom it is addressed. This email may contain confidential material that may be protected by professional secrecy. Any fact or opinion contained, or expression of the material herein, does not necessarily reflect that of SEEBURGER AG. If you are not the addressee or if you have received this email in error, any use, publication or distribution including forwarding, copying or printing is strictly prohibited. Neither SEEBURGER AG, nor the sender (Eckenfels. Bernd) accept liability for viruses; it is your responsibility to check this email and its attachments for viruses.

Reply | Threaded
Open this post in threaded view
|

Re: Bouncy Castle Vulnerability VU#306792

Michael Ross-2
Thanks Bernd. It helps a lot.

Michael

On Mon, Apr 1, 2019 at 1:25 PM Eckenfels. Bernd <[hidden email]> wrote:

The VU note has high severity for BC versions which do not support the version 2 (and for scenarios where you intentionally use the V1 format compatibility). (but you need to look at your actual usage, I guess in most cases its not a high severity).

 

The BC Specification document contains a keystore section in 6.4, it mentiones Keystore.BouncyCastle and UBER as well as PKCS12 and BCFKS.

 

https://www.bouncycastle.org/specifications.html

 

and their respective details.

 

BTW: this section fails to mention the –V1 comaptibility type and if the BKS type still works (and what it uses). (Also could be more formal in mentioning the keystore types).

 

Gruss

Bernd

 

Von: Michael Ross <[hidden email]>
Gesendet: Montag, 1. April 2019 18:52
An: Eckenfels. Bernd <[hidden email]>
Cc: [hidden email]
Betreff: Re: [dev-crypto] Bouncy Castle Vulnerability VU#306792

 

Hello Bernd,

 

Thanks for the promt answer. So, do you mean that starting with Bouncy Castle 1.47 both  "BKS-V1" and (not sure) "BKS-V2" are supported? So, the Vulnerability Note VU#306792 is not exactly correct, or at least should not have high severiry?

Please confirm.

 

Thanks,

Michael

 

On Mon, Apr 1, 2019 at 12:19 PM Eckenfels. Bernd <[hidden email]> wrote:

The security note contains the answer:

 

Starting with Bouncy Castle 1.47, which was released on March 30, 2012, the BKS keystore format was updated to version 2, which uses a 160-bit MAC. Starting with Bouncy Castle 1.49, optional support for the original keystore format was reintroduced, as "BKS-V1."

 

“Don’t use “BKS-V1”, It cannot be fixed in code since the format of the file is the problem. (if it is a problem at all as integrity protection in keystores is questionable anyway)

 

Gruss

Bernd

 

Von: Michael Ross <[hidden email]>
Gesendet: Montag, 1. April 2019 18:06
An: [hidden email]
Betreff: [dev-crypto] Bouncy Castle Vulnerability VU#306792

 

Hi,

 

There is a Vulnerability Note VU#306792 "Bouncy Castle BKS-V1 keystore files vulnerable to trivial hash collisions" - see:

 

Does anybody know if this issue fixed yet? If not fixed, are there any plans to fix it?

 

Thanks, 

 

Michael Ross

Senior Software Engineer, Zafin

 

 





 

 

 

 

SEEBURGER AG

 

Vorstand/SEEBURGER Executive Board:

Sitz der Gesellschaft/Registered Office:

 

Axel Haas, Michael Kleeberg, Axel Otto, Dr. Martin Kuntz, Matthias Feßenbecker

Edisonstr. 1

 

D-75015 Bretten

Vorsitzende des Aufsichtsrats/Chairperson of the SEEBURGER Supervisory Board:

Tel.: 07252 / 96 - 0

Prof. Dr. Simone Zeuchner

Fax: 07252 / 96 - 2222

Internet: http://www.seeburger.de

Registergericht/Commercial Register:

e-mail: [hidden email]

HRB 240708 Mannheim

 

Dieses E-Mail ist nur für den Empfänger bestimmt, an den es gerichtet ist und kann vertrauliches bzw. unter das Berufsgeheimnis fallendes Material enthalten. Jegliche darin enthaltene Ansicht oder Meinungsäußerung ist die des Autors und stellt nicht notwendigerweise die Ansicht oder Meinung der SEEBURGER AG dar. Sind Sie nicht der Empfänger, so haben Sie diese E-Mail irrtümlich erhalten und jegliche Verwendung, Veröffentlichung, Weiterleitung, Abschrift oder jeglicher Druck dieser E-Mail ist strengstens untersagt. Weder die SEEBURGER AG noch der Absender (Eckenfels. Bernd) übernehmen die Haftung für Viren; es obliegt Ihrer Verantwortung, die E-Mail und deren Anhänge auf Viren zu prüfen.

This email is intended only for the recipient(s) to whom it is addressed. This email may contain confidential material that may be protected by professional secrecy. Any fact or opinion contained, or expression of the material herein, does not necessarily reflect that of SEEBURGER AG. If you are not the addressee or if you have received this email in error, any use, publication or distribution including forwarding, copying or printing is strictly prohibited. Neither SEEBURGER AG, nor the sender (Eckenfels. Bernd) accept liability for viruses; it is your responsibility to check this email and its attachments for viruses.


 

--

 

Michael Ross

Senior Software Engineer, Zafin

[hidden email] | O : 613-216-2504


Zafin - Canada 

 






     


SEEBURGER AG   Vorstand/SEEBURGER Executive Board:
Sitz der Gesellschaft/Registered Office:   Axel Haas, Michael Kleeberg, Axel Otto, Dr. Martin Kuntz, Matthias Feßenbecker
Edisonstr. 1  
D-75015 Bretten Vorsitzende des Aufsichtsrats/Chairperson of the SEEBURGER Supervisory Board:
Tel.: 07252 / 96 - 0 Prof. Dr. Simone Zeuchner
Fax: 07252 / 96 - 2222
Internet: http://www.seeburger.de Registergericht/Commercial Register:
e-mail: [hidden email] HRB 240708 Mannheim


Dieses E-Mail ist nur für den Empfänger bestimmt, an den es gerichtet ist und kann vertrauliches bzw. unter das Berufsgeheimnis fallendes Material enthalten. Jegliche darin enthaltene Ansicht oder Meinungsäußerung ist die des Autors und stellt nicht notwendigerweise die Ansicht oder Meinung der SEEBURGER AG dar. Sind Sie nicht der Empfänger, so haben Sie diese E-Mail irrtümlich erhalten und jegliche Verwendung, Veröffentlichung, Weiterleitung, Abschrift oder jeglicher Druck dieser E-Mail ist strengstens untersagt. Weder die SEEBURGER AG noch der Absender (Eckenfels. Bernd) übernehmen die Haftung für Viren; es obliegt Ihrer Verantwortung, die E-Mail und deren Anhänge auf Viren zu prüfen.

This email is intended only for the recipient(s) to whom it is addressed. This email may contain confidential material that may be protected by professional secrecy. Any fact or opinion contained, or expression of the material herein, does not necessarily reflect that of SEEBURGER AG. If you are not the addressee or if you have received this email in error, any use, publication or distribution including forwarding, copying or printing is strictly prohibited. Neither SEEBURGER AG, nor the sender (Eckenfels. Bernd) accept liability for viruses; it is your responsibility to check this email and its attachments for viruses.



--

Michael Ross
Senior Software Engineer, Zafin
[hidden email] | O : 613-216-2504

Zafin - Canada