Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

crypto: disable ciphers not supported by EVP #43532

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

crypto: disable ciphers not supported by EVP #43532

wants to merge 1 commit into from

Conversation

AdamMajer
Copy link
Contributor

OpenSSL lists certain ciphers as not conforming with the standard
EVP AEAD interface and these ciphers should be avoided,

aes-128-cbc-hmac-sha1
aes-128-cbc-hmac-sha256
aes-256-cbc-hmac-sha1
aes-256-cbc-hmac-sha256

While experimenting with these, the cipher text produced by Node
for aes-128-cbc-hmac-sha1 does not differ from cipher text
produced by aes-128-cbc meaning that the HMAC is not automatically
taken into account. Since there is no facility to set the HMAC key
in Node, it's best to have these disabled when using crypto.Cipher
as all usage is wrong by definition.

Fixes: #43040
Reference: https://www.openssl.org/docs/man1.1.1/man3/EVP_aes_128_cbc_hmac_sha1.html

@AdamMajer
crypto: disable ciphers not supported by EVP
57f0194 
OpenSSL lists certain ciphers as not conforming with the standard
EVP AEAD interface and these ciphers should be avoided,

    aes-128-cbc-hmac-sha1
    aes-128-cbc-hmac-sha256
    aes-256-cbc-hmac-sha1
    aes-256-cbc-hmac-sha256

While experimenting with these, the cipher text produced by Node
for `aes-128-cbc-hmac-sha1` does not differ from cipher text
produced by `aes-128-cbc` meaning that the HMAC is not automatically
taken into account. Since there is no facility to set the HMAC key
in Node, it's best to have these disabled when using crypto.Cipher
as all usage is wrong by definition.

Fixes: nodejs#43040
@nodejs-github-bot
Copy link
Collaborator

Review requested:

  • @nodejs/crypto

@nodejs-github-bot nodejs-github-bot added crypto Issues and PRs related to the crypto subsystem. errors Issues and PRs related to JavaScript errors originated in Node.js core. needs-ci PRs that need a full CI run. labels Jun 22, 2022
bnoordhuis
bnoordhuis reviewed Jun 22, 2022
View reviewed changes
lib/internal/crypto/cipher.js
@@ -108,6 +109,14 @@ function getUIntOption(options, key) {
}

function createCipherBase(cipher, credential, options, decipher, iv) {
switch (cipher.toLowerCase()) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There's a toLowerCase() function in lib/tls.js. It'd be better to move that to some shared file and use that because the prototype method is locale sensitive and vulnerable to prototype pollution.

@bnoordhuis
Copy link
Member

@AdamMajer do you plan on updating this PR?

@AdamMajer
Copy link
Contributor Author

AdamMajer commented Aug 7, 2023 via email

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bnoordhuis bnoordhuis bnoordhuis left review comments

Assignees
No one assigned
Labels
crypto Issues and PRs related to the crypto subsystem. errors Issues and PRs related to JavaScript errors originated in Node.js core. needs-ci PRs that need a full CI run.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

AES-256-CBC-HMAC-SHA256 and similar ciphers are not recognized as authenticated ciphers
3 participants
@AdamMajer @nodejs-github-bot @bnoordhuis