Created cure53 Security Audit 2015 (markdown)
parent
e822eba031
commit
fb89aa1a73
|
@ -0,0 +1,110 @@
|
|||
# Identified Vulnerabilities
|
||||
## OKC-01-001 Private Keys can be imported from Keyserver (Medium)
|
||||
FIXED IN
|
||||
* https://github.com/open-keychain/open-keychain/commit/b76aa7fe11f953d10688fbc01daa65676448c78a
|
||||
|
||||
## OKC-01-004 Arbitrary file write when decrypting and saving messages (High)
|
||||
Filenames with slashes are rejected
|
||||
|
||||
FIXED IN
|
||||
* https://github.com/open-keychain/open-keychain/commit/aad606c47ffea495d314bf1e537f1e2981b0dd88
|
||||
* https://github.com/open-keychain/open-keychain/commit/21b83d8fa483eb3d911e7475663a7cb36e4170a0
|
||||
|
||||
## OKC-01-006 Keyserver can send arbitrary Public Keys without Verification (Low)
|
||||
A comparison of user ids is difficult to implement as keyservers could, in some circumstances, return User IDs with a broken encoding. We would also need to check for revocation status, key size etc. which introduces much code complexity. Downloading all search results and parsing them locally before prompting the user which key(s) he wants would result in too much network traffic. Keys are several to many kilobytes in size, e.g., 66kb.
|
||||
|
||||
WONTFIX FOR NOW
|
||||
|
||||
## OKC-01-009 Bypassable Fingerprint-Check for Key Exchange via QR Code (High)
|
||||
The fingerprint check is now performed after canonicalization and the method has been changed to check primary and mutually bound keys only.
|
||||
|
||||
FIXED IN
|
||||
* https://github.com/open-keychain/open-keychain/commit/9d97d37c06f22354c124bd6cedd989d9ca4ff53e
|
||||
* https://github.com/open-keychain/open-keychain/commit/8f40c6df5108f30dc424e4d802f49f3392738724
|
||||
|
||||
## OKC-01-010 Database can be exported using Encrypt Operation (Low)
|
||||
Proposed fix has been implemented.
|
||||
|
||||
FIXED FOR ANDROID >= 5 IN (We will leave this open for Android < 5 for now due to the low priority)
|
||||
https://github.com/open-keychain/open-keychain/commit/57a04cb8a14a4777a3d77a92952d9fbdbd72b527
|
||||
|
||||
## OKC-01-011 Unconfirmed Main Identities are shown as confirmed (Low)
|
||||
Confirmed identities (if they exist) are now prioritized over non-confirmed ones.
|
||||
* https://github.com/open-keychain/open-keychain/commit/486117d9de8618c1ecfb2a592c781fc43f1cc886
|
||||
|
||||
## OKC-01-012 Database Extraction possible via Version Downgrade (Medium)
|
||||
The database version has been increased, this already prevents a downgrade. In addition onDowngrade has been overridden.
|
||||
|
||||
FIXED IN
|
||||
* https://github.com/open-keychain/open-keychain/commit/9a6aa07089f195a95f15703e712ee95e077a7a09
|
||||
|
||||
## OKC-01-013 Key Usage unchecked upon Decryption / Signature Verification (Low)
|
||||
Now only uses keys for verification which are allowed to sign.
|
||||
|
||||
FIXED IN
|
||||
* https://github.com/open-keychain/open-keychain/commit/ba9b8f3a6009ca60abffccc3e3fbd160e0fa420c
|
||||
* https://github.com/open-keychain/open-keychain/commit/e67e8cd8c1677fe95d0fe15df0e0d1342d8cc44e
|
||||
|
||||
## OKC-01-014 Multiple File overwrite Vulnerabilities via Path Traversal (High)
|
||||
The save functionality has been removed for Android < 4.4, on Android >= 4.4 the new Document Storage Framework is used. The problematic file dialog has been removed.
|
||||
|
||||
FIXED IN
|
||||
* https://github.com/open-keychain/open-keychain/commit/63f1b84914778b8bd11d65bbc261c550a60b2c42
|
||||
|
||||
## OKC-01-015 Export of PGP Information in clear-text on insecure Storage (Medium)
|
||||
Logs are no longer saved. Instead a dialog is shown that warns the user about potential sensitive information inside the log and allows to share the log directly with another app such as a mail program.
|
||||
Save functionality removed for Android < 4.4, only the new backup function has code for saving files on Android < 4.4. On Android >= 4.4 saving is enabled via the Document Provider API, which handles everything
|
||||
Backup/Export. Backups are now symmetrically encrypted via a randomly generated Backup Code.
|
||||
|
||||
FIXED IN:
|
||||
* https://github.com/open-keychain/open-keychain/commit/cdf67c3296b9a7aadf3528ed3eed29cdac752dde
|
||||
* https://github.com/open-keychain/open-keychain/commit/eff59b46452e4f9b577ea8bc755cc96c3d76a760
|
||||
* https://github.com/open-keychain/open-keychain/pull/1546 and related commits on git master
|
||||
* https://github.com/open-keychain/open-keychain/wiki/Backups
|
||||
* https://github.com/open-keychain/open-keychain/commit/97ca5091c237ff185a1a5651ff54752a3e49adc3
|
||||
|
||||
## OKC-01-017 Predictable File Creation on insecure Location (Medium)
|
||||
see OKC-01-015
|
||||
|
||||
## OKC-01-018 Key Server Verification Bypass via HTTP Redirect (Medium)
|
||||
OpenKeychain we now disallow all redirects, a warning is now shown when a keyserver is added without a pinned certificate, users needs to uncheck "only trusted keyserver" to get past the warning. We pinned sks-keyserver, pgp.mit.edu, keybase.io.
|
||||
|
||||
FIXED IN
|
||||
* https://github.com/open-keychain/open-keychain/commit/0b181743a3d6b1423e112b17a400b5ac4ac09bcb
|
||||
* https://github.com/open-keychain/open-keychain/commit/9ee61dc0dfa5990126b7fb79c5373beb83a8b040
|
||||
* https://github.com/open-keychain/open-keychain/commit/3a9709a35d3cf5cd2e93e49b75745226fd59ae2d
|
||||
|
||||
# Miscellaneous Issues
|
||||
## OKC-01-002 Malicious public Key can lead to persistent Denial of Service (Medium)
|
||||
OpenKeychain now processes 100 User IDs at maximum.
|
||||
|
||||
FIXED IN
|
||||
* https://github.com/open-keychain/open-keychain/commit/29e9b2fa1eb5cfcd1539027e54025120d5af6a3e
|
||||
* https://github.com/open-keychain/open-keychain/commit/2b735102f79d36c91f2afd9f0fc7105df29f62d0
|
||||
|
||||
## OKC-01-003 Malicious Key Server response can lead to Denial of Service (Low)
|
||||
OpenKeychain now skips keys or User IDs with broken encodings or other wrong values, the get-method no longer crashes on empty or wrong data.
|
||||
|
||||
FIXED IN
|
||||
* https://github.com/open-keychain/open-keychain/commit/3df9bea4554c0edddce57aa6a2e32cfe5250ed72
|
||||
|
||||
## OKC-01-005 Insufficient and insecure RSA/DSA Key Sizes permitted (Medium)
|
||||
Min key length for key creation is now at 2048 bit for RSA, DSA, ElGamal.
|
||||
|
||||
FIXED IN
|
||||
* https://github.com/open-keychain/open-keychain/commit/dfce5449c2e8029039533c26ba15e5ac468eb8e2
|
||||
|
||||
## OKC-01-007 Signing Operations with weak Key lead to Denial of Service (Info)
|
||||
In the future, we like to tag insecure keys inside our database, like revoked or expired keys and make them unselectable. There will be future work on this, when other issues have been sorted out, see https://github.com/open-keychain/open-keychain/issues/1476
|
||||
|
||||
WILL BE FIXED LATER
|
||||
|
||||
## OKC-01-008 OpenKeychain accepts weak Passwords without any Warning (Info)
|
||||
In the future, we like to switch to a model where the whole database of OpenKeychain is encrypted, not every single secret key separately, see https://github.com/open-keychain/open-keychain/issues/1541
|
||||
|
||||
WILL BE FIXED LATER
|
||||
|
||||
## OKC-01-016 No Warnings when adding a clear-text HTTP Key Server (Low)
|
||||
Http is still allowed, but http keyservers are not one of the trusted keyservers, so the warning is shown that we implemented for OKC-01-018.
|
||||
|
||||
FIXED
|
Loading…
Reference in New Issue