[apache-directory-api] 01/01: Fixed CVE-2015-3050: Timing Attack vulnerability (Closes: #791957)
Emmanuel Bourg
ebourg-guest at moszumanska.debian.org
Thu Jul 9 21:13:01 UTC 2015
This is an automated email from the git hooks/post-receive script.
ebourg-guest pushed a commit to branch master
in repository apache-directory-api.
commit 6e422071dc1e74e476b4788423d36fbc974cb903
Author: Emmanuel Bourg <ebourg at apache.org>
Date: Thu Jul 9 23:08:16 2015 +0200
Fixed CVE-2015-3050: Timing Attack vulnerability (Closes: #791957)
---
debian/changelog | 6 ++++
debian/patches/02-CVE-2015-3250.patch | 68 +++++++++++++++++++++++++++++++++++
debian/patches/series | 1 +
3 files changed, 75 insertions(+)
diff --git a/debian/changelog b/debian/changelog
index a7cb405..a3077b3 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+apache-directory-api (1.0.0~M20-3) unstable; urgency=medium
+
+ * Fixed CVE-2015-3050: Timing Attack vulnerability (Closes: #791957)
+
+ -- Emmanuel Bourg <ebourg at apache.org> Thu, 09 Jul 2015 23:07:02 +0200
+
apache-directory-api (1.0.0~M20-2) unstable; urgency=medium
* Ignore the parent pom for the api-all artifact
diff --git a/debian/patches/02-CVE-2015-3250.patch b/debian/patches/02-CVE-2015-3250.patch
new file mode 100644
index 0000000..5f77e30
--- /dev/null
+++ b/debian/patches/02-CVE-2015-3250.patch
@@ -0,0 +1,68 @@
+Description: Fixes CVE-2015-3050: Timing Attack vulnerability
+ This patch can be removed after upgrading to the version 1.0.0-M31 or later
+Origin: backport, https://svn.apache.org/r1688300
+--- a/ldap/model/src/main/java/org/apache/directory/api/ldap/model/password/PasswordUtil.java
++++ b/ldap/model/src/main/java/org/apache/directory/api/ldap/model/password/PasswordUtil.java
+@@ -25,7 +25,6 @@
+ import java.security.MessageDigest;
+ import java.security.NoSuchAlgorithmException;
+ import java.security.SecureRandom;
+-import java.util.Arrays;
+ import java.util.Date;
+
+ import org.apache.directory.api.ldap.model.constants.LdapSecurityConstants;
+@@ -254,14 +253,51 @@
+ byte[] userPassword = PasswordUtil.encryptPassword( receivedCredentials, encryptionMethod.getAlgorithm(),
+ encryptionMethod.getSalt() );
+
+- // Now, compare the two passwords.
+- return Arrays.equals( userPassword, encryptedStored );
++ return compareBytes( userPassword, encryptedStored );
+ }
+ else
+ {
+- return Arrays.equals( storedCredentials, receivedCredentials );
++ return compareBytes( receivedCredentials, storedCredentials );
+ }
+ }
++
++
++ /**
++ * Compare two byte[] in a constant time. This is necessary because using an Array.equals() is
++ * not Timing attack safe ([1], [2] and [3]), a breach that can be exploited to break some hashes.
++ *
++ * [1] https://en.wikipedia.org/wiki/Timing_attack
++ * [2] http://rdist.root.org/2009/05/28/timing-attack-in-google-keyczar-library/
++ * [3] https://cryptocoding.net/index.php/Coding_rules
++ */
++ private static boolean compareBytes( byte[] provided, byte[] stored )
++ {
++ if ( stored == null )
++ {
++ return provided == null;
++ }
++ else if ( provided == null )
++ {
++ return false;
++ }
++
++ // Now, compare the two passwords, using a constant time method
++ if ( stored.length != provided.length )
++ {
++ return false;
++ }
++
++ // loop on *every* byte in both passwords, and at the end, if one char at least is different, return false.
++ int result = 0;
++
++ for ( int i = 0; i < stored.length; i++ )
++ {
++ // If both bytes are equal, xor will be == 0, otherwise it will be != 0 and so will result.
++ result |= ( stored[i] ^ provided[i] );
++ }
++
++ return result == 0;
++ }
+
+
+ /**
diff --git a/debian/patches/series b/debian/patches/series
index da693f0..18a851d 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1 +1,2 @@
01-jar-packaging.patch
+02-CVE-2015-3250.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-java/apache-directory-api.git
More information about the pkg-java-commits
mailing list