Skip Menu |
 

This queue is for tickets about the Crypt-DSA CPAN distribution.

Report information
The Basics
Id: 71421
Status: open
Priority: 0/
Queue: Crypt-DSA

People
Owner: Nobody in particular
Requestors: H.LiebermanBerg [...] gmail.com
Cc:
AdminCc:

Bug Information
Severity: Critical
Broken in: 1.17
Fixed in: (no value)



Subject: Systems without /dev/random may leak secret key
Download (untitled) / with headers
text/plain 684b
As taught by the '09 Debian PGP disaster relating to DSA, the randomness source is extremely important. On systems without /dev/random, Crypt::DSA falls back to using Data::Random. Data::Random uses rand(), about which the perldoc says "rand() is not cryptographically secure. You should not rely on it in security-sensitive situations." In the case of DSA, this is even worse. Using improperly secure randomness sources can compromise the signing key upon signature of a message. See: http://rdist.root.org/2010/11/19/dsa-requirements-for-random-k-value/ I will provide a patch to disable this fallback. Bug 21968 should be closed as INVALID. Sincerely, Harlan Lieberman-Berg
From: H.LiebermanBerg [...] gmail.com
Patch is attached. Best, -Harlan
Subject: remove-fallback.patch
Description: Remove the ability to fall back to Data::Random Forwarded: yes Bug: https://rt.cpan.org/Public/Bug/Display.html?id=71421 Author: Harlan Lieberman-Berg <H.LiebermanBerg@gmail.com> --- a/lib/Crypt/DSA/Util.pm +++ b/lib/Crypt/DSA/Util.pm @@ -64,11 +64,8 @@ } close $fh; } - elsif ( require Data::Random ) { - $r .= Data::Random::rand_chars( set=>'numeric' ) for 1..$bytes; - } else { - croak "makerandom requires /dev/random or Data::Random"; + croak "makerandom requires /dev/random"; } my $down = $size - 1; $r = unpack 'H*', pack 'B*', '0' x ( $size % 8 ? 8 - $size % 8 : 0 ) .
From: paul [...] city-fan.org
This issue has been assigned CVE reference CVE-2011-3599
I bumped Adam about getting a release out on this CVE.


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.