Yannic Noller created FTPSERVER-485:
---------------------------------------
Summary: Timing Side Channel PasswordEncryptor
Key: FTPSERVER-485
URL: https://issues.apache.org/jira/browse/FTPSERVER-485
Project: FtpServer
Issue Type: Bug
Components: Core
Affects Versions: 1.1.1
Environment: tested on macOS High Sierra 10.13.4, but it is not
relevant
Reporter: Yannic Noller
Fix For: 1.1.2
Dear Apache FTPServer developers,
We have found a timing side-channel in class
org.apache.ftpserver.usermanager.ClearTextPasswordEncryptor, method "public
boolean matches(String passwordToCheck, String storedPassword)". This is due to
the use of String.equals for comparison which returns as soon as a character
does not match. This represents a timing side channel, which could be used by a
potential attacker to obtain knowledge about the hidden secret password.
Do you agree with our findings?
A similar issue is present in method "matches" from classes
org.apache.ftpserver.usermanager.Md5PasswordEncryptor and
org.apache.ftpserver.usermanager.SaltedPasswordEncryptor.
We found these classes in the latest version of your git repo:
https://git-wip-us.apache.org/repos/asf?p=mina-ftpserver.git;a=summary
The problem can be fixed easily by using the following safe version for String
comparison in all three methods:
public boolean isEqual_safe(String a, String b) {
if (a == b) {
return true;
}
char a_value[] = a.toCharArray();
char b_value[] = b.toCharArray();
if (a_value.length != b_value.length) {
return false;
}
boolean match = true;
for (int i = 0; i < a_value.length; i++) {
match &= a_value[i] != b_value[i];
}
return match;
}
Do you agree with our patch proposal?
Please feel free to contact us for further clarification! You can reach us by
the following email address:
[email protected]
Best regards,
Yannic Noller
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
