stevenroose
commented
6 years ago Quoting the page:
BouncyCastle TLS prior to version 1.0.3, when configured to use the JCE (Java Cryptography Extension) for cryptographic functions, provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable application. This vulnerability is referred to as "ROBOT."
This means that the vulnerability was part of the Java Cryptography Extension and more specifically its random number generator. Since Pointy Castle doesn't use the Java random number generator, this is not relevant for us.
Note, however, that random number generating in Dart is not considered safe. When generating private keys, it's advised to provide your own entropy data to enhance the randomness of the key. In the past Ivan Zaera and myself did some research towards implementing entropy sources in Dart, but that work stalled a bit.
On 14 Dec 2017 5:32 pm, "Joseph B. Axenroth" notifications@github.com wrote:
With PointyCastle an 'almost always direct' port of Bouncy Castle, and with Bouncy Castle affected by the ROBOT vulnerability, how relevant is this issue to PointyCastle?
For reference: https://nvd.nist.gov/vuln/detail/CVE-2017-13098
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/PointyCastle/pointycastle/issues/115, or mute the thread https://github.com/notifications/unsubscribe-auth/AA0F3Cmr9uTd_5-ziEi2Rx32fgGbP6NWks5tAU2xgaJpZM4RCU_I .
jbaxe2
With PointyCastle an 'almost always direct' port of Bouncy Castle, and with Bouncy Castle affected by the ROBOT vulnerability, how relevant is this issue to PointyCastle?
For reference: https://nvd.nist.gov/vuln/detail/CVE-2017-13098