PurpleI2P / i2pd

🛡 I2P: End-to-End encrypted and anonymous Internet
https://i2pd.website
BSD 3-Clause "New" or "Revised" License
3.29k stars 424 forks source link

Use of Password Hash With Insufficient Computational Effort #2120

Closed s-b-repo closed 3 weeks ago

s-b-repo commented 3 weeks ago

X509_sign (x509, pkey, EVP_sha1 ()); // sign, last param must be NULL for EdDSA

line #420 I2PControl.cpp

EVP_sha1 hash (used in EVP_sha1) is insecure. Consider changing it to a secure hashing algorithm.

orignal commented 3 weeks ago

That's what x2509 requires. Please stop it.

s-b-repo commented 2 weeks ago

sha1 is insecure

s-b-repo commented 2 weeks ago

using SHA-1 for cryptographic signing is considered insecure due to known vulnerabilities, and it’s highly recommended to switch to a more secure hash function. Commonly recommended algorithms for secure signing are:

SHA-256: Part of the SHA-2 family and widely supported, providing better security than SHA-1.
SHA-512: Also part of SHA-2, offering even stronger security, though it produces a larger signature.

Here’s how you might modify the line to use a stronger hash algorithm:

cpp

X509_sign(x509, pkey, EVP_sha256()); // or EVP_sha512()

Special Case for EdDSA

If you’re working with EdDSA, it’s best to note that EdDSA uses its own internal hashing mechanism (like SHA-512 for Ed25519), so you’d typically specify NULL for the hash parameter when using EdDSA keys. The modified line for EdDSA would look like this:

cpp

X509_sign(x509, pkey, NULL); // EdDSA uses its own hash, so we pass NULL

Using EVP_sha256 or EVP_sha512 is generally good for other non-EdDSA keys.

orignal commented 2 weeks ago

Certificate with EdDSA? ChatGPT is kidding

orignal commented 2 weeks ago

sha1 is insecure

For self-signed certificates and local connection? Before opening issues like this look at the context.