search

microsoft / react-native-code-push

React Native module for CodePush
http://appcenter.ms
Other
8.87k stars 1.44k forks source link

Looks like the Security vulnerability due to using com.nimbusds:nimbus-jose-jwt still exists #2714

Open sizhe-eb opened 2 weeks ago

sizhe-eb commented 2 weeks ago

Steps to Reproduce

We are using the MobSF platform to do a static analysis and got "The App uses the encryption mode CBC with PKCS5/PKCS7 padding. This configuration is vulnerable to padding oracle attacks." warning. And it's related to these two files:

Upgrade the react-naive-code-push to the latest version 8.2.2, this warning is still exist. But disappear after removing it form the project.

Expected Behavior

The warning should disappear with the latest version 8.2.2

Reproducible Demo

image

Environment

DordeDimitrijev commented 5 days ago

Hello @sizhe-eb thank you for reaching out. I tried to use mobSF tool but wasn't able to set it up on my demo app. On the other hand I saw there were some vulnerabilities with dependencies of com.nimbusds:nimbus-jose-jwt library so I bumped it to latest version. Here is the link to the changes, please let me know if it resolves the issue for you so we can create a PR for this.

sizhe-eb commented 4 days ago

Hi @DordeDimitrijev, thanks for your reply! I just followed your commit and changed to com.nimbusds:nimbus-jose-jwt:9.40, but the vulnerability still exists. I think it's still related to the com.nimbusds:nimbus-jose-jwt library.

https://github.com/felx/nimbus-jose-jwt/blob/master/src/main/java/com/nimbusds/jose/jca/JCASupport.java https://github.com/felx/nimbus-jose-jwt/blob/master/src/main/java/com/nimbusds/jose/crypto/AESCBC.java

// JCASupport.java
...
public static boolean isSupported(final EncryptionMethod enc, final Provider provider) {

        if (EncryptionMethod.Family.AES_CBC_HMAC_SHA.contains(enc)) {
            ...
            try {
                Cipher.getInstance("AES/CBC/PKCS5Padding", provider);  // <----- this line
            }
                         ...
        }
...
// AESCBC.java
...
private static Cipher createAESCBCCipher(final SecretKey secretKey,
                                         final boolean forEncryption,
                                         final byte[] iv,
                                         final Provider provider)
        throws JOSEException {

        Cipher cipher;

        try {
                         // This line
            cipher = CipherHelper.getInstance("AES/CBC/PKCS5Padding", provider);
            ...

        } catch (Exception e) {

            throw new JOSEException(e.getMessage(), e);
        }

        return cipher;
    }
...

https://docs.oracle.com/javase/8/docs/api/javax/crypto/Cipher.html

CBC mode has no integrity and authentication, I think it's better to use AES-GCM which is in TLS 1.3 has an authenticated encryption scheme that provides both integrity and authentication.

Replacing AES/CBC/PKCS5Padding with AES/GCM/NoPadding may resolve this vulnerability.

DordeDimitrijev commented 3 hours ago

Hello @sizhe-eb, in our codebase we don't use any of those classes so I propose that you open an issue on the official repo of nimbus-jose-wt so they can fix the vulnerability on their side. Let us know when they do and we'll gladly update the library to the latest version to fix the vulnerability.