Skip to content

Commit

Permalink
fix(weaver): usage of weak PRNG issue
Browse files Browse the repository at this point in the history
The Logic Behind the Problem
When RNG (Random Number Generator) values are not received through a hardware TRNG, seed values apply a certain pattern. (It takes a seed value such as a mathematical formula or time.) In response to this situation, there are various secure random classes to increase security.

Solution
Changes have been made to get random values using safe randomness instead of mathematical randomness. This increases the complexity of the pattern, making it difficult to discover even if data is listened to for long periods of time.

The changes that have been made;
- In the certificate_utils.go file, the random value was taken from the math class (mrand math/rand) and used. By taking this random value from the secure random class, we obtain a more reliable random value. I added HmacGenerate and generateSecureRandomKey functions for readability and ease of use. If you want to generate a key again, the generateSecureRandomKey function, which uses secure random, can be used.

- In HashFunctions.kt, kotlin.random.Random class has been replaced with the more reliable java.security.SecureRandom class.

- The reason for the change in eciesCrypto.js is that the length of aes-128-ctr is not considered reliable by various standards. For this reason, I preferred the more reliable 256 length.

Fixes hyperledger-cacti#2765
-------
**Pull Request Requirements**
- [☑] Rebased onto  branch and squashed into single commit to help maintainers review it more efficient and to avoid spaghetti git commit graphs that obfuscate which commit did exactly what change, when and, why.

- [☑] Have git sign off at the end of commit message to avoid being marked red. You can add  flag when using On branch main
Your branch is up to date with 'origin/main'.

Untracked files:
  (use "git add <file>..." to include in what will be committed)
	.vs/

nothing added to commit but untracked files present (use "git add" to track) command. You may refer to this [link](https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits) for more information.
- [  ] Follow the Commit Linting specification. You may refer to this [link](https://www.conventionalcommits.org/en/v1.0.0-beta.4/#specification) for more information.

**Character Limit**
- [☑] Pull Request Title and Commit Subject must not exceed 72 characters (including spaces and special characters).
- [ ] Commit Message per line must not exceed 80 characters (including spaces and special characters).

**A Must Read for Beginners**
For rebasing and squashing, here's a [must read guide](https://github.com/servo/servo/wiki/Beginner's-guide-to-rebasing-and-squashing) for beginners.
  • Loading branch information
KaganCanSit committed Dec 2, 2023
1 parent e171d15 commit 4bcd046
Show file tree
Hide file tree
Showing 3 changed files with 36 additions and 13 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,6 @@ import (
"fmt"
"hash"
"math/big"
mrand "math/rand"
"time"

"golang.org/x/crypto/ed25519"
Expand Down Expand Up @@ -207,7 +206,7 @@ func ecdsaVerify(verKey *ecdsa.PublicKey, msgHash, signature []byte) error {
return nil
}

//Validate Ed25519 signature
// Validate Ed25519 signature
func verifyEd25519Signature(pubKey []byte, hashedMessage []byte, signature []byte) error {

result := ed25519.Verify(pubKey, hashedMessage, signature)
Expand Down Expand Up @@ -297,12 +296,31 @@ func encryptWithEd25519PublicKey(message []byte, pubKey []byte) ([]byte, error)
return []byte(""), nil
}

func generateSecureRandomKey(length int) ([]byte, error) {
key := make([]byte, length)
_, err := rand.Read(key)
if err != nil {
return nil, err
}
return key, nil
}

func generateHMAC(data, key []byte) ([]byte, error) {
hmacHash := hmac.New(sha256.New, key)
_, err := hmacHash.Write(data)
if err != nil {
return nil, err
}
return hmacHash.Sum(nil), nil
}

func generateConfidentialInteropPayloadAndHash(message []byte, cert string) ([]byte, error) {
// Generate a 16-byte random key for the HMAC
hashKey := make([]byte, 16)
for i := 0; i < 16 ; i++ {
hashKey[i] = byte(mrand.Intn(255))
hashKey, err := generateSecureRandomKey(16)
if err != nil {
return []byte(""), err
}

confidentialPayloadContents := common.ConfidentialPayloadContents{
Payload: message,
Random: hashKey,
Expand All @@ -311,22 +329,26 @@ func generateConfidentialInteropPayloadAndHash(message []byte, cert string) ([]b
if err != nil {
return []byte(""), err
}

x509Cert, err := parseCert(cert)
if err != nil {
return []byte(""), err
}

encryptedPayload, err := encryptWithCert(confidentialPayloadContentsBytes, x509Cert)
if err != nil {
return []byte(""), err
}

payloadHMAC := hmac.New(sha256.New, hashKey)
payloadHMAC.Write(message)
payloadHMACBytes := payloadHMAC.Sum(nil)
payloadHMAC, err := generateHMAC(message, hashKey)
if err != nil {
return []byte(""), err
}

confidentialPayload := common.ConfidentialPayload{
EncryptedPayload: encryptedPayload,
HashType: common.ConfidentialPayload_HMAC,
Hash: payloadHMACBytes,
Hash: payloadHMAC,
}
confidentialPayloadBytes, err := proto.Marshal(&confidentialPayload)
if err != nil {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ package org.hyperledger.cacti.weaver.sdk.corda;
import java.util.Base64
import net.corda.core.utilities.OpaqueBytes
import net.corda.core.crypto.sha256
import kotlin.random.Random
import java.security.SecureRandom
import org.hyperledger.cacti.weaver.protos.common.asset_locks.AssetLocks.HashMechanism
import org.hyperledger.cacti.weaver.imodule.corda.states.sha512

Expand Down Expand Up @@ -42,8 +42,9 @@ class HashFunctions {

override fun generateRandomPreimage(length: Int)
{
val bytes = ByteArray(length)
Random.nextBytes(bytes)
val secureRandom = SecureRandom.getInstanceStrong();
val bytes = ByteArray(length);
secureRandom.nextBytes(bytes);
this.setPreimage(Base64.getEncoder().encodeToString(bytes));
}
override fun setPreimage(preImage: String) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -161,7 +161,7 @@ function eciesEncryptMessage(recipientPublicKey, msg, options) {
const hKm = bitsToBytes(hmacKeyHash.finalize());

const iv = crypto.randomBytes(IVLength);
const cipher = crypto.createCipheriv("aes-128-ctr", Buffer.from(aesKey), iv);
const cipher = crypto.createCipheriv("aes-256-ctr", Buffer.from(aesKey), iv);
const encryptedBytes = cipher.update(msg);
const EM = Buffer.concat([iv, encryptedBytes]);
const D = hmac(hKm, EM, options);
Expand Down

0 comments on commit 4bcd046

Please sign in to comment.