Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

EnvelopedData.decrypt() breaks if UKM is absent when using ECDH #335

Open
gnarea opened this issue Oct 8, 2021 · 0 comments
Open

EnvelopedData.decrypt() breaks if UKM is absent when using ECDH #335

gnarea opened this issue Oct 8, 2021 · 0 comments

Comments

@gnarea
Copy link
Contributor

gnarea commented Oct 8, 2021
edited

This bug doesn't affect me but I found it by chance whilst debugging #334: If you try to decrypt an EnvelopedData that doesn't have a user keying material (UKM) and you're using ECDH, you'd get the following error:

TypeError: Cannot read property 'toBER' of undefined

    at LocalConstructedValueBlock.toBER (/home/gus/repos/relaynet-core-js/node_modules/asn1js/src/asn1.js:1247:35)
    at Constructed.toBER (/home/gus/repos/relaynet-core-js/node_modules/asn1js/src/asn1.js:931:45)
    at LocalConstructedValueBlock.toBER (/home/gus/repos/relaynet-core-js/node_modules/asn1js/src/asn1.js:1247:35)
    at Sequence.toBER (/home/gus/repos/relaynet-core-js/node_modules/asn1js/src/asn1.js:931:45)
    at /home/gus/repos/relaynet-core-js/node_modules/pkijs/src/EnvelopedData.js:1429:45
    at processTicksAndRejections (internal/process/task_queues.js:97:5)
    at Object.<anonymous> (/home/gus/repos/relaynet-core-js/src/integration_tests/pkijs_bug.test.ts:59:21)

That's because ukm is assumed to be present:

PKI.js/src/EnvelopedData.js

Line 953 in 699ac6e

entityUInfo: recipientInfo.value.ukm,

PKI.js/src/ECCCMSSharedInfo.js

Line 187 in 682ef8d

if("entityUInfo" in this)

But it doesn't have to be according to RFC 5753:

ukm MAY be present or absent. However, message originators SHOULD include the ukm.

Note that openssl cms -encrypt doesn't add a UKM, and BouncyCastle would only do it if explicitly set.
@gnarea gnarea mentioned this issue Oct 8, 2021
Closed
gnarea added a commit to relaycorp/awala-jvm that referenced this issue Oct 15, 2021
@gnarea
fix(EnvelopedData): Set UKM when using key agreement
fe2f389 
For security reasons and because [PKI.js requires it](PeculiarVentures/PKI.js#335).

I couldn't write a test for the change in EnvelopedData due to bcgit/bc-java#1043

This work is part of relaycorp/relayverse#27
@gnarea gnarea mentioned this issue Oct 15, 2021
Merged
kodiakhq bot pushed a commit to relaycorp/awala-jvm that referenced this issue Oct 15, 2021
@gnarea
fix(EnvelopedData): Set UKM when using key agreement (#166)
d45f242 
For security reasons and because [PKI.js requires it](PeculiarVentures/PKI.js#335).

I couldn't write a test for the change in EnvelopedData due to bcgit/bc-java#1043

This work is part of relaycorp/relayverse#27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@gnarea