Bounty Castle, a popular open source cryptography library, has been found to have a authentication bypass vulnerability, tracked in CVE-2020-28052, which can be found in their
OpenBSDBcrypt class. Is because their
Bcrypt.doCheckPassword() function has an error in logic and attackers can bypass password checks.
boolean isEqual = sLength == newBcryptString.length();
for (int i = 0; i != sLength; i++)
{
isEqual &= (bcryptString.indexOf(i) == newBcryptString.indexOf(i));
}
return isEqual;
The doCheckPassword method implements a flawed verification routine. The code checks for an index of characters from 0 to 59 inclusive, rather than checking that characters at positions from 0 to 59 match. This means that passwords that result in hashes that, for instance, don’t contain bytes between 0x00 and 0x3B match every other password hash that don’t contain them. Passing this check means an attacker doesn’t need a byte-for-byte match with the stored hash value.
Timeline:
- October 20, 2020: Vulnerability disclosed to Bouncy Castle
- October 22, 2020: Synopsys confirms no products use version vulnerable to this issue
- October 27, 2020: Synopsys discloses vulnerability to Bouncy Castle
- October 28, 2020: Bouncy Castle confirms vulnerability
- November 2, 2020: Synopsys validates Bouncy Castle fixed vulnerability
- December 17, 2020: Advisory published
For a more detailed explanation you can read it here: (
https://www.synopsys.com/blogs/software-security/cve-2020-28052-bouncy-castle/)
