Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Insecure Randomness #265

Closed
ahpaleus opened this issue Sep 19, 2023 · 6 comments
Closed

Insecure Randomness #265

ahpaleus opened this issue Sep 19, 2023 · 6 comments
Assignees
@greenpau
Labels
security

Comments

@ahpaleus
Copy link

Severity: High

The caddy-security plugin uses the math/rand Golang library with a seed based on the Unix timestamp to generate strings for three security-critical contexts in the application, which could possibly be predicted via a brute-force search. Attackers could use the potentially predictable nonce value used for authentication purposes in the OAuth flow to conduct OAuth replay attacks. In addition, insecure randomness is used while generating multifactor authentication (MFA) secrets and creating API keys in the database package.

To immediately mitigate this vulnerability, use a cryptographically secure random number generator for generating the random strings. Golang’s library crypto/rand is designed for secure random number generation.

In addition to that fix, we recommend considering the following long-term recommendations:

  • Review the application for other instances where the math/rand package is used for secure context. Create secure wrapping functions and use them throughout the code to serve a cryptographically secure string with the requested length.
  • Avoid duplicating code. Having a single function, such as secureRandomString, rather than multiple duplicate functions makes it easier to audit and verify the system’s security. It also prevents future changes to the codebase from reintroducing issues.
  • Implement Semgrep in the CI/CD. The math-random-used Semgrep rule will catch instances where math/rand is used. Refer to our Testing Handbook on Semgrep for more information.
  • Read textbooks such as Real World Cryptography, as it is a great resource for practical cryptographic considerations.

More information about our public disclosure:
@st3fan
Copy link

st3fan commented Sep 21, 2023

@greenpau let me know if you accept contributions for this issue. I was reading the util code in go-authcrunch and I think it is relatively simple to convert it to use crypto/rand instead. I'm happy to give that a shot.

@greenpau
Copy link
Owner

@st3fan , please do! 😄 thank you for the offer!

@gedw99
Copy link

gedw99 commented Nov 9, 2023

Thos looks like a simple fix. Is anyone working on it ?

@greenpau
Copy link
Owner

greenpau commented Nov 9, 2023

@gedw99 , feel free to contribute!

@greenpau greenpau self-assigned this Dec 2, 2023
greenpau added a commit to greenpau/go-authcrunch that referenced this issue Dec 2, 2023
@greenpau
security: addresses insecure randomness finding
ecd3725 
See also: greenpau/caddy-security#265
@greenpau
Copy link
Owner

greenpau commented Dec 2, 2023

@ahpaleus , please see if the fix addresses your concerns.

@greenpau
Copy link
Owner

greenpau commented Dec 9, 2023

No activity. Closing.

@greenpau greenpau closed this as completed Dec 9, 2023
@GoVulnBot GoVulnBot mentioned this issue Feb 17, 2024
Closed
@FiloSottile FiloSottile mentioned this issue Apr 26, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@greenpau greenpau

Labels
security
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@st3fan @greenpau @ahpaleus @gedw99