Security

Security Advisory: ZF2015-10

ZF2015-10: Potential Information Disclosure in Zend\Crypt\PublicKey\Rsa\PublicKey

Zend\Crypt\PublicKey\Rsa\PublicKey has a call to openssl_public_encrypt() which uses PHP's default $padding argument, which specifies OPENSSL_PKCS1_PADDING, indicating usage of PKCS1v1.5 padding. This padding has a known vulnerability, the Bleichenbacher's chosen-ciphertext attack, which can be used to decrypt arbitrary ciphertexts.

Action Taken

  • Zend\Crypt\PublicKey\Rsa\PublicKey::encrypt() was updated to accept an additional argument, $padding; the default value for this argument was set to OPENSSL_PKCS1_OAEP_PADDING.
  • Zend\Crypt\PublicKey\Rsa\PrivateKey::decrypt() was updated to accept an additional argument, $padding; the default value for this argument was set to OPENSSL_PKCS1_OAEP_PADDING.
  • Zend\Crypt\PublicKey\Rsa::encrypt() was updated to accept an additional optional argument, $padding, allowing the user to specify the padding to use with PublicKey::encrypt().
  • Zend\Crypt\PublicKey\Rsa::decrypt() was updated to accept an additional optional argument, $padding, allowing the user to specify the padding to use with PrivateKey::decrypt().

The above changes represent a backwards-compatibility break, but were necessary to prevent the outlined vulnerability. If you were using Zend\Crypt\PublicKey\Rsa previously, you will likely need to re-encrypt any data you've previously encrypted to use the new padding. This can be done as follows:

$decrypted = $rsa->decrypt($data, $key, $rsa::MODE_AUTO, OPENSSL_PKCS1_PADDING);
$encrypted = $rsa->encrypt($data, $key); // Encrypted using OPENSSL_PKCS1_OAEP_PADDING

The key may have a value of null in each of the examples above.

The following releases contain the fixes:

  • Zend Framework 2.4.9
  • zend-framework/zend-crypt 2.4.9
  • zend-framework/zend-crypt 2.5.2

This advisory was given the CVE identifier CVE-2015-7503

Recommendations

If you use zend-crypt via either Zend Framework 2 or the zendframework/zend-crypt package, and are using the RSA public key functionality, we recommend upgrading to 2.4.9/2.5.2 immediately.

Other Information

Acknowledgments

The Zend Framework team thanks the following for identifying the issues and working with us to help protect its users:

Released 2015-11-23

Back to advisories

Have you identified a security vulnerability?

Please report it to us at zf-security@zend.com

Copyright

© 2006-2017 by Zend, a Rogue Wave Company. Made with by awesome contributors.

This website is built using zend-expressive and it runs on PHP 7.

Contacts