CVE-2016-1000341

In the Bouncy Castle JCE Provider version 1.55 and earlier DSA signature generation is vulnerable to timing attack. Where timings can be closely observed for the generation of signatures, the lack of blinding in 1.55, or earlier, may allow an attacker to gain information about the signature's k value and ultimately the private value as well.

References

Affected packages

Git / github.com/bcgit/bc-java

Affected ranges

Type: GIT
Repo: https://github.com/bcgit/bc-java
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

acaac81f96fec91ab45bd0412beaf9c3acd8defa

Database specific

vanir_signatures

[
    {
        "id": "CVE-2016-1000341-3786a395",
        "source": "https://github.com/bcgit/bc-java/commit/acaac81f96fec91ab45bd0412beaf9c3acd8defa",
        "digest": {
            "length": 3840.0,
            "function_hash": "332216072917143225016669381995500682324"
        },
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Function",
        "target": {
            "function": "dsa2Test2",
            "file": "core/src/test/java/org/bouncycastle/crypto/test/DSATest.java"
        }
    },
    {
        "id": "CVE-2016-1000341-44131fbf",
        "source": "https://github.com/bcgit/bc-java/commit/acaac81f96fec91ab45bd0412beaf9c3acd8defa",
        "digest": {
            "length": 3372.0,
            "function_hash": "132520434026343356662659693889203659699"
        },
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Function",
        "target": {
            "function": "testDSAsha3",
            "file": "core/src/test/java/org/bouncycastle/crypto/test/DSATest.java"
        }
    },
    {
        "id": "CVE-2016-1000341-90aa7997",
        "source": "https://github.com/bcgit/bc-java/commit/acaac81f96fec91ab45bd0412beaf9c3acd8defa",
        "digest": {
            "line_hashes": [
                "101623258396802195745928390301909020120",
                "141911700922968322402528915372867249074",
                "47717762657888948296539155732098304832",
                "130087374023590658792100315374088741491",
                "120697253325677582348732731504813882663",
                "180805582416965996222940918730378864453",
                "328751699585688392773396616611117382461",
                "184237007539684771754083518672157902133",
                "57298324200353916106310044498151589120",
                "264006021059104934356356918072118447544",
                "179589365098612086910308314107054821269",
                "313994154400472098598049410499815232467",
                "208022473238082062201656747683375387873",
                "108200116986003569089480169059879799524",
                "191475712055987174752106979460225798874",
                "333484796816810922990762856390864110192",
                "210933362944930226047994599622878519482",
                "181172003699713230324981339712466632189",
                "131874832618466708838361909954319817062",
                "101519443734930699179234827637214046647",
                "95386716264728424337345568895090477260",
                "55425581921891842039855219368000920701",
                "100738196212093008070254553128877109075",
                "53842363678502837221005663256801176183"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Line",
        "target": {
            "file": "core/src/test/java/org/bouncycastle/crypto/test/DSATest.java"
        }
    },
    {
        "id": "CVE-2016-1000341-98d35ec2",
        "source": "https://github.com/bcgit/bc-java/commit/acaac81f96fec91ab45bd0412beaf9c3acd8defa",
        "digest": {
            "line_hashes": [
                "286692849273882713081015363242835817411",
                "175615143587053739965663423854608411461",
                "74231815013044889146827164898614175810",
                "62093917002935173989964195951200312194",
                "121627702418919596104693377004985903472",
                "27326605225308319666667164385318231178"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Line",
        "target": {
            "file": "core/src/main/java/org/bouncycastle/crypto/signers/DSASigner.java"
        }
    },
    {
        "id": "CVE-2016-1000341-b10c8585",
        "source": "https://github.com/bcgit/bc-java/commit/acaac81f96fec91ab45bd0412beaf9c3acd8defa",
        "digest": {
            "length": 3904.0,
            "function_hash": "174264209177949416758152729935670332932"
        },
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Function",
        "target": {
            "function": "dsa2Test3",
            "file": "core/src/test/java/org/bouncycastle/crypto/test/DSATest.java"
        }
    },
    {
        "id": "CVE-2016-1000341-c1ff6d5a",
        "source": "https://github.com/bcgit/bc-java/commit/acaac81f96fec91ab45bd0412beaf9c3acd8defa",
        "digest": {
            "length": 1514.0,
            "function_hash": "278026125415969238902720980754529650627"
        },
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Function",
        "target": {
            "function": "doDsaTest",
            "file": "prov/src/test/java/org/bouncycastle/jce/provider/test/DSATest.java"
        }
    },
    {
        "id": "CVE-2016-1000341-cb3650bb",
        "source": "https://github.com/bcgit/bc-java/commit/acaac81f96fec91ab45bd0412beaf9c3acd8defa",
        "digest": {
            "length": 2823.0,
            "function_hash": "73015939201965326250105389457540911367"
        },
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Function",
        "target": {
            "function": "dsa2Test1",
            "file": "core/src/test/java/org/bouncycastle/crypto/test/DSATest.java"
        }
    },
    {
        "id": "CVE-2016-1000341-d17a028d",
        "source": "https://github.com/bcgit/bc-java/commit/acaac81f96fec91ab45bd0412beaf9c3acd8defa",
        "digest": {
            "length": 4747.0,
            "function_hash": "302489959093201877245912788954956247328"
        },
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Function",
        "target": {
            "function": "dsa2Test4",
            "file": "core/src/test/java/org/bouncycastle/crypto/test/DSATest.java"
        }
    },
    {
        "id": "CVE-2016-1000341-e5c0bdad",
        "source": "https://github.com/bcgit/bc-java/commit/acaac81f96fec91ab45bd0412beaf9c3acd8defa",
        "digest": {
            "length": 613.0,
            "function_hash": "13395242249344282220682039393748973720"
        },
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Function",
        "target": {
            "function": "generateSignature",
            "file": "core/src/main/java/org/bouncycastle/crypto/signers/DSASigner.java"
        }
    },
    {
        "id": "CVE-2016-1000341-f210013d",
        "source": "https://github.com/bcgit/bc-java/commit/acaac81f96fec91ab45bd0412beaf9c3acd8defa",
        "digest": {
            "line_hashes": [
                "206490056588690441468351636743553780203",
                "29275357234013625521366466037282071831",
                "70619095441539430949394795956488942782",
                "139603454725246611501158339430960769313"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Line",
        "target": {
            "file": "prov/src/test/java/org/bouncycastle/jce/provider/test/DSATest.java"
        }
    }
]