Lucene search

BensmythH1:1927480

HistoryMar 31, 2023 - 1:33 p.m.

Node.js: DiffieHellman doesn't generate keys after setting a key

2023-03-3113:33:05

bensmyth

hackerone.com

node.js

diffiehellman

openssl

security

cryptography

bug bounty

key reuse

cryptanalysis

application security

0.001 Low

EPSS

Percentile

31.0%

JSON

DiffieHellman doesn’t generate keys after setting a key

Steps To Reproduce:

Instantiate: const dh = crypto.createDiffieHellman(1024);
Set private key:

//set private key to 2
dh.setPrivateKey(Buffer.from("02", 'hex'));        
//outputs 02 (as expected)
console.log(dh.getPrivateKey().toString('hex'));

Generate random private key:

//generate random private key
dh.generateKeys();                                 
//outputs 02: zero day.
console.log(dh.getPrivateKey().toString('hex'));

Underlying issue:

OpenSSL (https://github.com/majek/openssl/blob/master/crypto/dh/dh_key.c) doesn’t generate keys when they’re already instantiated:

if (dh-&gt;priv_key == NULL)
  {
  priv_key=BN_new();
  if (priv_key == NULL) goto err;
  generate_new_key=1;
  }
else
  priv_key=dh-&gt;priv_key;

if (dh-&gt;pub_key == NULL)
  {
  pub_key=BN_new();
  if (pub_key == NULL) goto err;
  }
else
  pub_key=dh-&gt;pub_key;

node:crypto should use OpenSSL correctly. Method generateKeys() should re-instantiate OpenSSL before requesting a key, thereby avoiding the above.

Impact

DiffieHellman may be used as the basis for application level security, implications are consequently broad. E.g., key reuse can cause major problems, cryptanalysis may break confidentiality, integrity, …