[IDENTITY-3092] Bleichenbacher's attack on wss4j Created: 19/Feb/15 Updated: 08/Mar/15 Resolved: 04/Mar/15 Status: Project: Component/s: Affects Version/s: Fix Version/s: Resolved WSO2 Identity Server None None Type: Reporter: Resolution: Labels: Remaining Estimate: Time Spent: Original Estimate: Security Vulnerability Ishara Karunarathna Fixed None Not Specified Attachments: SECURITYINTERNAL-33.patch Major Moderate None Priority: Assignee: Votes: Highest Ishara Karunarathna 0 Not Specified Not Specified Severity: Estimated Complexity: Test cases added: Yes Comments Comment by Ishara Karunarathna [ 19/Feb/15 ] There are number of attacks on PKCS#1 v1.5 Key Transport Algorithm, used to encrypt symmetric keys as part of WS-Security. One of these attacks exploits the fact that WSS4J can leak information about where a particular decryption operation fails. And this is fixed generating a new symmetric key if the decryption of the encrypted key fails. In this way it is not possible for an attacker to find out whether a decryption failure was due to the failure of decrypting the key or the data. With that fix also it is still possible to craft a message such that an attacker can tell where the decryption failure took place, and hence WSS4J is vulnerable to the original attack. So this is the one fixed by http://ws.apache.org/wss4j/advisories/CVE-2015-0226.txt.asc In our case we don't have any of these fixes. Comment by Ishara Karunarathna [ 19/Feb/15 ] Hi, Attached diff contain the fix. Thanks, Ishara Comment by Ananda Manoj Kumara [ 19/Feb/15 ] Committed to patch0010 with r211465. Comment by Darshana Gunawardana [ 04/Mar/15 ] Please find the patch from http://wso2.com/products/identity-server/ Comment by Johann Nallathamby [ 08/Mar/15 ] Merged to git with https://github.com/wso2/wso2wss4j/commit/f3b85861f374aa385098b180a426b4d52901260a Generated at Wed Feb 10 06:41:21 IST 2016 using JIRA 6.0.1#6096sha1:e4a48bd73c6b8a4d99c824976ce5808b4c85857d.