Uploaded image for project: 'Infrastructure'
  1. Infrastructure
  2. INFRA-368

Insecure private key and hashing algorithm for update-center.json signing

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      Hi Guys,

      I am not jenkins/plugin developer, but I did notice this and I think you should consider it:

      The update center certificate is using algorithms and key-sizes that are nowdays generally considered as insecure.

      RSA length is: 512
      Signature algorithm: RSAwithMD5

      Root certificate could use SHA256 instead:
      RSA length is: 2048
      Signature algorithm: RSAwithSHA1

      Combined with the insecure distribution channel (http) this can lead to very severe security breaches on user sites: Is there any better place to insert implant other than build server?

      For convenience:

      Certificate:
          Data:
              Version: 1 (0x0)
              Serial Number: 3735928565 (0xdeadbef5)
          Signature Algorithm: md5WithRSAEncryption
              Issuer: C=US, ST=California, L=San Jose, O=Jenkins Project, CN=Kohsuke Kawaguchi/emailAddress=kk@kohsuke.org
              Validity
                  Not Before: Jan  4 22:04:01 2015 GMT
                  Not After : Jan  4 22:04:01 2016 GMT
              Subject: C=US, ST=California, O=Jenkins Project, CN=Community Update Center
              Subject Public Key Info:
                  Public Key Algorithm: rsaEncryption
                      Public-Key: (512 bit)
                      Modulus:
                          00:bc:06:31:76:79:cc:c9:11:15:42:47:ec:32:61:
                          8d:5e:3d:a6:14:c8:2e:af:e8:e3:6a:f2:71:e5:68:
                          dc:e8:c7:e2:ab:5c:77:dc:fb:3b:aa:9a:e1:6a:49:
                          47:98:28:3b:db:45:de:df:41:36:f8:8f:f9:47:4d:
                          17:71:40:3e:0b
                      Exponent: 65537 (0x10001)
          Signature Algorithm: md5WithRSAEncryption
               97:a5:cc:23:ff:b1:50:46:55:ca:63:73:d4:ea:fa:61:92:6d:
               96:64:04:1b:87:7d:07:1b:ce:70:30:2c:cb:d4:09:0b:86:20:
               85:56:2d:76:ef:5a:32:d1:af:b3:7d:57:6c:35:f5:85:37:33:
               aa:77:55:b1:94:42:e2:4f:cf:12:91:e3:a1:37:b2:9c:b0:89:
               3f:2a:e2:95:18:0f:f9:49:0a:08:9d:89:5a:94:d6:09:1d:d0:
               92:92:4f:38:ac:c9:f8:51:bc:bb:6d:54:fa:d6:f4:a7:41:d9:
               e9:6f:73:5d:6b:11:47:64:6d:6b:57:c3:26:cf:f1:6a:da:98:
               de:f2:87:48:5f:98:34:6a:61:35:85:cc:1e:2f:84:9a:b6:bf:
               9c:91:4e:58:c4:ca:e7:a1:f2:24:62:31:8f:04:d1:c2:0c:ad:
               ff:0d:4a:12:89:27:aa:1b:6a:db:70:55:11:e5:de:17:fe:67:
               3e:08:76:38:0a:7e:70:c2:4b:e4:f0:e9:c8:97:5e:d9:69:89:
               19:22:72:99:53:c2:50:fc:75:a4:d5:1d:dc:22:66:8c:c2:69:
               30:12:33:08:2e:b7:7a:bf:6e:c5:87:c8:b7:16:31:ab:e1:48:
               60:ae:a8:a3:0b:3e:4f:1a:a3:e6:44:2d:07:69:c8:7f:f7:5d:
               d3:b1:78:77
      

        Attachments

          Issue Links

            Activity

            Hide
            danielbeck Daniel Beck added a comment -

            R. Tyler Croy Kohsuke Kawaguchi Didn't we fix this a while back due to a Java update? Or was that only the updates.j.o TLS?

            Show
            danielbeck Daniel Beck added a comment - R. Tyler Croy Kohsuke Kawaguchi Didn't we fix this a while back due to a Java update? Or was that only the updates.j.o TLS?
            Hide
            elyscape Eli Young added a comment -

            This remains an issue. The certificate has been improved in that the signature algorithm is now RSAwithSHA256 and the key length is now 1024 bits. Unfortunately, the smallest key size that's generally recommended for RSA keys nowadays is 1300 bits, with most organizations recommending 2048 bits or more.

            Show
            elyscape Eli Young added a comment - This remains an issue. The certificate has been improved in that the signature algorithm is now RSAwithSHA256 and the key length is now 1024 bits. Unfortunately, the smallest key size that's generally recommended for RSA keys nowadays is 1300 bits, with most organizations recommending 2048 bits or more .
            Hide
            timja Tim Jacomb added a comment -

            Daniel Beck I assume this is fixed?

            Show
            timja Tim Jacomb added a comment - Daniel Beck I assume this is fixed?
            Hide
            danielbeck Daniel Beck added a comment -

            The root certs bundled with Jenkins:

            • Used today, valid until April 2021: 2048 bit RSA, sha1WithRSAEncryption
            • Not yet used, valid until 2028: 4096 bit RSA, sha256WithRSAEncryption

            The current yearly iteration of the signing cert (until October): 2048 bit RSA, sha256WithRSAEncryption

            Between that and the fact that we serve none of the JSON metadata from mirrors (i.e. it's all directly from updates.jenkins.io, usually via HTTPS) we should be good.

            Show
            danielbeck Daniel Beck added a comment - The root certs bundled with Jenkins: Used today, valid until April 2021: 2048 bit RSA, sha1WithRSAEncryption Not yet used, valid until 2028: 4096 bit RSA, sha256WithRSAEncryption The current yearly iteration of the signing cert (until October): 2048 bit RSA, sha256WithRSAEncryption Between that and the fact that we serve none of the JSON metadata from mirrors (i.e. it's all directly from updates.jenkins.io, usually via HTTPS) we should be good.

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              momcilo Momcilo Majic
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: