fix!: Prevent accidental use of insecure key sizes & misconfiguration of secrets #852
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
4 tasks
david-renaud-okta
changed the title
jakelacey2012
suggested changes
Nov 17, 2022
jakelacey2012
approved these changes
Nov 18, 2022
CharlesRea
reviewed
Nov 18, 2022
CharlesRea
reviewed
Nov 28, 2022
verify.js
Outdated
Comment on lines
129
to
136
| } else if (secretOrPublicKey.asymmetricKeyType === 'rsa') { | ||
| options.algorithms = RSA_KEY_ALGS | ||
| } else { | ||
| options.algorithms = PUB_KEY_ALGS | ||
| } |
There was a problem hiding this comment.
This is a slight change from previous behaviour: if we had a PEM with BEGIN RSA PUBLIC KEY, we knew we could narrow down to RSA only, otherwise for BEGIN PUBLIC KEY we allow all public algs.
The former case could have asymmetricKeyType === 'pub-rsa' so we end up allowing slightly more than before.
IMO let's pick up RSA-PSS here, and also handle ECC while we're here for consistency (technically a breaking change for EC though so we need to document it):
if (secretOrPublicKey.type === 'secret') {
options.algorithms = HS_ALGS;
} else if (secretOrPublicKey.asymmetricKeyType === 'rsa-pss' || secretOrPublicKey.asymmetricKeyType === 'rsa-pss') {
options.algorithms = RSA_KEY_ALGS;
} if (secretOrPublicKey.asymmetricKeyType === 'ec') {
options.algorithms = EC_KEY_ALGS;
}
else {
options.algorithms = PUB_KEY_ALGS;
}
There was a problem hiding this comment.
It'd be great to add some explanation of this in the README as well - we don't specify what happens if algorithms is undefined
There was a problem hiding this comment.
Done. We'll add the change to our migration guide
CharlesRea
approved these changes
Nov 29, 2022
3 tasks
Added checks to prevent invalid secrets from being used with the HS*** algorithms when signing and verifying Added checks to prevent the use of insecure asymmetric key sizes except when explicitly overriden via options BREAKING CHANGE: Requires node 12.x or later to allow use of `KeyObject`
Addressing review comments
Rebasing and Addressing review comments
3 tasks
2 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
BREAKING CHANGE: Requires node 12.x or later to allow use of
KeyObjectBy submitting a PR to this repository, you agree to the terms within the Auth0 Code of Conduct. Please see the contributing guidelines for how to create and submit a high-quality PR for this repo.
Description
This PR covers addresses 3 misconfigurations which could compromise security.
allowInsecureKeySizestotruein the options object.Buffers containing malicious objects from being used as key material.Testing
New automated tests have been added for each scenario.
Checklist