cve/2018/CVE-2018-5382.md

### [CVE-2018-5382](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5382)
![](https://img.shields.io/static/v1?label=Product&message=Bouncy%20Castle&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=all1.47%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-327%3A%20Use%20of%20a%20Broken%20or%20Risky%20Cryptographic%20Algorithm&color=brighgreen)

### Description

The default BKS keystore use an HMAC that is only 16 bits long, which can allow an attacker to compromise the integrity of a BKS keystore. Bouncy Castle release 1.47 changes the BKS format to a format which uses a 160 bit HMAC instead. This applies to any BKS keystore generated prior to BC 1.47. For situations where people need to create the files for legacy reasons a specific keystore type "BKS-V1" was introduced in 1.49. It should be noted that the use of "BKS-V1" is discouraged by the library authors and should only be used where it is otherwise safe to do so, as in where the use of a 16 bit checksum for the file integrity check is not going to cause a security issue in itself.

### POC

#### Reference
- https://www.oracle.com/security-alerts/cpuoct2020.html

#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/IkerSaint/VULNAPP-vulnerable-app
- https://github.com/pctF/vulnerable-app
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2018-5382](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5382)`
			`![](https://img.shields.io/static/v1?label=Product&message=Bouncy%20Castle&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=all1.47%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-327%3A%20Use%20of%20a%20Broken%20or%20Risky%20Cryptographic%20Algorithm&color=brighgreen)`

			`### Description`

			The default BKS keystore use an HMAC that is only 16 bits long, which can allow an attacker to compromise the integrity of a BKS keystore. Bouncy Castle release 1.47 changes the BKS format to a format which uses a 160 bit HMAC instead. This applies to any BKS keystore generated prior to BC 1.47. For situations where people need to create the files for legacy reasons a specific keystore type "BKS-V1" was introduced in 1.49. It should be noted that the use of "BKS-V1" is discouraged by the library authors and should only be used where it is otherwise safe to do so, as in where the use of a 16 bit checksum for the file integrity check is not going to cause a security issue in itself.

			`### POC`

			`#### Reference`
			`- https://www.oracle.com/security-alerts/cpuoct2020.html`

			`#### Github`
			`- https://github.com/ARPSyndicate/cvemon`
			`- https://github.com/IkerSaint/VULNAPP-vulnerable-app`
			`- https://github.com/pctF/vulnerable-app`