Security News > 2022 > April > Oracle already wins 'crypto bug of the year' with Java digital signature bypass

Oracle already wins 'crypto bug of the year' with Java digital signature bypass
2022-04-20 20:11

Java versions 15 to 18 contain a flaw in its ECDSA signature validation that makes it trivial for miscreants to digitally sign files and other data as if they were legit organizations.

Java 15-18 ECDSA doesn't sanity check that the random x coordinate and signature proof are nonzero; a signature validates any message.

The bug was introduced when part of Java 15's signature-verification code was rewritten from its native C++ into Java itself - including the ECDSA verification code.

To verify a signature, the code performs some math involving a hash of the data, the public key of whichever organization or person digitally signed the data, r, and s; one side of the equation uses r, the other s. Both sides of this computation must equal for the signature check to pass.

If the signature check fails, that likely means whoever signed the data isn't who they say they are and the data shouldn't be trusted.

The bug arose because the original C++ code checked that both r and s are non-zero, and wouldn't accept the signature if they were.


News URL

https://go.theregister.com/feed/www.theregister.com/2022/04/20/java_authentication_bug/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Oracle 698 249 2225 1709 366 4549