crypto-js PBKDF2 vulnerability

Question

crypto-js PBKDF2 vulnerability

returnSky opened this issue 8 months ago · comments

Hi，

crypto-js fixed a vulnerability related to PBKDF2 recently.
Does this vulnerability also affect jsrsasign?
If any impact, when will your start to fix it?

Thanks.

References:

Change default hash algorithm and iteration's for PBKDF2 to prevent weak security by using the default configuration.
crypto-js PBKDF2 1,000 times weaker than specified in 1993 and 1.3M times weaker than current standard

Kenji Urushima · Answer 1 · Thu Nov 23 2023 18:28:45 GMT+0800 (China Standard Time)

Yes, it seems to affect to jsrsasign. When you generate encrypted PKCS#8 private key, it uses PBKDF2. I'll update it and fix the issue.

Kenji Urushima · Answer 2 · Mon Nov 27 2023 19:35:23 GMT+0800 (China Standard Time)

I've released 10.9.0 today.
https://github.com/kjur/jsrsasign/releases/tag/10.9.0
Regarding to encrypted PKCS#8 private key generation, default encryptionScheme have been updated from des-EDE3-CBC to aes256-CBC and default prf have been updated from hmacWithSHA1 to hmacWithSHA256. Also you can set iteration count.