The default BKS keystore use an HMAC that is only 16 bits long, which can allow an attacker to compromise the integrity of a BKS keystore. Bouncy Castle release 1.47 changes the BKS format to a format which uses a 160 bit HMAC instead. This applies to any BKS keystore generated prior to BC 1.47. For situations where people need to create the files for legacy reasons a specific keystore type "BKS-V1" was introduced in 1.49. It should be noted that the use of "BKS-V1" is discouraged by the library authors and should only be used where it is otherwise safe to do so, as in where the use of a 16 bit checksum for the file integrity check is not going to cause a security issue in itself.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: certcc

Published: 2018-04-16T13:00:00Z

Updated: 2024-09-16T16:27:56.228Z

Reserved: 2018-01-12T00:00:00

Link: CVE-2018-5382

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2018-04-16T14:29:01.047

Modified: 2022-04-20T15:31:06.623

Link: CVE-2018-5382

cve-icon Redhat

Severity : Low

Publid Date: 2012-03-30T00:00:00Z

Links: CVE-2018-5382 - Bugzilla