Bug 21944

Summary: Make it possible for Mageia users to update and use their Estonian ID card certificates
Product: Mageia Reporter: Sander Lepik <mageia>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: jyri2000, lewyssmith, sysadmin-bugs
Version: 6Keywords: advisory, validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: MGA6-32-OK MGA6-64-OK
Source RPM: CVE:
Status comment:

Description Sander Lepik 2017-10-26 21:50:38 CEST 
I have uploaded a patched/updated package for Mageia 6.

Longer description of the problem can be found here:

https://arstechnica.com/information-technology/2017/10/crypto-failure-cripples-millions-of-high-security-keys-750k-estonian-ids/

Updated packages make it possible to switch RSA keys on ID cards with ECDSA keys. This will fix the current theoretical possibility of calculating the private key from the public key.

There are quite a few packages that need to be updated and we are running against the clock as the government will disable old certificates at the second week of November. Before that users have to update their certificates or they can't use online services that require ID card.

Best way for QA is to just install the updates and check that the GUI part of the apps opens up. For functionality testing I'll see help from people who actually use the ID card :)


Suggested advisory:
========================

A vulnerability, dubbed ROCA, was identified in an implementation of RSA key generation due to a fault in a code library developed by Infineon Technologies. The affected encryption keys are used to secure many forms of technology, such as hardware chips, authentication tokens, software packages, electronic documents, TLS/HTTPS keys, and PGP. Infineon Technologies’ smartcards, security tokens, and secure hardware chips produced since 2012 use the affected code library. Successful exploitation of this vulnerability results in an attacker being able to derive a private key from the public key, using prime factorization, within a practical time frame.

This vulnerability does not affect the RSA encryption algorithm itself, and only affects the implementation of the RSA encryption by Infineon Technologies.

This vulnerability also affects Estonian ID cards that were issued after 16th October 2014. With the updated packages the user is able to update his/her certificates and continue using the online services that require ID card.

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-153
https://www.politsei.ee/en/uudised/uudis.dot?id=785151
========================

Updated packages in core/updates_testing:
========================
lib(64)smm-local3-0.15.0-2.1.mga6
lib(64)opensc3-0.15.0-2.1.mga6
opensc-0.15.0-2.1.mga6
lib(64)digidocpp1-3.13.2-1.mga6
libdigidocpp-3.13.2-1.mga6
qdigidoc-3.13.3-1.mga6
qdigidoc-nautilus-3.13.3-1.mga6
qesteidutil-3.12.7-2.mga6
chrome-token-signing-1.0.6-1.mga6
task-esteid-3.13.3-1.mga6


Source RPMs:
opensc-0.15.0-2.1.mga6.src.rpm
libdigidocpp-3.13.2-1.mga6.src.rpm
qdigidoc-3.13.3-1.mga6.src.rpm
qesteidutil-3.12.7-2.mga6.src.rpm
chrome-token-signing-1.0.6-1.mga6.src.rpm
task-esteid-3.13.3-1.mga6.src.rpm
Comment 1 Jüri Ivask 2017-10-27 10:01:13 CEST 
Mageia 6 64bit:
Enabled /core/updates/testing repository and updated the above packages.

Started qesteidutil application. My ID card was correctly detected and offered a certificate upgrade. The upgrade process went without any problems and the certificates were upgraded successfully.

Started qdigidoc application. Was able to open existing ddoc and bdoc digitally signed document containers and sign digitally a new document.

Started Firefox and was able using my ID card to log in my internet bank account with PIN1 and to sign digitally the money transfer with PIN2.

Mageia 6 32bit:
Similar results

So - according to my brief testing the above update seems to be OK and ready for promoting to /core/updates repository

CC: (none) => jyri2000

Sander Lepik 2017-10-28 11:40:46 CEST

Whiteboard: (none) => MGA6-32-OK MGA6-64-OK
Keywords: (none) => advisory

Sander Lepik 2017-10-28 11:45:39 CEST

QA Contact: (none) => security
Component: RPM Packages => Security

Comment 2 David Walser 2017-10-28 12:39:59 CEST 
I'm pretty sure you typoed the CVE.
Comment 3 Sander Lepik 2017-10-28 14:52:41 CEST 
(In reply to David Walser from comment #2)
> I'm pretty sure you typoed the CVE.

Indeed :) It's missing 2 numbers.

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15361 is the correct one.
Comment 4 Lewis Smith 2017-10-29 20:47:31 CET 
Thanks you Sander for all your work on this, and Jüri for testing it.

@Sander: The 'advisory' keyword is set when the advisory is created & uploaded, not when it is added as a comment to the bug.

Keywords: (none) => validated_update
CC: (none) => lewyssmith, sysadmin-bugs

Comment 5 Sander Lepik 2017-10-29 20:49:13 CET 
(In reply to Lewis Smith from comment #4)
> @Sander: The 'advisory' keyword is set when the advisory is created &
> uploaded, not when it is added as a comment to the bug.

Thanks for the info. And for validating the update :)
Comment 6 Sander Lepik 2017-10-30 11:30:00 CET 
Hi, sysadmins. I can see that some updates have been pushed but opensc is still missing. Without that update the new certificates won't work. Please push this one too =)
Comment 7 Mageia Robot 2017-10-30 20:24:17 CET 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2017-0395.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED