A serious cryptographic flaw in a library implemented in the GitKraken client used to generate RSA encryption keys for SSH sessions has led to a cascading series of events that caused GitHub to revoke all of the keys generated by vulnerable versions of GitKraken, as well as by other clients that used the vulnerable library.
The issue (CVE-2021-41117) lies in keypair, an open source library that generates RSA keys for SSH sessions in JavaScript. In versions 1.0.3 and earlier, keypair contained a cryptographic flaw that caused it to generate extremely weak keys. The end result is that those keys could be guessed relatively easily and an attacker could then decrypt sensitive data or gain access to a victim’s account. The vulnerable library was implemented in versions 7.6.x, 7.7.x, 8.0.0 of GitKraken, a tool that organizations use to access various services, including GitHub, GitLab, and others.
“keypair implements a lot of cryptographic primitives on its own or by borrowing from other libraries where possible, including node-forge. An issue was discovered where this library was generating identical RSA keys used in SSH. This would mean that the library is generating identical P, Q (and thus N) values which, in practical terms, is impossible with RSA-2048 keys. Generating identical values, repeatedly, usually indicates an issue with poor random number generation, or poor handling of CSPRNG output,” GitHub Security Lab said in a post on the issue.
“The impact is that each byte in the RNG seed has a 97% chance of being 0 due to incorrect conversion. When it is not, the bytes are 0 through 9.”
"We’ve revoked all keys generated by these vulnerable versions of the GitKraken client that were in use on GitHub.com."
Engineers at Axosoft, which makes GitKraken, discovered the weakness in keypair in late September and notified the developer, Julian Gruber, who wrote an advisory and implemented a fix on Oct. 2. On Monday, GitHub revoked all of the weakly generated keys.
“Today as of 1700 UTC, we’ve revoked all keys generated by these vulnerable versions of the GitKraken client that were in use on GitHub.com, along with other potentially weak keys created by other clients that may have used the same vulnerable dependency. In addition to revoking these keys, we have also implemented protections to prevent vulnerable versions of GitKraken from adding newly-generated weak keys by the older, vulnerable versions of the client in the future,” GitHub CSO Mike Hanley said.
GitHub is notifying all of the account owners directly whose keys are affected by this, but Hanley said that it’s not possible to identify all of the potentially weak keys generated by clients that implemented a vulnerable version of the keypad library. As a result, GitHub recommends that organizations check any SSH keys linked to their GitHub accounts--or any other service that uses a potentially vulnerable key--and rotate any keys that were generated using a vulnerable version of the library.