CVE-2015-3298

Vulnerability

The bug is a typo in the first line of the computeDigitalSignature, decipher, and internalAuthenticate methods in ykneo-openpgp. This typo causes the PIN (PW1) validation to be bypassed, allowing security operations without correct PIN entry. The affected versions are all prior to 1.0.10 [1].

Exploitation

An attacker needs local host access or physical proximity (e.g., via NFC) to exploit this flaw. With the typo, the attacker can perform operations such as digital signatures without entering the correct user PIN. The attack can be conducted after the user has legitimately used the device, potentially by intercepting PIN communication [1].

Impact

Successful exploitation allows an attacker to generate signatures or perform other OpenPGP operations without proper PIN authentication. This compromises the security of cryptographic operations, though the private key itself remains protected. The attacker gains the ability to use the key for signing and decryption without authorization [1].

Mitigation

The issue is fixed in version 1.0.10. Users should upgrade to this version or later. In scenarios where physical access to the device has occurred, the conservative approach is to treat the key as potentially compromised and revoke it. The private key is not at risk, but PIN-based access control can be bypassed [1].