Skip to content

Security: unityaisolutions/openssl-web-js

Security

docs/SECURITY.md

Security Considerations for OpenSSL-WASM-JS

This document outlines important security considerations when using OpenSSL-WASM-JS in web applications.

Table of Contents

Overview

OpenSSL-WASM-JS provides cryptographic functionality in web browsers through WebAssembly. While this enables powerful cryptographic operations directly in the browser, it also introduces specific security considerations that developers should be aware of.

WebAssembly Security Model

WebAssembly runs in a sandboxed environment within the browser with the following security properties:

  1. Memory Isolation: WebAssembly modules have their own linear memory that is not directly accessible from JavaScript without explicit exports.

  2. No Direct System Access: WebAssembly code cannot directly access the file system, network, or other system resources.

  3. Same-Origin Policy: WebAssembly modules are subject to the same-origin policy enforced by browsers.

  4. Deterministic Execution: WebAssembly execution is deterministic, which helps prevent certain types of side-channel attacks.

However, WebAssembly is not immune to all security concerns:

  1. Side-Channel Attacks: Timing attacks may still be possible depending on the implementation.

  2. Memory Safety: While WebAssembly provides memory isolation from the host, memory safety within the WebAssembly module depends on the compiled code.

Cryptographic Considerations

Random Number Generation

In a browser environment, secure random number generation is critical for cryptographic operations. OpenSSL-WASM-JS addresses this by:

  1. Using the browser's cryptographically secure random number generator (crypto.getRandomValues()) when available.

  2. Falling back to OpenSSL's RAND functions, which have been patched to work in the WebAssembly environment.

Key Management

Browser environments present unique challenges for key management:

  1. Storage: Private keys stored in browser storage (localStorage, IndexedDB) are vulnerable if the device is compromised.

  2. Memory Exposure: Keys in memory might be exposed through browser memory dumps or if the page is cached.

  3. Cross-Origin Risks: Ensure cryptographic operations are performed in a secure context to prevent cross-origin attacks.

Browser Environment Limitations

The browser environment imposes several limitations on cryptographic operations:

  1. No Access to System Entropy Sources: Unlike native OpenSSL, the WebAssembly version cannot access system entropy sources like /dev/urandom.

  2. Performance Constraints: Cryptographic operations may be slower in WebAssembly compared to native code.

  3. Feature Limitations: Some OpenSSL features that depend on system resources (like hardware acceleration) are not available.

Best Practices

When using OpenSSL-WASM-JS in your applications:

General Security

  1. Always Use HTTPS: Ensure your application is served over HTTPS to prevent man-in-the-middle attacks.

  2. Content Security Policy: Implement a strict Content Security Policy to prevent XSS attacks that could compromise cryptographic operations.

  3. Subresource Integrity: Use Subresource Integrity (SRI) when loading the library from a CDN.

Cryptographic Operations

  1. Key Generation: Generate keys with sufficient entropy and appropriate key lengths.

  2. Secure Key Storage: Consider using the Web Crypto API's CryptoKey objects with non-extractable set to true for sensitive keys.

  3. Ephemeral Keys: Use ephemeral keys when possible and avoid storing private keys in browser storage.

  4. Salt and IV Management: Always use unique salts and initialization vectors for each encryption operation.

Code Examples

Secure key generation:

// Generate a secure AES-256 key
const key = openssl.randomBytes(32);

// Use the key for encryption
const encrypted = openssl.aesEncrypt(data, key, iv);

Proper IV handling:

// Generate a unique IV for each encryption
const iv = openssl.randomBytes(16);

// Store the IV with the ciphertext (it doesn't need to be secret)
const encrypted = openssl.aesEncrypt(data, key, iv);
const result = {
  iv: openssl.toHex(iv),
  ciphertext: openssl.toHex(encrypted)
};

Known Limitations

OpenSSL-WASM-JS has the following security limitations:

  1. No Hardware Security Module Support: Cannot interface with HSMs or secure enclaves.

  2. Limited Protection Against Side-Channel Attacks: The WebAssembly environment may not fully protect against timing attacks or other side-channel vulnerabilities.

  3. Memory Management: WebAssembly memory is subject to garbage collection by the browser, which may leave sensitive data in memory longer than necessary.

Reporting Security Issues

If you discover a security vulnerability in OpenSSL-WASM-JS, please follow these steps:

  1. Do Not Disclose Publicly: Please do not disclose the issue publicly until it has been addressed.

  2. Contact the Maintainers: Send an email to security@example.com with details of the vulnerability.

  3. Provide Details: Include steps to reproduce, potential impact, and any suggested mitigations.

We take security issues seriously and will respond as quickly as possible.

There aren’t any published security advisories