Permalink
Browse files

[Experimental] switch Crypt to use Sodium encryption

NOTE: This requires PHP7.2, the libsodium PECL extension, or the
ParagonIE sodium-compat package!
NOTE: This has not been properly tested yet! Upgrade on your own risk!
NOTE: If you have Crypt in use, it will automatically decrypt using the
old mechanism, and crypt using the new one, retaining BC. However, since
the new encrypted results are quite a bit longer, you may have issues
when you store encrypted results in fixed-length fields, for example
database columns.
NOTE: There will be gremlins!

For those who want to test, feedback is highly appreciated.
  • Loading branch information...
WanWizard committed Apr 16, 2018
1 parent 6ece946 commit 59112c96d0a6f2b0ead6a57edd8ac465678bdcb0
Showing with 793 additions and 62 deletions.
  1. +350 −55 classes/crypt.php
  2. +433 −0 vendor/paragonie.php
  3. +10 −7 views/errors/crypt_keys.php
Oops, something went wrong.

6 comments on commit 59112c9

@it-can

This comment has been minimized.

Contributor

it-can replied Apr 17, 2018

Can you make this change optional?

@WanWizard

This comment has been minimized.

Member

WanWizard replied Apr 17, 2018

No. This adresses a huge security issue (the current encryption can be broken in seconds with the correct tools).

What is your use-case?

@it-can

This comment has been minimized.

Contributor

it-can replied Apr 17, 2018

I am using develop on my apps, and this will break it, will check if I use the Crypt class in my apps...

@WanWizard

This comment has been minimized.

Member

WanWizard replied Apr 17, 2018

If shouldn't. If it detects a string encrypted with the old method, it will automatically use legacy_decode() and convert it to the new encryption when saved again.

The only challenge you may have is a storage problem. Since the new encryption uses longer keys, plus a random salt and a random nonce, the encrypted result is about 120 bytes longer.

We're using develop on our apps too, I'm planning to migrate the first today, so then we'll know.

@WanWizard

This comment has been minimized.

Member

WanWizard replied Apr 17, 2018

Just updated the first app. When without a hitch, the encrypted session cookie was converted without the loss of the session, transparent for the enduser.

@WanWizard

This comment has been minimized.

Member

WanWizard replied Apr 17, 2018

Also tested the pecl-libsodium extension (ext-libsodium), works fine too. I don't have PHP 7.2 handy at the moment, which has sodium support built-in, and doesn't need the sodium-compat composer package.

Please sign in to comment.