Skip to content

Commit

Permalink
[Experimental] switch Crypt to use Sodium encryption
Browse files Browse the repository at this point in the history 
NOTE: This requires PHP7.2, the libsodium PECL extension, or the
ParagonIE sodium-compat package!
NOTE: This has not been properly tested yet! Upgrade on your own risk!
NOTE: If you have Crypt in use, it will automatically decrypt using the
old mechanism, and crypt using the new one, retaining BC. However, since
the new encrypted results are quite a bit longer, you may have issues
when you store encrypted results in fixed-length fields, for example
database columns.
NOTE: There will be gremlins!

For those who want to test, feedback is highly appreciated.
  • Loading branch information
@WanWizard
WanWizard committed Apr 16, 2018
1 parent 6ece946 commit 59112c9
Show file tree
Hide file tree
Showing 3 changed files with 793 additions and 62 deletions.

6 comments on commit 59112c9

@it-can
Copy link
Contributor

@it-can it-can commented on 59112c9 Apr 17, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you make this change optional?

@WanWizard
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No. This adresses a huge security issue (the current encryption can be broken in seconds with the correct tools).

What is your use-case?

@it-can
Copy link
Contributor

@it-can it-can commented on 59112c9 Apr 17, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I am using develop on my apps, and this will break it, will check if I use the Crypt class in my apps...

@WanWizard
Copy link
Member Author

@WanWizard WanWizard commented on 59112c9 Apr 17, 2018
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If shouldn't. If it detects a string encrypted with the old method, it will automatically use legacy_decode() and convert it to the new encryption when saved again.

The only challenge you may have is a storage problem. Since the new encryption uses longer keys, plus a random salt and a random nonce, the encrypted result is about 120 bytes longer.

We're using develop on our apps too, I'm planning to migrate the first today, so then we'll know.

@WanWizard
Copy link
Member Author

@WanWizard WanWizard commented on 59112c9 Apr 17, 2018
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just updated the first app. When without a hitch, the encrypted session cookie was converted without the loss of the session, transparent for the enduser.

@WanWizard
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also tested the pecl-libsodium extension (ext-libsodium), works fine too. I don't have PHP 7.2 handy at the moment, which has sodium support built-in, and doesn't need the sodium-compat composer package.

Please sign in to comment.