Several Cryptography Flaws in Magento 2 #5701

Open
paragonie-scott opened this Issue Jul 19, 2016 · 14 comments

Projects

None yet

6 participants

@piotrekkaminski
Contributor
piotrekkaminski commented Jul 19, 2016 edited

Thanks. We are aware of the mcrypt issues and have plans to replace mcrypt with more modern library (phpseclib? libsodium?) pretty soon.

@piotrekkaminski piotrekkaminski self-assigned this Jul 19, 2016
@paragonie-scott

In the initial comment, you said Magento is not encrypting credit card data, but it was edited before I could reply.

I do want to point out, for the record, that Magento does appear to be decrypting credit card data here.

@piotrekkaminski
Contributor

@paragonie-scott to be exact, none of the payment methods included with Magento stores card data.

@paragonie-scott

OK, that's good to know. I hope no plugins are using this for that purpose.

@paragonie-scott

(phpseclib? libsodium?)

Libsodium is available as a PHP extension, so if you can't require your users to install it from PECL, that's probably not an option.

For symmetric-key encryption, you have a few good choices:

Last I checked (which, admittedly, was ages ago, so it could have changed), phpseclib didn't offer a simple and easy-to-use authenticated encryption interface like defuse does. Unauthenticated encryption, though correctly implemented, doesn't fix the sensitivity to CPAs or CCAs.

If you need public-key encryption and/or digital signatures, give EasyRSA a gander. I wrote about its benefits in response to a Drupal thread about implementing automatic security updates.

https://www.drupal.org/node/2367319#comment-11415297

@piotrekkaminski
Contributor

Internal ticket ID MAGETWO-39838

@piotrekkaminski piotrekkaminski added bug and removed improvement labels Aug 24, 2016
@joshspivey

I just ran into this issue on production :/ when do you plan to fix this?

@unfunco
Contributor
unfunco commented Oct 26, 2016

Since ext-openssl is already a requirement of Magento, would it not make more sense to use that instead? PHP 7.1 will be throwing E_DEPRECATED for the use of ext-mcrypt, and it will either be moved to PECL in 7.2 or 8.0. Usage (ignoring vendors) is contained within Framework/Encryption and it shouldn't be too complicated to migrate (code) – migrating existing data might be more involved.

On my PHP 7.0.12 installation, the OpenSSL extension has 190 cipher methods available, it should be suitable without requiring an additional library or extension.

@paragonie-scott

defuse/php-encryption uses OpenSSL, but more importantly it offers simple and easy-to-use authenticated encryption.

You want authenticated encryption.

@unfunco
Contributor
unfunco commented Oct 27, 2016

An easy-to-use abstraction over OpenSSL is fine. For simplicity's sake, I'd rather not have to compile an additional extension or use PECL, which could also be curtains shortly... hence my recommendation of OpenSSL since it's already a requirement, an additional entry in the requires object of my composer.json is a 👍 from me.

@paragonie-scott

Understood.

We are in agreement that OpenSSL is preferable to mcrypt. I just wanted to emphasize the use of a secure abstraction instead of lower-level primitives. :)

@maxbucknell

I just checked my installation of 2.1.2, and the develop branch, and we can see that use of the mcrypt_* is still alive and well:

See Magento\Framework\Encryption\Crypt

<?php

// ....
public function __construct($key, $cipher = MCRYPT_BLOWFISH, $mode = MCRYPT_MODE_ECB, $initVector = false)
{
    $this->_cipher = $cipher;
    $this->_mode = $mode;
    $this->_handle = mcrypt_module_open($cipher, '', $mode, '');
    try {
        $maxKeySize = mcrypt_enc_get_key_size($this->_handle);
    
    // ...

Since it's not reasonably possible to say that PHP 7.1 is supported without this, and given that PHP 7.1 is now out, can we have a status update on this ticket MAGETWO-39838?

@ktomk
Contributor
ktomk commented Dec 4, 2016

For cross-reference: In Magerun 2 we've added PHP 7.1 support now and do see the various reported issues with Magento 2 now as well as they became blatantly obvious. We're tracking this downstream at netz98/n98-magerun2#256.

Issues I could spot so far within the Magento 2 Github Tracker are:

  • #3881 - PHP mcrypt extension to be removed in PHP 7.1
  • #5701 - Several Cryptography Flaws in Magento 2
  • #5880 - Magento 2.1 php7.1 will not be supported due to mcrypt deprecation
  • #7663 - Magento 2.1.x No support for PHP7.1

I suggest to add 7.1 to the Travis build and allow it to fail. That should make it easier to progress and keep track of things.

@ktomk ktomk added a commit to ktomk/magento2 that referenced this issue Dec 6, 2016
@ktomk ktomk Add PHP 7.1 to Travis build
This change is for forward compatibility with PHP 7.1.

Add PHP 7.1 (currently PHP 7.1-RC6 on Travis) to the Travis build. Allow
failures with it as failures are expected.

To get it to work, for PHP 7.1 composer ignores platform requirements.

Refs:

- magento#5701
53e908e
@ktomk
Contributor
ktomk commented Jan 23, 2017

In the light of the recent security report with the remote code execution issue on sending mails (#6146, ZF2016-04), I would suggest Magento to run checks with RIPS which is able to find injection flaws of such kind (e.g. in Roundcube, published Dec 6 2016). Just commenting for reference /cc @piotrekkaminski

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment