New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Security] Add configuration for Argon2i encryption #26175

Merged
merged 1 commit into from Feb 20, 2018

Conversation

Projects
None yet
6 participants
@CoalaJoe
Contributor

CoalaJoe commented Feb 14, 2018

Q A
Branch? master
Bug fix? no
New feature? yes
BC breaks? no
Deprecations? no
Tests pass? yes
Fixed tickets #26174
License MIT
Doc PR #9300

Feedback?

Current situation: Configuration only applies if argon2i is natively supported.

@CoalaJoe CoalaJoe changed the base branch from 4.0 to master Feb 14, 2018

@nicolas-grekas

thanks for working on this
would you mind adding some tests please?

/**
* Argon2iPasswordEncoder constructor.
*
* @param int $memoryCost

This comment has been minimized.

@nicolas-grekas

nicolas-grekas Feb 14, 2018

Member

since this is for PHP 7.1, you can move the types to the constructor's signature, and remove the docblock altogether.

{
if (\defined('PASSWORD_ARGON2I')) {
$this->config = array(
'memory_cost' => $memoryCost ?: PASSWORD_ARGON2_DEFAULT_MEMORY_COST,

This comment has been minimized.

@nicolas-grekas

nicolas-grekas Feb 14, 2018

Member

?? instead of ?: (same below)

@CoalaJoe

This comment has been minimized.

Contributor

CoalaJoe commented Feb 14, 2018

@nicolas-grekas Ready for next review.

@nicolas-grekas nicolas-grekas added this to the 4.1 milestone Feb 14, 2018

@nicolas-grekas

This comment has been minimized.

Member

nicolas-grekas commented Feb 14, 2018

SecurityBundle also needs an update, so that you can configure these settings using yaml.
See src/Symfony/Bundle/SecurityBundle/DependencyInjection/MainConfiguration.php
and src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php

$this->config = array(
'memory_cost' => $memoryCost ?? PASSWORD_ARGON2_DEFAULT_MEMORY_COST,
'time_cost' => $timeCost ?? PASSWORD_ARGON2_DEFAULT_TIME_COST,
'threads' => $threads ?? PASSWORD_ARGON2_DEFAULT_THREADS,

This comment has been minimized.

@stof

stof Feb 14, 2018

Member

we could fully-qualify these constants though (as we do in encodePasswordNative)

@stof

This comment has been minimized.

Member

stof commented Feb 14, 2018

is it possible to support this config when using ext-sodium on older versions too ?

@CoalaJoe

This comment has been minimized.

Contributor

CoalaJoe commented Feb 15, 2018

@stof There are $opslimit and $memlimit in crypto_pwhash_str(). But there seems to be no way of using multiple threads.

I can't say how these 2 parameters are related to time_cost and memory_cost because they have not been documented on php.net yet. (https://secure.php.net/manual/en/function.sodium-crypto-pwhash-str.php)

@@ -385,6 +385,9 @@ private function addEncodersSection(ArrayNodeDefinition $rootNode)
->max(31)
->defaultValue(13)
->end()
->integerNode('memory_cost')->setDefaultValue(1024)->end()

This comment has been minimized.

@nicolas-grekas

nicolas-grekas Feb 15, 2018

Member

defaultNull instead?

This comment has been minimized.

@CoalaJoe

CoalaJoe Feb 15, 2018

Contributor

You are right. Fixed it.

@CoalaJoe

This comment has been minimized.

Contributor

CoalaJoe commented Feb 15, 2018

  • Add this note to the documentation later?

As Argon2 doesn't have any “bad” values, however consuming more resources is considered better than consuming less. Users are encouraged to adjust the cost factors for the platform they're developing for.
From the RFC

@chalasr

Should it throw when configuring these options while they aren't supported?

public function __construct(int $memoryCost = null, int $timeCost = null, int $threads = null)
{
if (\defined('PASSWORD_ARGON2I')) {

This comment has been minimized.

@chalasr

chalasr Feb 16, 2018

Member

these options are used in encodePasswordNative only which is restricted to php 7.2+, we should probably have the same check here

*/
class Argon2iPasswordEncoder extends BasePasswordEncoder implements SelfSaltingEncoderInterface
{
private $config;

This comment has been minimized.

@nicolas-grekas

nicolas-grekas Feb 18, 2018

Member

the default value should be array(), otherwise password_hash($raw, \PASSWORD_ARGON2I, $this->config); will throw a warning
this should cover @chalasr's comment below

This comment has been minimized.

@CoalaJoe

CoalaJoe Feb 19, 2018

Contributor

Thanks. Done.

@nicolas-grekas nicolas-grekas changed the title from Feature/#26174 argon2i configuration to [Security] Add configuration for Argon2i encryption Feb 19, 2018

@nicolas-grekas

This comment has been minimized.

Member

nicolas-grekas commented Feb 19, 2018

almost there, tests should be updated (see failures)

@CoalaJoe

This comment has been minimized.

Contributor

CoalaJoe commented Feb 20, 2018

@nicolas-grekas The tests should now run successfully. But the runners fail on installing the libsodium extension. Do you know why?

@nicolas-grekas

failures related to pecl.php.net being down today

@nicolas-grekas

oups sorry I voted too fast: the test suite should still pass when the libsodium is not installed, by skipping the cases that require the extension

@nicolas-grekas

This comment has been minimized.

Member

nicolas-grekas commented Feb 20, 2018

I suppose you'll need to split the new functional tests in dedicated test methods, and add them the @requires extension libsodium annotation.

@fabpot

fabpot approved these changes Feb 20, 2018

@fabpot

This comment has been minimized.

Member

fabpot commented Feb 20, 2018

Thank you @CoalaJoe.

@fabpot fabpot merged commit 1300fec into symfony:master Feb 20, 2018

2 of 3 checks passed

continuous-integration/travis-ci/pr The Travis CI build could not complete due to an error
Details
continuous-integration/appveyor/pr AppVeyor build succeeded
Details
fabbot.io Your code looks good.
Details

fabpot added a commit that referenced this pull request Feb 20, 2018

feature #26175 [Security] Add configuration for Argon2i encryption (C…
…oalaJoe)

This PR was merged into the 4.1-dev branch.

Discussion
----------

[Security] Add configuration for Argon2i encryption

| Q             | A
| ------------- | ---
| Branch?       | master
| Bug fix?      | no
| New feature?  | yes
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | #26174
| License       | MIT
| Doc PR        | [#9300](symfony/symfony-docs#9300)

Feedback?

Current situation: Configuration only applies if argon2i is natively supported.

Commits
-------

1300fec [Security] Add configuration for Argon2i encryption

javiereguiluz added a commit to symfony/symfony-docs that referenced this pull request Mar 1, 2018

minor #9300 Update configuration for argon2i encoder (CoalaJoe)
This PR was merged into the master branch.

Discussion
----------

Update configuration for argon2i encoder

From: symfony/symfony#26175

Commits
-------

a3e9bf2 Update configuration for argon2i encoder

@fabpot fabpot referenced this pull request May 7, 2018

Merged

Release v4.1.0-BETA1 #27181

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment