Skip to content

[Security] Login link: Encrypt username #39275

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
Nyholm wants to merge 23 commits into from
Closed

[Security] Login link: Encrypt username #39275

Nyholm wants to merge 23 commits into from

Conversation

@Nyholm
Copy link
Member

@Nyholm Nyholm commented Dec 1, 2020
edited
Loading

Q A
Branch? 5.x for features
Bug fix? no
New feature? yes
Deprecations? no
Tickets
License MIT
Doc PR

The current implementation of a "magic link" uses the following query parameters: "hash", "user" and "expires". This is fine but it leaves the username exposed to the world. It could arguable be fine to send an url like this to foo@example.com:

https://app.com/magic?user=foo@example.com&expires=123&hash=xxxxxx

However, if the UserInterface::getUsername() does not return an email, but an other id, like a auth0 id. Im not sure it is a good idea to show publicly.

This PR uses sodium to do a symmetric encryption of the username.

Potential improvements:

  • Make this opt-in or opt-out
  • Move the logic to a new class
  • Use sodium to encrypt the hash or the full query string

@nicolas-grekas
Copy link
Member

nicolas-grekas commented Dec 1, 2020

Do we need to provide a layer that accepts the old links?

@chalasr chalasr added this to the 5.x milestone Dec 2, 2020
@inmarelibero inmarelibero mentioned this pull request Dec 4, 2020
Merged
@inmarelibero
Copy link
Contributor

inmarelibero commented Dec 4, 2020
edited
Loading

hi @Nyholm I was reviewing your PR and found a couple of potencial bugs and I took the liberty to propose you a PR on your repo, you can find it at Nyholm#10

for me anyway, +1 to use Sodium to encrypt the full query string, in order to have links like login_check?code=[encrypted JSON of user, has, expiration, etc...]

@Nyholm
Copy link
Member Author

Nyholm commented Dec 4, 2020

Thank you. I agree with your changes.

I'll do some more work on this PR to make sure we can do this change and still keep BC.

@inmarelibero
Copy link
Contributor

inmarelibero commented Dec 4, 2020

@Nyholm glad I helped in some way :) I'm looking into the tests, because it should have been caught I guess.

Feel free to ping me if you want me to do something

@Nyholm
Copy link
Member Author

Nyholm commented Dec 4, 2020

Give me 30 minutes to push some new changes. I would be happy to hear your opinions about them.

inmarelibero
inmarelibero reviewed Dec 4, 2020
View reviewed changes
@inmarelibero
Copy link
Contributor

inmarelibero commented Dec 4, 2020

@Nyholm it's taking shape, let me know if you want to delegate implementing tests, cheers

OskarStark
OskarStark reviewed Dec 5, 2020
View reviewed changes
@Nyholm Nyholm mentioned this pull request Dec 5, 2020
Closed
Nyholm
Nyholm commented Dec 6, 2020
View reviewed changes
src/Symfony/Component/Security/Http/LoginLink/LoginLinkHandler.php
Comment on lines +150 to +154
// TODO make sure we dont use a static salt.
// TODO store salt some how between requests
$salt = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f";

return KeyFactory::deriveEncryptionKey(new HiddenString($this->secret), $salt, KeyFactory::MODERATE);
Copy link
Member Author

@Nyholm Nyholm Dec 6, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I need help to figure this out. Using a static salt is not a good idea.

The salt also needs to be kept secret. We must store the salt somehow.

Copy link
Contributor

@sstok sstok Dec 9, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As a salt is merely used to prevent that a same value would always produce the same hash/key. Would it make sense to embed with the message? Encryption uses an Initialization Vector for a similar purpose, and that is part of the message as well.

Maybe you can ping the creator behind Halite for some advice?

@Nyholm
Copy link
Member Author

Nyholm commented Dec 6, 2020

I removed all encryption stuff to rely on a third party package instead.

I moved the encryption stuff to #39344

@sstok
Copy link
Contributor

sstok commented Dec 9, 2020
edited
Loading

Do we need to provide a layer that accepts the old links?

I don't think that's a good idea, better to request a new link to than to support an old "insecure" link.

@fabpot fabpot modified the milestones: 5.4, 6.1 Nov 16, 2021
@wouterj
Copy link
Member

wouterj commented Dec 11, 2021

Hi @Nyholm! What is the status here? It seems like it has sort of stalled, although the changes seem to be complete. Is this ready to vote/merge?

@fabpot fabpot modified the milestones: 6.1, 6.2 May 20, 2022
@nicolas-grekas nicolas-grekas modified the milestones: 6.2, 6.3 Nov 5, 2022
@nicolas-grekas nicolas-grekas modified the milestones: 6.3, 6.4 May 23, 2023
@wouterj wouterj closed this Jul 16, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jderusse jderusse jderusse left review comments

@OskarStark OskarStark OskarStark left review comments

@derrabus derrabus derrabus left review comments

@chalasr chalasr Awaiting requested review from chalasr chalasr is a code owner

@wouterj wouterj Awaiting requested review from wouterj

+2 more reviewers

@inmarelibero inmarelibero inmarelibero left review comments

@sstok sstok sstok left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

Feature Security Stalled Status: Needs Review

Projects

None yet

Milestone

6.4

Development

Successfully merging this pull request may close these issues.