1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-14 02:42:40 +01:00
phorge-phorge/src/applications/auth
epriestley d450a08890 Support HMAC+SHA256 with automatic key generation and management
Summary:
Ref T12509. This adds support for HMAC+SHA256 (instead of HMAC+SHA1). Although HMAC+SHA1 is not currently broken in any sense, SHA1 has a well-known collision and it's good to look at moving away from HMAC+SHA1.

The new mechanism also automatically generates and stores HMAC keys.

Currently, HMAC keys largely use a per-install constant defined in `security.hmac-key`. In theory this can be changed, but in practice essentially no install changes it.

We generally (in fact, always, I think?) don't use HMAC digests in a way where it matters that this key is well-known, but it's slightly better if this key is unique per class of use cases. Principally, if use cases have unique HMAC keys they are generally less vulnerable to precomputation attacks where an attacker might generate a large number of HMAC hashes of well-known values and use them in a nefarious way. The actual threat here is probably close to nonexistent, but we can harden against it without much extra effort.

Beyond that, this isn't something users should really have to think about or bother configuring.

Test Plan:
  - Added unit tests.
  - Used `bin/files integrity` to verify, strip, and recompute hashes.
  - Tampered with a generated HMAC key, verified it invalidated hashes.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12509

Differential Revision: https://secure.phabricator.com/D17630
2017-04-06 15:42:59 -07:00
..
action Rate limit multi-factor actions 2014-04-30 14:30:31 -07:00
application Add ViewController and SearchEngine for SSH Public Keys 2016-05-19 09:48:46 -07:00
capability Auth - add "manage providers" capability 2015-01-12 14:37:58 -08:00
conduit Deactivate SSH keys instead of destroying them completely 2016-05-18 14:54:28 -07:00
constants Support invites in the registration and login flow 2015-02-11 06:06:28 -08:00
controller Remove PhabricatorFile::buildFromFileDataOrHash() 2017-04-04 16:18:00 -07:00
data Add session and request hooks to PhabricatorAuthSessionEngine 2016-11-17 13:09:29 -08:00
editor Cache generation of the SSH authentication keyfile for sshd 2016-10-21 07:29:40 -07:00
engine Add session and request hooks to PhabricatorAuthSessionEngine 2016-11-17 13:09:29 -08:00
exception Add email invites to Phabricator (logic only) 2015-02-09 16:12:36 -08:00
extension Move Favorites and User menus to MenuBarExtensions 2017-01-21 08:50:08 -08:00
factor Use numeric input control for TOTP factor entry 2016-07-26 04:47:02 -07:00
garbagecollector Provide bin/garbage for interacting with garbage collection 2015-10-02 09:17:24 -07:00
guidance Add a bunch of Phacility-specific code to the upstream, thinly veiled as generic code 2016-11-15 09:11:22 -08:00
handler Modularize generation of supplemental login messages 2015-09-04 10:34:39 -07:00
mail Send forced mail on SSH key edits 2016-05-19 15:01:25 -07:00
management Provide "bin/auth revoke" with a revoker for Conduit tokens 2017-03-03 14:38:55 -08:00
phid Fix an issue with AuthProviderConfig handles 2016-06-16 06:04:43 -07:00
provider Remove the Persona login method 2016-12-05 15:57:15 -08:00
query Reduce application search engine results list for Dashboards 2017-02-22 12:42:43 -08:00
revoker Provide "bin/auth revoke" with a revoker for Conduit tokens 2017-03-03 14:38:55 -08:00
sshkey Send forced mail on SSH key edits 2016-05-19 15:01:25 -07:00
storage Support HMAC+SHA256 with automatic key generation and management 2017-04-06 15:42:59 -07:00
tokentype Redesign Config Application 2016-08-29 15:49:49 -07:00
view Add ViewController and SearchEngine for SSH Public Keys 2016-05-19 09:48:46 -07:00
worker Send emails for email invites 2015-02-11 06:06:09 -08:00