diff options
author | Jason A. Donenfeld | 2018-07-14 03:32:00 +0200 |
---|---|---|
committer | Jason A. Donenfeld | 2018-07-14 03:33:56 +0200 |
commit | c3b5b5f648d953307672a4b30e9222787668f708 (patch) | |
tree | 6b2179805885fe812fddc8d54d8e8fd5ee4f6292 | |
parent | Bump version. (diff) | |
download | cgit-c3b5b5f648d953307672a4b30e9222787668f708.tar.gz cgit-c3b5b5f648d953307672a4b30e9222787668f708.zip |
auth-filters: do not use HMAC-SHA1
Though SHA1 is broken, HMAC-SHA1 is still fine. But let's not push our luck; SHA256 is more sensible anyway. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
-rw-r--r-- | filters/gentoo-ldap-authentication.lua | 4 | ||||
-rw-r--r-- | filters/simple-authentication.lua | 4 |
2 files changed, 4 insertions, 4 deletions
diff --git a/filters/gentoo-ldap-authentication.lua b/filters/gentoo-ldap-authentication.lua index 6d8eb3e..c1e382f 100644 --- a/filters/gentoo-ldap-authentication.lua +++ b/filters/gentoo-ldap-authentication.lua | |||
@@ -271,7 +271,7 @@ function validate_value(expected_field, cookie) | |||
271 | end | 271 | end |
272 | 272 | ||
273 | -- Lua hashes strings, so these comparisons are time invariant. | 273 | -- Lua hashes strings, so these comparisons are time invariant. |
274 | if hmac ~= crypto.hmac.digest("sha1", field .. "|" .. value .. "|" .. tostring(expiration) .. "|" .. salt, secret) then | 274 | if hmac ~= crypto.hmac.digest("sha256", field .. "|" .. value .. "|" .. tostring(expiration) .. "|" .. salt, secret) then |
275 | return nil | 275 | return nil |
276 | end | 276 | end |
277 | 277 | ||
@@ -296,7 +296,7 @@ function secure_value(field, value, expiration) | |||
296 | value = url_encode(value) | 296 | value = url_encode(value) |
297 | field = url_encode(field) | 297 | field = url_encode(field) |
298 | authstr = field .. "|" .. value .. "|" .. tostring(expiration) .. "|" .. salt | 298 | authstr = field .. "|" .. value .. "|" .. tostring(expiration) .. "|" .. salt |
299 | authstr = authstr .. "|" .. crypto.hmac.digest("sha1", authstr, secret) | 299 | authstr = authstr .. "|" .. crypto.hmac.digest("sha256", authstr, secret) |
300 | return authstr | 300 | return authstr |
301 | end | 301 | end |
302 | 302 | ||
diff --git a/filters/simple-authentication.lua b/filters/simple-authentication.lua index de34d09..596c041 100644 --- a/filters/simple-authentication.lua +++ b/filters/simple-authentication.lua | |||
@@ -231,7 +231,7 @@ function validate_value(expected_field, cookie) | |||
231 | end | 231 | end |
232 | 232 | ||
233 | -- Lua hashes strings, so these comparisons are time invariant. | 233 | -- Lua hashes strings, so these comparisons are time invariant. |
234 | if hmac ~= crypto.hmac.digest("sha1", field .. "|" .. value .. "|" .. tostring(expiration) .. "|" .. salt, secret) then | 234 | if hmac ~= crypto.hmac.digest("sha256", field .. "|" .. value .. "|" .. tostring(expiration) .. "|" .. salt, secret) then |
235 | return nil | 235 | return nil |
236 | end | 236 | end |
237 | 237 | ||
@@ -256,7 +256,7 @@ function secure_value(field, value, expiration) | |||
256 | value = url_encode(value) | 256 | value = url_encode(value) |
257 | field = url_encode(field) | 257 | field = url_encode(field) |
258 | authstr = field .. "|" .. value .. "|" .. tostring(expiration) .. "|" .. salt | 258 | authstr = field .. "|" .. value .. "|" .. tostring(expiration) .. "|" .. salt |
259 | authstr = authstr .. "|" .. crypto.hmac.digest("sha1", authstr, secret) | 259 | authstr = authstr .. "|" .. crypto.hmac.digest("sha256", authstr, secret) |
260 | return authstr | 260 | return authstr |
261 | end | 261 | end |
262 | 262 | ||