Rev 1207 | Rev 1283 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
| Rev 1207 | Rev 1282 | ||
|---|---|---|---|
| Line 2... | Line 2... | ||
| 2 | SERVER_SECRET |
2 | SERVER_SECRET |
| 3 | ============= |
3 | ============= |
| 4 | 4 | ||
| 5 | In the base configuration, you will see something like this: |
5 | In the base configuration, you will see something like this: |
| 6 | 6 | ||
| 7 | OIDplus::baseConfig()->setValue('SERVER_SECRET', '................................'); |
7 | OIDplus::baseConfig()->setValue("SERVER_SECRET", "................................"); |
| 8 | 8 | ||
| 9 | This value is chosen randomly by the configuration file generator (setup). |
9 | This value is chosen randomly by the configuration file generator (setup). |
| 10 | 10 | ||
| 11 | Where is SERVER_SECRET being used? |
11 | Derivation of secrets and auth keys |
| 12 | ---------------------------------- |
12 | ----------------------------------- |
| 13 | 13 | ||
| - | 14 | Important: The usage of `OIDplus::baseConfig()->getValue("SERVER_SECRET")` |
|
| - | 15 | is deprecated due to security considerations. |
|
| - | 16 | ||
| - | 17 | Instead, please always use `OIDplus::authUtils()->makeSecret()` |
|
| - | 18 | with a unique `$data` argument (prefer a GUID) |
|
| - | 19 | if you need a secret that is derived from the server secret. |
|
| - | 20 | ||
| - | 21 | If you want to generate an authentication key (e.g. to send via an email), |
|
| - | 22 | use `OIDplus::authUtils()->makeAuthKey()` |
|
| - | 23 | with a unique `$data` argument (prefer a GUID) |
|
| - | 24 | in combination with `OIDplus::authUtils()->validateAuthKey()`. |
|
| - | 25 | This auth key is NOT temporary by default so you need to make sure |
|
| - | 26 | that you encode a timestamp in it. |
|
| - | 27 | ||
| - | 28 | Implementation |
|
| - | 29 | -------------- |
|
| - | 30 | ||
| - | 31 | `makeAuthKey(data) = makeSecret(data) = sha3_512_hmac(data, "OIDplus:" + SERVER_SECRET)` |
|
| - | 32 | ||
| - | 33 | Currently, the implementation of `makeAuthKey` and `makeSecret` |
|
| - | 34 | is the same, but you should only use `makeAuthKey` |
|
| - | 35 | if you combine it with `validateAuthKey`, otherwise, you |
|
| - | 36 | should use `makeSecret`. This makes the code easier to understand. |
|
| - | 37 | ||
| - | 38 | Where are makeAuthKey and makeSecret being used? |
|
| - | 39 | ------------------------------------------------ |
|
| - | 40 | ||
| 14 | System: |
41 | System / Core: |
| 15 | - Auth content Store (OIDplusAuthContentStoreJWT.class.php): |
42 | - Auth content Store (OIDplusAuthContentStoreJWT.class.php): |
| 16 | Key to sign JWT tokens (used for Automated AJAX requests and logins with "Remember me") using PBKDF2+HMAC |
43 | Key to sign JWT tokens (used for Automated AJAX requests, REST API and logins with "Remember me") using PBKDF2+HMAC |
| 17 | (ONLY if the server does not have a Public/Private key pair!) |
44 | * If a private/public key pair exists: Sign the JWT using that private key. |
| - | 45 | * Otherwise sign it with: |
|
| 18 | `JWT = HS512(hash_pbkdf2('sha512', SERVER_SECRET+"/OIDplusAuthContentStoreJWT", '', 10000, 64/*256bit*/, false))` |
46 | `JWT = HS512(hash_pbkdf2("sha512", OIDplus::authUtils()->makeSecret("0be35e52-f4ef-11ed-b67e-3c4a92df8582"), "", 10000, 64/*256bit*/, false))` |
| 19 | - Session Handler (OIDplusSessionHandler.class.php): |
47 | - Session Handler (OIDplusSessionHandler.class.php): |
| 20 | Encryption of session contents (regular logins) |
48 | Encryption of session contents (regular logins) |
| 21 | if OpenSSL is installed: sha512-pbkdf2 + AES-256-CBC + sha3-512-hmac |
49 | * if OpenSSL is installed: sha512-pbkdf2 + AES-256-CBC + sha3-512-hmac |
| 22 | if OpenSSL is not installed: sha3-512-hmac |
50 | * if OpenSSL is not installed: sha3-512-hmac |
| 23 | - Auth utils: Generation of auth keys |
51 | * In both cases, the key is `OIDplus::authUtils()->makeSecret("b118abc8-f4ec-11ed-86ca-3c4a92df8582")`. |
| - | 52 | ||
| 24 | `makeAuthKey(data) = sha3_512_hmac(data, "authkey:"+SERVER_SECRET);` |
53 | Temporary auth keys (sent via email etc.): |
| 25 | used at plugin forgot RA password (public/091): |
54 | * used at plugin forgot RA password (public/091): |
| 26 | `makeAuthKey("reset_password;" + email + ";" + timestamp) |
55 | `makeAuthKey("93a16dbe-f4fb-11ed-b67e-3c4a92df8582:" + email + "/" + timestamp)` |
| 27 | = sha3_512_hmac("reset_password;" + email + ";" + timestamp, "authkey:"+SERVER_SECRET);` |
- | |
| 28 | used at plugin ViaThinkSoft FreeOID activation (public/200): |
56 | * used at plugin ViaThinkSoft FreeOID activation (public/200): |
| 29 | `makeAuthKey("com.viathinksoft.freeoid.activate_freeoid;" + email + ";" + timestamp) |
57 | `makeAuthKey("40c87e20-f4fb-11ed-86ca-3c4a92df8582:" + email + "/" + timestamp)` |
| 30 | = sha3_512_hmac("com.viathinksoft.freeoid.activate_freeoid;" + email + ";" + timestamp, "authkey:"+SERVER_SECRET);` |
- | |
| 31 | used at plugin invite RA (ra/092): |
58 | * used at plugin invite RA (ra/092): |
| 32 | `makeAuthKey("activate_ra;" + email + ";" + timestamp) |
59 | `makeAuthKey("ed840c3e-f4fa-11ed-b67e-3c4a92df8582:" + email + "/" + timestamp)` |
| 33 | = sha3_512_hmac("activate_ra;" + email + ";" + timestamp, "authkey:"+SERVER_SECRET);` |
- | |
| 34 | used at plugin change RA email (ra/102): |
60 | * used at plugin change RA email (ra/102): |
| 35 | `makeAuthKey("activate_new_ra_email;" + old_email + ";" + new_email + ";" + timestamp) |
61 | `makeAuthKey("5ef24124-f4fb-11ed-b67e-3c4a92df8582:" + old_email + "/" + new_email + "/" + timestamp)` |
| 36 | = sha3_512_hmac("activate_new_ra_email;" + old_email + ";" + new_email + ";" + timestamp, "authkey:"+SERVER_SECRET);` |
- | |
| 37 | 62 | ||
| 38 | Plugin WHOIS (public/100): |
63 | Plugin OID-IP (public/100): |
| 39 | - Authentication token for hidden OIDs = `smallhash(SERVER_SECRET + "/WHOIS/" + id);` |
64 | - Authentication token for hidden OIDs = `smallhash(OIDplus::authUtils()->makeSecret("d8f44c7c-f4e9-11ed-86ca-3c4a92df8582:" + id))` |
| 40 | 65 | ||
| 41 | Plugin VNag version check (admin/901): |
66 | Plugin VNag version check (admin/901): |
| 42 | - Webreader password = `sha3_512(SERVER_SECRET + "/VNAG")` |
67 | - Webreader password = `OIDplus::authUtils()->makeSecret("65d9f488-f4eb-11ed-b67e-3c4a92df8582")` |
| 43 | 68 | ||
| 44 | --- |
69 | Plugin RDAP (frdl): |
| - | 70 | - `OIDplus::authUtils()->makeSecret("cee75760-f4f8-11ed-b67e-3c4a92df8582")` is used to generate a cache filename |
|
| 45 | 71 | ||
| - | 72 | Plugin VTS Client Challenge Captcha: |
|
| 46 | Important: Please never use SERVER_SECRET alone for any hashing/HMAC without adding any context to it. |
73 | - Challenge integrity : `OIDplus::authUtils()->makeAuthKey("797bfc34-f4fa-11ed-86ca-3c4a92df8582:" + challenge)` |
| - | 74 | - Cache filename : `"vts_client_challenge_" + OIDplus::authUtils()->makeSecret("461f4a9e-f4fa-11ed-86ca-3c4a92df8582:" + ipTarget + "/" + random) + ".tmp"` |
|
| 47 | 75 | ||
| 48 | - Example: Bad `hmac(message, SERVER_SECRET)` |
76 | GUID Registry |
| 49 | - Example: Good `hmac(message, 'xyz:'.SERVER_SECRET)` |
77 | ------------- |
| 50 | 78 | ||
| 51 | Reason: Since the SERVER_SECRET is used at many different places, we must make sure that the calculated values do not reveal information about the SERVER_SECRET in any kind. |
79 | The "real GUIDs" are documented at the [ViaThinkSoft OIDplus Registration Authority](https://oidplus.viathinksoft.com/oidplus/?goto=guid%3Aoidplus%2FauthRealms). |