[2.2] [Security] Added Pbkdf2PasswordEncoder #4661
Conversation
|
This also warrants a waring that the function is extra slow. Calculation of hash with the default 5000 iterations on small ec2 instance takes approximately 800ms. |
| $digest = ''; | ||
|
|
||
| for ($i = 1; $i <= $blocks; $i++) { | ||
| $ib = $block = hash_hmac($this->algorithm, $salt . pack('N', $i), $raw, true); |
There was a problem hiding this comment.
$block is an unused variable, same on line 62.
There was a problem hiding this comment.
it is not, on that line $block is assigned a value, $ib is just assigned the same values as $block.
There was a problem hiding this comment.
I see, totally read over the second parameter of line 62.
|
@mvrhov What do you mean exactly? Should I reduce the default number of Iterations? Edit: Oops, my own class in rollerworks/Crypt also uses 1000, not 5000. |
|
@sstok: What I meant was that it would be nice to include that info into the PhpDoc block or inside a changelog. |
Something like this, any suggestions are welcome ;) PS: Should I also add this to the SecurityBundle?, but 'algorithm' always passes it to MessageDigestPasswordEncoder when it not plain. So I wonder what to do for that, using something as pbkdf2_[algorithm] like: pbkdf2_sha512 |
|
@sstok That would be a really valuable addition to Symfony :) Another nice thing you could do is provide a bcrypt implementation. @elnur's ElnurBlowfishPasswordEncoderBundle might give you some inspiration. |
|
@jalliot Thanks for the tip, changing the default is not a good idea as PBKDF2 pretty heavy when compared to Digit. Implementing bcrypt should be no problem, I will open an new pull request for that one when ready. Edit: I think I have an idea, setting algorithm to pbkdf2 with hash_algorithm as parameter. |
|
@schmittjoh As this is a simple change should it go for 2.1 or 2.2? |
|
IIUC 2.1 is feature frozen so that will surely not be merged before 2.2. |
|
This is indeed scheduled for 2.2. |
|
@fabpot ping |
|
Before I merge this PR, can you:
Thanks. |
| @@ -378,6 +378,8 @@ private function addEncodersSection(ArrayNodeDefinition $rootNode) | |||
| ->beforeNormalization()->ifString()->then(function($v) { return array('algorithm' => $v); })->end() | |||
| ->children() | |||
| ->scalarNode('algorithm')->cannotBeEmpty()->end() | |||
| ->scalarNode('hash_algorithm')->defaultValue('sha512')->end() | |||
There was a problem hiding this comment.
you should add an ->info() call explaining it is only used for pbkdf2
|
The XSD also need to be updated |
|
@stof: AFAIR, there is unfortunately no XSD for the Security bundle.... yet |
|
@mvrhov Indeed, it's going to be included in PHP as of PHP 5.5. We need to use it if available. |
|
@fabpot ah true. and I don't want to try creating an XSD in this bundle as the config tree can be expanded dynamically by any bundle :) |
|
@fabpot ping |
| public function encodePassword($raw, $salt) | ||
| { | ||
| if (function_exists('hash_pbkdf2')) { | ||
| $digest = \hash_pbkdf2($this->algorithm, $raw, $salt, $this->iterations, $this->length, true); |
There was a problem hiding this comment.
Please remove the \ on the function call. Symfony does not use it.
[Security] changed default iterations of Pbkdf2PasswordEncoder to 1000 instead of 5000 [Security] Improved description of PBKDF2 encoder [SecurityBundle] added PBKDF2 PasswordEncoder updated CHANGELOG.md [Security] Use the build-in hash_pbkdf2() when available [SecurityBundle] added information about hash_algorithm for configuration [Security] always check algorithm and fixed CS
|
@fabpot ping |
This PR was merged into the master branch. Commits ------- 4534960 [Security] Added Pbkdf2PasswordEncoder Discussion ---------- [2.2] [Security] Added Pbkdf2PasswordEncoder Bug fix: no Feature addition: yes Backwards compatibility break: no Symfony2 tests pass: yes License of the code: MIT This adds the PBKDF2 derived key mechanism (as defined in http://www.ietf.org/rfc/rfc2898.txt) for the Password encoder. The original implementation comes from http://www.itnewb.com/tutorial/Encrypting-Passwords-with-PHP-for-Storage-Using-the-RSA-PBKDF2-Standard and does not contain any restrictive copyright. I have included the original author. --------------------------------------------------------------------------- by mvrhov at 2012-06-26T10:33:59Z This also warrants a waring that the function is extra slow. Calculation of hash with the default 5000 iterations on small ec2 instance takes approximately 800ms. --------------------------------------------------------------------------- by sstok at 2012-06-26T11:17:25Z @mvrhov What do you mean exactly? Should I reduce the default number of Iterations? Edit: Oops, my own class in rollerworks/Crypt also uses 1000, not 5000. I used the MessageDigestPasswordEncoder as my template and forgot to change that. Fixed. --------------------------------------------------------------------------- by mvrhov at 2012-06-26T12:04:28Z @sstok: What I meant was that it would be nice to include that info into the PhpDoc block or inside a changelog. Between the plain salted sha512, sha512 based Pbkdf2 and sha512 based bcrypt, bcrypt was slower than sha512, but way faster than Pbkdf2. I've measured all of them on small ec2 instance. Oh, and BTW it was 1000 iterations in Pbkdf2 that took 800ms. --------------------------------------------------------------------------- by sstok at 2012-06-26T12:39:46Z ``` * Pbkdf2PasswordEncoder uses the PBKDF2 (Password-Based Key Derivation Function 2). * * Providing a high level of Cryptographic security, * PBKDF2 is recommended by the National Institute of Standards and Technology (NIST). * * But also warrants a warning, using PBKDF2 (with a high number of iterations) slows down the process. * PBKDF2 should be used with caution and care. ``` Something like this, any suggestions are welcome ;) PS: Should I also add this to the SecurityBundle?, but 'algorithm' always passes it to MessageDigestPasswordEncoder when it not plain. So I wonder what to do for that, using something as pbkdf2_[algorithm] like: pbkdf2_sha512 --------------------------------------------------------------------------- by jalliot at 2012-07-06T22:27:22Z @sstok That would be a really valuable addition to Symfony :) And I think indeed that you should modify SecurityBundle by adding a simple way to switch from the basic encoder to this one (and surely set it as the default!). Another nice thing you could do is provide a bcrypt implementation. @elnur's [ElnurBlowfishPasswordEncoderBundle](https://github.com/elnur/ElnurBlowfishPasswordEncoderBundle) might give you some inspiration. --------------------------------------------------------------------------- by sstok at 2012-07-08T12:25:29Z @jalliot Thanks for the tip, changing the default is not a good idea as PBKDF2 pretty heavy when compared to Digit. The only difference between PBKDF2 and Digit is that PBKDF2 uses HMAC and does some extra things, so they are both very secure. But the second is more secure then the other ;) Implementing bcrypt should be no problem, I will open an new pull request for that one when ready. Edit: I think I have an idea, setting algorithm to pbkdf2 with hash_algorithm as parameter. --------------------------------------------------------------------------- by sstok at 2012-07-18T09:54:15Z @schmittjoh As this is a simple change should it go for 2.1 or 2.2? --------------------------------------------------------------------------- by jalliot at 2012-07-18T11:02:40Z IIUC 2.1 is feature frozen so that will surely not be merged before 2.2. --------------------------------------------------------------------------- by fabpot at 2012-07-23T14:26:30Z This is indeed scheduled for 2.2. --------------------------------------------------------------------------- by sstok at 2012-10-02T13:51:59Z @fabpot ping --------------------------------------------------------------------------- by fabpot at 2012-10-02T16:20:23Z Before I merge this PR, can you: * add an entry in the CHANGELOG of the component and the bundle * squash your commits * create a PR on the docs to mention the new encoder (its usage and the limitations as you mentioned them here) Thanks. --------------------------------------------------------------------------- by stof at 2012-10-02T16:27:03Z The XSD also need to be updated --------------------------------------------------------------------------- by fabpot at 2012-10-02T16:37:53Z @stof: AFAIR, there is unfortunately no XSD for the Security bundle.... yet --------------------------------------------------------------------------- by mvrhov at 2012-10-02T16:56:39Z BTW: http://php.net/manual/en/function.hash-pbkdf2.php --------------------------------------------------------------------------- by fabpot at 2012-10-02T17:17:57Z @mvrhov Indeed, it's going to be included in PHP as of PHP 5.5. We need to use it if available. --------------------------------------------------------------------------- by stof at 2012-10-02T17:28:17Z @fabpot ah true. and I don't want to try creating an XSD in this bundle as the config tree can be expanded dynamically by any bundle :) --------------------------------------------------------------------------- by sstok at 2012-10-03T09:29:53Z @fabpot ping --------------------------------------------------------------------------- by sstok at 2012-10-08T09:21:09Z @fabpot ping
Bug fix: no
Feature addition: yes
Backwards compatibility break: no
Symfony2 tests pass: yes
License of the code: MIT
This adds the PBKDF2 derived key mechanism (as defined in http://www.ietf.org/rfc/rfc2898.txt) for the Password encoder.
The original implementation comes from http://www.itnewb.com/tutorial/Encrypting-Passwords-with-PHP-for-Storage-Using-the-RSA-PBKDF2-Standard and does not contain any restrictive copyright. I have included the original author.