"Fossies" - the Fresh Open Source Software Archive

Member "libraries/src/Crypt/README.md" (18 Jun 2022, 2651 Bytes) of package /linux/www/Joomla_3.10.10-Stable-Full_Package.tar.bz2:


As a special service "Fossies" has tried to format the requested source page into HTML format (assuming markdown format). Alternatively you can here view or download the uninterpreted source code file. A member file download can also be achieved by clicking within a package contents listing on the according byte size field.

A hint: This file contains one or more very long lines, so maybe it is better readable using the pure text view mode that shows the contents as wrapped lines within the browser window.


Important Security Information

If you're going to use JCrypt in any of your extensions, make sure you use CryptoCipher (requires mcrypt to be installed on the server) or SodiumCipher; These are the only two which are cryptographically secure.

use Joomla\CMS\Crypt\Cipher\SodiumCipher;

$cipher = new SodiumCipher;
$key    = $cipher->generateKey();
$data   = 'My encrypted data.';

$cipher->setNonce(\Sodium\randombytes_buf(\Sodium\CRYPTO_BOX_NONCEBYTES));

$encrypted = $cipher->encrypt($data, $key);
$decrypted = $cipher->decrypt($encrypted, $key);

if ($decrypted !== $data)
{
    throw new RuntimeException('The data was not decrypted correctly.');
}
use Joomla\CMS\Crypt\Cipher\CryptoCipher;

$cipher = new CryptoCipher();
$key = $cipher->generateKey(); // Store this for long-term use

$message = "We're all living on a yellow submarine!";
$ciphertext = $cipher->encrypt($message, $key);
$decrypted = $cipher->decrypt($ciphertext, $key);

Avoid these Ciphers if Possible

All of these ciphers are vulnerable to something called a chosen-ciphertext attack. The only provable way to prevent chosen-ciphertext attacks is to use authenticated encryption, preferrably in an Encrypt-then-MAC construction.

The only JCrypt cipher that meets the authenticated encryption criteria is JCryptCipherCrypto.

Absolutely Avoid JCryptCipherSimple

JCryptCipherSimple is deprecated and will be removed in Joomla 4. It's vulnerable to a known plaintext attack: If you know any information about the plaintext (e.g. the first character is '<'), an attacker can recover bits of the encryption key with ease.

If an attacker can influence the message, they can actually steal your encryption key. Here's how:

  1. Feed str_repeat('A', 256) into your application, towards JCryptCipherSimple.
  2. Observe the output of the cipher (the ciphertext).
  3. Run it through this code:
function recoverJcryptCipherSimpleKey($ciphertext, $knownPlaintext)
{
    $key = '';
    for ($i = 0; $i < strlen($knownPlaintext); ++$i) {
      $key.= chr(ord($ciphertext[$i]) ^ ord($knownPlaintext[$i]));
    }
}

$key = recoverJcryptCipherSimpleKey(
    $someEncryptedTextOutput,
    str_repeat('A', 256)
);

Given how trivial it is to steal the encryption key from this cipher, you absolutely should not use it.