"Fossies" - the Fresh Open Source Software Archive

Member "libraries/src/Crypt/README.md" (12 Sep 2021, 2651 Bytes) of package /linux/www/Joomla_3.10.2-Stable-Full_Package.tar.bz2:


As a special service "Fossies" has tried to format the requested source page into HTML format (assuming markdown format). Alternatively you can here view or download the uninterpreted source code file. A member file download can also be achieved by clicking within a package contents listing on the according byte size field. See also the last Fossies "Diffs" side-by-side code changes report for "README.md": 3.9.28_vs_3.10.0-rc2-Release_Candidate.

Important Security Information

If you're going to use JCrypt in any of your extensions, make sure you use CryptoCipher (requires mcrypt to be installed on the server) or SodiumCipher; These are the only two which are cryptographically secure.

use Joomla\CMS\Crypt\Cipher\SodiumCipher;

$cipher = new SodiumCipher;
$key    = $cipher->generateKey();
$data   = 'My encrypted data.';

$cipher->setNonce(\Sodium\randombytes_buf(\Sodium\CRYPTO_BOX_NONCEBYTES));

$encrypted = $cipher->encrypt($data, $key);
$decrypted = $cipher->decrypt($encrypted, $key);

if ($decrypted !== $data)
{
    throw new RuntimeException('The data was not decrypted correctly.');
}
use Joomla\CMS\Crypt\Cipher\CryptoCipher;

$cipher = new CryptoCipher();
$key = $cipher->generateKey(); // Store this for long-term use

$message = "We're all living on a yellow submarine!";
$ciphertext = $cipher->encrypt($message, $key);
$decrypted = $cipher->decrypt($ciphertext, $key);

Avoid these Ciphers if Possible

All of these ciphers are vulnerable to something called a chosen-ciphertext attack. The only provable way to prevent chosen-ciphertext attacks is to use authenticated encryption, preferrably in an Encrypt-then-MAC construction.

The only JCrypt cipher that meets the authenticated encryption criteria is JCryptCipherCrypto.

Absolutely Avoid JCryptCipherSimple

JCryptCipherSimple is deprecated and will be removed in Joomla 4. It's vulnerable to a known plaintext attack: If you know any information about the plaintext (e.g. the first character is '<'), an attacker can recover bits of the encryption key with ease.

If an attacker can influence the message, they can actually steal your encryption key. Here's how:

  1. Feed str_repeat('A', 256) into your application, towards JCryptCipherSimple.
  2. Observe the output of the cipher (the ciphertext).
  3. Run it through this code:
function recoverJcryptCipherSimpleKey($ciphertext, $knownPlaintext)
{
    $key = '';
    for ($i = 0; $i < strlen($knownPlaintext); ++$i) {
      $key.= chr(ord($ciphertext[$i]) ^ ord($knownPlaintext[$i]));
    }
}

$key = recoverJcryptCipherSimpleKey(
    $someEncryptedTextOutput,
    str_repeat('A', 256)
);

Given how trivial it is to steal the encryption key from this cipher, you absolutely should not use it.