Page MenuHomePhabricator
Create Task
Maniphest T125290

CentralAuthUser::validateAuthToken should use constant-time string comparison
Closed, ResolvedPublic
Actions

Details

Related Gerrit Patches:
mediawiki/extensions/CentralAuth : master[SECURITY] Use constant time comparison in validateAuthToken

Event Timeline

Tgr created this task.Jan 30 2016, 9:41 AM
Tgr raised the priority of this task from to Needs Triage.
Tgr updated the task description. (Show Details)
Tgr added projects: MediaWiki-extensions-CentralAuth, Security-Extensions, Security.
Tgr changed the visibility from "Public (No Login Required)" to "Custom Policy".
Tgr changed the edit policy from "All Users" to "Custom Policy".
Tgr changed Security from None to Software security bug.
Tgr added a subscriber: Tgr.
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJan 30 2016, 9:41 AM
dpatrick assigned this task to Bawolff.Feb 2 2016, 10:20 PM
dpatrick triaged this task as Low priority.
Bawolff added projects: Patch-For-Review, Security-Team.Feb 15 2016, 2:48 AM
Bawolff added a subscriber: csteipp.

Use constant time comparison in CentralAuthUser::validateAuthToken828 BDownload

Given its non-trivial to pull off a timing attack of this type, I wonder if this patch could go directly on gerrit (/me looks at @csteipp )

csteipp added a comment.Feb 16 2016, 11:12 PM
In T125290#2027702, @Bawolff wrote:

Use constant time comparison in CentralAuthUser::validateAuthToken828 BDownload

Minor, but the argument order should be reversed. From http://php.net/manual/en/function.hash-equals.php.

Note:
It is important to provide the user-supplied string as the second parameter, rather than the first.
Bawolff added a comment.Feb 16 2016, 11:19 PM

eww, talk about an easy to misuse api.

I'll update the patch in a moment

Bawolff added a comment.Feb 16 2016, 11:27 PM

do auth token comparision in constant time828 BDownload

Bawolff added a comment.Feb 16 2016, 11:32 PM
In T125290#2033537, @Bawolff wrote:

eww, talk about an easy to misuse api.

Google suggests its for future compatability reasons (https://stackoverflow.com/questions/27911597/why-is-order-of-arguments-in-phps-hash-equals-function-important). I guess that's more reasonable. I still think that's a poor api design.

csteipp added a comment.Feb 18 2016, 11:59 PM

Deployed

23:49 csteipp: deployed patch for T125290

csteipp closed this task as Resolved.Feb 19 2016, 12:00 AM
csteipp added a parent task: T124940: MediaWiki 1.26.3 security release.
demon removed a parent task: T124940: MediaWiki 1.26.3 security release.Apr 19 2016, 5:28 PM
demon changed the visibility from "Custom Policy" to "Public (No Login Required)".
demon changed the edit policy from "Custom Policy" to "All Users".
demon changed Security from Software security bug to None.
Restricted Application added subscribers: TerraCodes, Malyacko. · View Herald TranscriptApr 19 2016, 5:29 PM
gerritbot added a subscriber: gerritbot.Apr 19 2016, 5:29 PM

Change 284237 merged by Chad:
[SECURITY] Use constant time comparison in validateAuthToken

https://gerrit.wikimedia.org/r/284237

sbassett moved this task from Backlog to Done on the Security-Team board.Jun 11 2019, 7:08 PM
Content licensed under Creative Commons Attribution-ShareAlike 3.0 (CC-BY-SA) unless otherwise noted; code licensed under GNU General Public License (GPL) or other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL