-
Dirkjan Bussink authored
This change allows for configuration of the hash digest that is used in the key generator for key derivation. SHA1 is an outdated algorithm and security auditors tend to frown on its usage. By allowing this to be configured, it becomes possible to move to a more up to date hash mechanism. While I don't think this has any current relevant security implications, especially not with a proper random secret base, moving away from SHA1 makes conversations with auditors and FIPS compliance checks easier since the best answer is always that an approved algorithm is used. A rotation can be built using this change with an approach like the following for encrypted cookies: ```ruby Rails.application.config.active_support.key_generator_hash_digest_class = OpenSSL::Digest::SHA256 Rails.application.config.action_dispatch.cookies_rotations.tap do |cookies| salt = Rails.application.config.action_dispatch.authenticated_encrypted_cookie_salt secret_key_base = Rails.application.secrets.secret_key_base key_generator = ActiveSupport::KeyGenerator.new(secret_key_base, iterations: 1000, hash_digest_class: OpenSSL::Digest::SHA1) key_len = ActiveSupport::MessageEncryptor.key_len secret = key_generator.generate_key(salt, key_len) cookies.rotate :encrypted, secret end ``` This turns the default into using SHA256 but also still accepts secrets derived using SHA1. The defaults for new apps is here changed to use SHA256. Existing apps will keep using SHA1.
Dirkjan Bussink authoredThis change allows for configuration of the hash digest that is used in the key generator for key derivation. SHA1 is an outdated algorithm and security auditors tend to frown on its usage. By allowing this to be configured, it becomes possible to move to a more up to date hash mechanism. While I don't think this has any current relevant security implications, especially not with a proper random secret base, moving away from SHA1 makes conversations with auditors and FIPS compliance checks easier since the best answer is always that an approved algorithm is used. A rotation can be built using this change with an approach like the following for encrypted cookies: ```ruby Rails.application.config.active_support.key_generator_hash_digest_class = OpenSSL::Digest::SHA256 Rails.application.config.action_dispatch.cookies_rotations.tap do |cookies| salt = Rails.application.config.action_dispatch.authenticated_encrypted_cookie_salt secret_key_base = Rails.application.secrets.secret_key_base key_generator = ActiveSupport::KeyGenerator.new(secret_key_base, iterations: 1000, hash_digest_class: OpenSSL::Digest::SHA1) key_len = ActiveSupport::MessageEncryptor.key_len secret = key_generator.generate_key(salt, key_len) cookies.rotate :encrypted, secret end ``` This turns the default into using SHA256 but also still accepts secrets derived using SHA1. The defaults for new apps is here changed to use SHA256. Existing apps will keep using SHA1.
Loading