Encrypt cookies with AES-GCM

[zzak]

Recently, Rails added AEAD encrypted cookies: rails/rails#28132

We currently encrypt using SHA1:

sinatra/rack-protection/lib/rack/protection/base.rb

Line 111 in 1b0edc0

options[:encryptor].hexdigest value.to_s

/cc @jkowens @mikeycgto

[mwpastore]

We should at least use SHA2 out of the box.

[zzak]

I'm sorry I didn't think of this until now 😞

[mjc-gh]

I'd be happy to look into this and submit a PR to upgrade the encryption. With Rails, most of the complexity with my changes was around supporting seamless upgrades from the now legacy encryption to this new scheme. Is that something Sinatra would be interested in supporting? http://michaeljcoyne.me

…

On May 29, 2017 2:22 AM, "Zachary Scott" ***@***.***> wrote: I'm sorry I didn't think of this until now 😞 — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#1300 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AAFAjwK-fxb9rWS_SLSJK1Gm2f-TMwxUks5r-g_dgaJpZM4Noyej> .

[mjc-gh]

Started to look more into this and I'm little confused as to where session cookies come from for Sinatra. Do they come from rack/session/cookie code base or do they solely come from the above mentioned file?

Either way, both are just doing a HMAC for cookie security. I think introducing AES encryption would certainly be a worthwhile addition to Sinatra (and thus introduce confidential to the system). Should I be looking to create a PR against the rack session code base or against the above mentioned code base?

Would love to contribute this feature, so please advice on what the best course of action would be. Thanks!!

[jkowens]

You're correct, cookies are handled in Sinatra base and Rack::Session::Cookie encrypts with sha1 by default. Rack::Protection::SessionHijacking adds some request properties to the session and encrypts them, so that would need some attention as well.

[mjc-gh]

Thanks for the feedback. Will look into creating a PR sometime next week (as I am away in Europe at the moment). Will be great to have Sinatra and other rack apps benefit from more modern encryption!

[mjc-gh]

Put together a PR for Rack::Session::Cookie. Any and all feedback or questions are welcomed!

As far as Rack::Protection::SessionHijacking goes, the use the encrypt method is no longer needed. Since the underlying session is encrypted and signed, we can just rely on the security of that. Using AES for the encrypting the session data now introduces confidentiality, thus making the SessionHijacking module even more useful. A theoretical attack cannot view the session data and would not know what to forge the stored User-Agent and Language headers to.

I can make a PR to update this module.

[zzak]

@mikeycgto Does that depend on your PR to Rack getting merged and released?

[mjc-gh]

Yes, my changes to rack/protection/session_hijacking would require my PR for Rack to be merged before that can be merged. I made a branch for it on my sinatra fork but have yet to open a PR.

Maybe we move my changes to the cookie middleware into an independent middleware that sinatra can use directly? Getting such a major change accepted into Rack may take a long while.

[zzak]

@mikeycgto Yeah, I'm 👍 to rolling this out into a shim or something once it's merged.

We will probably want to support the next major rack release, whenever that is, I guess rack 3 will be a thing. But until then we should still support your encrypted cookies

[mjc-gh]

Sounds good. I can take my changes to rack's cookie middleware and integrate them directly into sinatra for the short term. Will put together a PR for this soon.