From 026d68fc2d0f24e4f2d46c5743a22f42053caa67 Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Mon, 7 Apr 2025 20:08:17 +0300 Subject: add optional encryption for stored session data using Sodium library --- classes/Sessions.php | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) (limited to 'classes/Sessions.php') diff --git a/classes/Sessions.php b/classes/Sessions.php index 5c586154b..e8cba1765 100644 --- a/classes/Sessions.php +++ b/classes/Sessions.php @@ -58,7 +58,17 @@ class Sessions implements \SessionHandlerInterface { $sth->execute([$id]); if ($row = $sth->fetch()) { - return base64_decode($row['data']); + $data = base64_decode($row['data']); + + if (Config::get(Config::SODIUM_ENCRYPTION_KEY)) { + $unserialized_data = unserialize($data); + + if ($unserialized_data !== false) + return Config::decrypt_string($unserialized_data); + } + + // if Sodium key is missing or session data is not in serialized format, return as-is + return $data; } $expire = time() + $this->session_expire; @@ -69,7 +79,12 @@ class Sessions implements \SessionHandlerInterface { } public function write(string $id, string $data): bool { + + if (Config::get(Config::SODIUM_ENCRYPTION_KEY)) + $data = serialize(Config::encrypt_string($data)); + $data = base64_encode($data); + $expire = time() + $this->session_expire; $sth = Db::pdo()->prepare('SELECT id FROM ttrss_sessions WHERE id=?'); -- cgit v1.2.3-54-g00ecf From 58677fc791604bd891fb1ef4f4cc5e040ce8e39f Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Mon, 7 Apr 2025 20:23:19 +0300 Subject: rename SODIUM_ENCRYPTION_KEY to SESSION_ENCRYPTION_KEY and move related stuff to Sessions class --- classes/Config.php | 53 +++------------------------------------------------ classes/Sessions.php | 54 +++++++++++++++++++++++++++++++++++++++++++++++----- 2 files changed, 52 insertions(+), 55 deletions(-) (limited to 'classes/Sessions.php') diff --git a/classes/Config.php b/classes/Config.php index 11ce5ccfa..c9acad93e 100644 --- a/classes/Config.php +++ b/classes/Config.php @@ -8,8 +8,6 @@ class Config { const SCHEMA_VERSION = 147; - const SODIUM_ALGO = 'xchacha20poly1305_ietf'; - /** override default values, defined below in _DEFAULTS[], prefixing with _ENVVAR_PREFIX: * * DB_TYPE becomes: @@ -194,11 +192,8 @@ class Config { /** disables login form controls except HOOK_LOGINFORM_ADDITIONAL_BUTTONS (for SSO providers), also prevents logging in through auth_internal */ const DISABLE_LOGIN_FORM = "DISABLE_LOGIN_FORM"; - /** optional symmetric encryption key for Sodium library (XChaCha20-Poly1305) - generate using bin2hex(sodium_crypto_aead_xchacha20poly1305_ietf_keygen()) - * - * if set, used to transparently encrypt stored session data in the database - */ - const SODIUM_ENCRYPTION_KEY = "SODIUM_ENCRYPTION_KEY"; + /** optional key to transparently encrypt stored session data using Sodium library (XChaCha20-Poly1305) - generate using bin2hex(sodium_crypto_aead_xchacha20poly1305_ietf_keygen()) */ + const SESSION_ENCRYPTION_KEY = "SESSION_ENCRYPTION_KEY"; /** default values for all global configuration options */ private const _DEFAULTS = [ @@ -258,7 +253,7 @@ class Config { Config::T_STRING ], Config::HTTP_429_THROTTLE_INTERVAL => [ 3600, Config::T_INT ], Config::DISABLE_LOGIN_FORM => [ "", Config::T_BOOL ], - Config::SODIUM_ENCRYPTION_KEY => [ "", Config::T_STRING ] + Config::SESSION_ENCRYPTION_KEY => [ "", Config::T_STRING ] ]; private static ?Config $instance = null; @@ -307,48 +302,6 @@ class Config { return self::get_instance()->_get_version($as_string); } - /** encrypts provided ciphertext using Sodium symmetric encryption key if available via Config::SODIUM_ENCRYPTION_KEY - * - * @return array|false encrypted data object containing algo, nonce, and encrypted data or false if encryption failed - * - */ - static function encrypt_string(string $ciphertext) : array|false { - $key = Config::get(Config::SODIUM_ENCRYPTION_KEY); - $nonce = \random_bytes(\SODIUM_CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES); - - $payload = sodium_crypto_aead_xchacha20poly1305_ietf_encrypt($ciphertext, '', $nonce, hex2bin($key)); - - if ($payload) { - $encrypted_data = [ - 'algo' => self::SODIUM_ALGO, - 'nonce' => $nonce, - 'payload' => $payload, - ]; - - return $encrypted_data; - } - - throw new Exception("Config::encrypt_string() failed to encrypt ciphertext"); - } - - /** decrypts payload of encrypted object if Config::SODIUM_ENCRYPTION_KEY is available and object is in correct format - * - * @param array $encrypted_data - * - * @return string|false decrypted string payload or false if decryption failed - */ - static function decrypt_string(array $encrypted_data) : string|false { - $key = Config::get(Config::SODIUM_ENCRYPTION_KEY); - - if ($encrypted_data['algo'] === self::SODIUM_ALGO) { - $payload = sodium_crypto_aead_xchacha20poly1305_ietf_decrypt($encrypted_data['payload'], '', $encrypted_data['nonce'], hex2bin($key)); - - return $payload; - } - - throw new Exception('Config::decrypt_string() failed to decrypt passed encrypted data'); - } - // returns version showing (if possible) full timestamp of commit id static function get_version_html() : string { $version = self::get_version(false); diff --git a/classes/Sessions.php b/classes/Sessions.php index e8cba1765..d8f14eed0 100644 --- a/classes/Sessions.php +++ b/classes/Sessions.php @@ -8,6 +8,8 @@ class Sessions implements \SessionHandlerInterface { private int $session_expire; private string $session_name; + private const SODIUM_ALGO = 'xchacha20poly1305_ietf'; + public function __construct() { $this->session_expire = min(2147483647 - time() - 1, Config::get(Config::SESSION_COOKIE_LIFETIME)); $this->session_name = Config::get(Config::SESSION_NAME); @@ -53,6 +55,48 @@ class Sessions implements \SessionHandlerInterface { return true; } + /** encrypts provided ciphertext using Sodium symmetric encryption key if available via Config::SESSION_ENCRYPTION_KEY + * + * @return array encrypted data object containing algo, nonce, and encrypted data + * + */ + private function encrypt_string(string $ciphertext) : array { + $key = Config::get(Config::SESSION_ENCRYPTION_KEY); + $nonce = \random_bytes(\SODIUM_CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES); + + $payload = sodium_crypto_aead_xchacha20poly1305_ietf_encrypt($ciphertext, '', $nonce, hex2bin($key)); + + if ($payload) { + $encrypted_data = [ + 'algo' => self::SODIUM_ALGO, + 'nonce' => $nonce, + 'payload' => $payload, + ]; + + return $encrypted_data; + } + + throw new Exception("Config::encrypt_string() failed to encrypt ciphertext"); + } + + /** decrypts payload of encrypted object if Config::SESSION_ENCRYPTION_KEY is available and object is in correct format + * + * @param array $encrypted_data + * + * @return string decrypted string payload + */ + private function decrypt_string(array $encrypted_data) : string { + $key = Config::get(Config::SESSION_ENCRYPTION_KEY); + + if ($encrypted_data['algo'] === self::SODIUM_ALGO) { + $payload = sodium_crypto_aead_xchacha20poly1305_ietf_decrypt($encrypted_data['payload'], '', $encrypted_data['nonce'], hex2bin($key)); + + return $payload; + } + + throw new Exception('Config::decrypt_string() failed to decrypt passed encrypted data'); + } + public function read(string $id): false|string { $sth = Db::pdo()->prepare('SELECT data FROM ttrss_sessions WHERE id=?'); $sth->execute([$id]); @@ -60,11 +104,11 @@ class Sessions implements \SessionHandlerInterface { if ($row = $sth->fetch()) { $data = base64_decode($row['data']); - if (Config::get(Config::SODIUM_ENCRYPTION_KEY)) { - $unserialized_data = unserialize($data); + if (Config::get(Config::SESSION_ENCRYPTION_KEY)) { + $unserialized_data = @unserialize($data); // avoid leaking plaintext session via error message if ($unserialized_data !== false) - return Config::decrypt_string($unserialized_data); + return $this->decrypt_string($unserialized_data); } // if Sodium key is missing or session data is not in serialized format, return as-is @@ -80,8 +124,8 @@ class Sessions implements \SessionHandlerInterface { public function write(string $id, string $data): bool { - if (Config::get(Config::SODIUM_ENCRYPTION_KEY)) - $data = serialize(Config::encrypt_string($data)); + if (Config::get(Config::SESSION_ENCRYPTION_KEY)) + $data = serialize($this->encrypt_string($data)); $data = base64_encode($data); -- cgit v1.2.3-54-g00ecf From 25d3ce4ee8f411a19c3a0e69ebb5c575c16243a8 Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Tue, 8 Apr 2025 08:55:44 +0300 Subject: drop SESSION-specific stuff and move encrypt/decrypt helpers to a separate class; add a command line flag to generate encryption keys --- classes/Config.php | 6 ++--- classes/Crypt.php | 62 ++++++++++++++++++++++++++++++++++++++++++++++++++++ classes/Sessions.php | 54 +++++---------------------------------------- update.php | 5 +++++ 4 files changed, 75 insertions(+), 52 deletions(-) create mode 100644 classes/Crypt.php (limited to 'classes/Sessions.php') diff --git a/classes/Config.php b/classes/Config.php index c9acad93e..e906419dc 100644 --- a/classes/Config.php +++ b/classes/Config.php @@ -192,8 +192,8 @@ class Config { /** disables login form controls except HOOK_LOGINFORM_ADDITIONAL_BUTTONS (for SSO providers), also prevents logging in through auth_internal */ const DISABLE_LOGIN_FORM = "DISABLE_LOGIN_FORM"; - /** optional key to transparently encrypt stored session data using Sodium library (XChaCha20-Poly1305) - generate using bin2hex(sodium_crypto_aead_xchacha20poly1305_ietf_keygen()) */ - const SESSION_ENCRYPTION_KEY = "SESSION_ENCRYPTION_KEY"; + /** optional key to transparently encrypt sensitive data (currently limited to sessions); key is a 32 byte hex string may be generated using update.php --gen-encryption-key */ + const ENCRYPTION_KEY = "ENCRYPTION_KEY"; /** default values for all global configuration options */ private const _DEFAULTS = [ @@ -253,7 +253,7 @@ class Config { Config::T_STRING ], Config::HTTP_429_THROTTLE_INTERVAL => [ 3600, Config::T_INT ], Config::DISABLE_LOGIN_FORM => [ "", Config::T_BOOL ], - Config::SESSION_ENCRYPTION_KEY => [ "", Config::T_STRING ] + Config::ENCRYPTION_KEY => [ "", Config::T_STRING ] ]; private static ?Config $instance = null; diff --git a/classes/Crypt.php b/classes/Crypt.php new file mode 100644 index 000000000..d832e6530 --- /dev/null +++ b/classes/Crypt.php @@ -0,0 +1,62 @@ + self::ENCRYPT_ALGO, + 'nonce' => $nonce, + 'payload' => $payload, + ]; + + return $encrypted_data; + } + + throw new Exception("Crypt::encrypt_string() failed to encrypt ciphertext"); + } + + /** decrypts payload of a valid encrypted object using Config::ENCRYPTION_KEY + * + * @param array{'algo': string, 'nonce': string, 'payload': string} $encrypted_data + * + * @return string decrypted string payload + */ + static function decrypt_string(array $encrypted_data) : string { + $key = Config::get(Config::ENCRYPTION_KEY); + + if (!$key) + throw new Exception("Crypt::decrypt_string() failed to decrypt - key is not available"); + + // only one is supported for the time being + switch ($encrypted_data['algo']) { + case self::ENCRYPT_ALGO: + return sodium_crypto_aead_xchacha20poly1305_ietf_decrypt($encrypted_data['payload'], '', $encrypted_data['nonce'], hex2bin($key)); + } + + throw new Exception('Crypt::decrypt_string() failed to decrypt passed encrypted data object, unsupported algo: ' . $encrypted_data['algo']); + } + +} \ No newline at end of file diff --git a/classes/Sessions.php b/classes/Sessions.php index d8f14eed0..f3c0cea42 100644 --- a/classes/Sessions.php +++ b/classes/Sessions.php @@ -8,8 +8,6 @@ class Sessions implements \SessionHandlerInterface { private int $session_expire; private string $session_name; - private const SODIUM_ALGO = 'xchacha20poly1305_ietf'; - public function __construct() { $this->session_expire = min(2147483647 - time() - 1, Config::get(Config::SESSION_COOKIE_LIFETIME)); $this->session_name = Config::get(Config::SESSION_NAME); @@ -55,48 +53,6 @@ class Sessions implements \SessionHandlerInterface { return true; } - /** encrypts provided ciphertext using Sodium symmetric encryption key if available via Config::SESSION_ENCRYPTION_KEY - * - * @return array encrypted data object containing algo, nonce, and encrypted data - * - */ - private function encrypt_string(string $ciphertext) : array { - $key = Config::get(Config::SESSION_ENCRYPTION_KEY); - $nonce = \random_bytes(\SODIUM_CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES); - - $payload = sodium_crypto_aead_xchacha20poly1305_ietf_encrypt($ciphertext, '', $nonce, hex2bin($key)); - - if ($payload) { - $encrypted_data = [ - 'algo' => self::SODIUM_ALGO, - 'nonce' => $nonce, - 'payload' => $payload, - ]; - - return $encrypted_data; - } - - throw new Exception("Config::encrypt_string() failed to encrypt ciphertext"); - } - - /** decrypts payload of encrypted object if Config::SESSION_ENCRYPTION_KEY is available and object is in correct format - * - * @param array $encrypted_data - * - * @return string decrypted string payload - */ - private function decrypt_string(array $encrypted_data) : string { - $key = Config::get(Config::SESSION_ENCRYPTION_KEY); - - if ($encrypted_data['algo'] === self::SODIUM_ALGO) { - $payload = sodium_crypto_aead_xchacha20poly1305_ietf_decrypt($encrypted_data['payload'], '', $encrypted_data['nonce'], hex2bin($key)); - - return $payload; - } - - throw new Exception('Config::decrypt_string() failed to decrypt passed encrypted data'); - } - public function read(string $id): false|string { $sth = Db::pdo()->prepare('SELECT data FROM ttrss_sessions WHERE id=?'); $sth->execute([$id]); @@ -104,14 +60,14 @@ class Sessions implements \SessionHandlerInterface { if ($row = $sth->fetch()) { $data = base64_decode($row['data']); - if (Config::get(Config::SESSION_ENCRYPTION_KEY)) { + if (Config::get(Config::ENCRYPTION_KEY)) { $unserialized_data = @unserialize($data); // avoid leaking plaintext session via error message if ($unserialized_data !== false) - return $this->decrypt_string($unserialized_data); + return Crypt::decrypt_string($unserialized_data); } - // if Sodium key is missing or session data is not in serialized format, return as-is + // if encryption key is missing or session data is not in serialized format, assume plaintext data and return as-is return $data; } @@ -124,8 +80,8 @@ class Sessions implements \SessionHandlerInterface { public function write(string $id, string $data): bool { - if (Config::get(Config::SESSION_ENCRYPTION_KEY)) - $data = serialize($this->encrypt_string($data)); + if (Config::get(Config::ENCRYPTION_KEY)) + $data = serialize(Crypt::encrypt_string($data)); $data = base64_encode($data); diff --git a/update.php b/update.php index 471e323c8..dfac5ab4c 100755 --- a/update.php +++ b/update.php @@ -84,6 +84,7 @@ "update-schema::" => ["[force-yes]", "update database schema, optionally without prompting"], "force-update" => "mark all feeds as pending update", "gen-search-idx" => "generate basic PostgreSQL fulltext search index", + "gen-encryption-key" => "generate an encryption key (ChaCha20-Poly1305)", "plugins-list" => "list installed plugins", "debug-feed:" => ["N", "update specified feed with debug output enabled"], "force-refetch" => "debug update: force refetch feed data", @@ -323,6 +324,10 @@ } } + if (isset($options["gen-encryption-key"])) { + echo "Generated encryption key: " . bin2hex(Crypt::generate_key()) . "\n"; + } + if (isset($options["plugins-list"])) { $tmppluginhost = new PluginHost(); $tmppluginhost->load_all($tmppluginhost::KIND_ALL); -- cgit v1.2.3-54-g00ecf