Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bind Keys to Version and Purpose #11

Open
paragonie-security opened this issue Aug 5, 2021 · 3 comments
Open

Bind Keys to Version and Purpose #11

paragonie-security opened this issue Aug 5, 2021 · 3 comments

Comments

@paragonie-security
Copy link

paseto/paseto-core/src/main/java/net/aholbrook/paseto/PasetoV2.java

Line 55 in ed9567b

public <_Payload> _Payload decrypt(String token, byte[] key, String footer, Class<_Payload> payloadClass) {

paseto/paseto-core/src/main/java/net/aholbrook/paseto/PasetoV2.java

Line 113 in ed9567b

public <_Payload> _Payload verify(String token, byte[] pk, String footer, Class<_Payload> payloadClass) {

See https://github.com/paseto-standard/paseto-spec/blob/master/docs/02-Implementation-Guide/03-Algorithm-Lucidity.md

Right now, byte arrays are accepted by this API. There's no mechanism to prevent a user from using a v2 public key as a v2 local key.
@atholbro
Copy link
Owner

atholbro commented Aug 5, 2021

I'm in favor of this and was thinking of adding something similar myself but just never got around to it.

The purpose could probably be omitted if you require the type directly on the Pasteo functions, for example:

public abstract String encrypt(Object payload, SymmetricKey key, String footer);
public abstract String sign(Object payload, AsymmetricSecretKey sk);
public abstract <_Payload> _Payload verify(String token, AsymmetricPublicKey pk, Class<_Payload> payloadClass)

Seems to be effectively the same as taking a base Key class and checking the purpose at runtime. Actually might be cleaner since the function signature then becomes self documenting on the expected type.

Do you foresee any issues with this? Perhaps I'm missing something obvious here as I just started looking at it.

Regardless, I will update the library with the changes, likely with my suggestion above unless there is a reason for the alternative.

atholbro added a commit that referenced this issue Aug 6, 2021
@atholbro
Address #11 - Bind Keys to Version and Purpose.
089ec72 
Adds strong key types for both V1 and V2:
- SymmetricKey: Key for LOCAL tokens.
- AsymmetricPublicKey: Public key for PUBLIC tokens.
- AsymmetricSecretKey: Secret key for PUBLIC tokens.

Byte arrays are no longer accepted and must be wrapped in these types
with the correct version attached. Test vectors show usage, docs will
be updated to reflect this and other v1.0 changes.

More details can be found here and in issue #11:
https://github.com/paseto-standard/paseto-spec/blob/master/docs/02-Implementation-Guide/03-Algorithm-Lucidity.md
@atholbro atholbro mentioned this issue Aug 6, 2021
Open
@atholbro
Copy link
Owner

atholbro commented Aug 6, 2021

Did the initial work on this in the associated PR.

@paragonie-security
Copy link
Author

I'm in favor of this and was thinking of adding something similar myself but just never got around to it.

The purpose could probably be omitted if you require the type directly on the Pasteo functions, for example:

public abstract String encrypt(Object payload, SymmetricKey key, String footer);
public abstract String sign(Object payload, AsymmetricSecretKey sk);
public abstract <_Payload> _Payload verify(String token, AsymmetricPublicKey pk, Class<_Payload> payloadClass)

Yes!

Seems to be effectively the same as taking a base Key class and checking the purpose at runtime. Actually might be cleaner since the function signature then becomes self documenting on the expected type.

Do you foresee any issues with this? Perhaps I'm missing something obvious here as I just started looking at it.

We're less worried about vulnerabilities and more about accidental misuse.

Regardless, I will update the library with the changes, likely with my suggestion above unless there is a reason for the alternative.

Awesome! Let us know if you need a review.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@atholbro @paragonie-security