CRM_Core_Key - Strengthen signature algorithm
This alters the qfKey signature algorithm, with a few aims:
1. If someone wants to perform a brute-force to figure the per-session
private-key, we want it go slow. Therefore, use a slower hash (ie
HMAC-SHA256 instead of MD5).
2. If someone performs a timing attack aimed at figuring a passable qfKey,
the execution-time for `validate()` should not provide any hints.
3. If someone finds a way to manipulate one of the constituent parts
($sessionID, $name, $privateKey), we want it to be hard to create a
collsion. So... (a) Use HMAC instead of a vanilla hash. (b) Use delimiters
between the data sections ($sessionID, $name).
projects / civicrm-core.git / commit