CodeIgniter Forums
Can i use this Ci Starter. Is it safe? - Printable Version

+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Development (https://forum.codeigniter.com/forum-6.html)
+--- Forum: CodeIgniter 3.x (https://forum.codeigniter.com/forum-17.html)
+--- Thread: Can i use this Ci Starter. Is it safe? (/thread-1377.html)

Pages: 1 2


RE: Can i use this Ci Starter. Is it safe? - ivantcholakov - 03-05-2015

I have just added warning notes within the Password library, thank you. https://github.com/ivantcholakov/starter-public-edition-4/commit/db920d7f989219033d33da8d1e650ed4a7a0f74c


RE: Can i use this Ci Starter. Is it safe? - Narf - 03-06-2015

(03-05-2015, 12:43 PM)ivantcholakov Wrote: @Narf

First of all, I have nothing against you, your job is incredible. I am silent recently because I am finishing a difficult project.

"Passwords must be hashed, not encrypted." - yes, I know that. I hash the users' passwords. But for example, I want to store a SMTP-password for the site mailer within the database as a setting - it needs to be decrypted before usage. So, the Password library gives both of the options. I will add some comments within the library in order it to be used properly.

About the GibberishAES class (alone) I don't have a disagreement, because I don't know what it supposed to be about. :-) You were not specific. http://forum.codeigniter.com/thread-53.html

I guess I got the wrong impression then, sorry about that.

I wasn't specific indeed ... I didn't think I need to be, because you too have no reason to roll your own instead of using CI_Encryption. That alone is a reason enough to dismiss your library, because the first rule in cryptography is "don't roll your own". Smile

If I have to be specific - it doesn't use authentication (HMAC), no timing safe comparison, it falls back to mt_rand() for key generation, it has this weird salting algorithm that is wrong on at least 3 levels (including usage of MD5), it has an escapeshellarg() method that has nothing to do with cryptography, the code itself is very unclear and it is obviously designed to encrypt passwords ... which is wrong by default, even if you did provide a very rare use-case for that.

Please just delete that library altogether. I mean, if any cryptography expert sees it, you'll be publicly shamed for writing it ... and I mean that on a very large scale, not within the realms of this forum. Smile

(03-05-2015, 02:14 PM)ivantcholakov Wrote: I have just added warning notes within the Password library, thank you. https://github.com/ivantcholakov/starter-public-edition-4/commit/db920d7f989219033d33da8d1e650ed4a7a0f74c

That's an improvement, I'll give you that ... but if it's called "Password", then encrypt/decrypt methods simply don't belong in it. People make bad decisions every time you give them the chance to, and as I said - that's very dangerous when it comes to security.


RE: Can i use this Ci Starter. Is it safe? - ivantcholakov - 03-06-2015

1. GibberishAES is a 3 years old class. By the time I created it there was no CI_Encryption library. The next weekend I will go through your thoughts about it.

2. "That's an improvement, I'll give you that ... but if it's called "Password", then encrypt/decrypt methods simply don't belong in it. People make bad decisions every time you give them the chance to, and as I said - that's very dangerous when it comes to security." - I accept this. What I need actually is encrypted settings within the database, so this kind of functionality belongs to the Settings library and will be moved there.


RE: Can i use this Ci Starter. Is it safe? - ivantcholakov - 03-14-2015

I promised for this weekend to do a revision, but it won't happen. I will find time for this later, nothing is forgotten.


RE: Can i use this Ci Starter. Is it safe? - ivantcholakov - 03-16-2015

I have just updated GibberishAES (v1.2.0) up to its limits, I think. For encrypted database settings I will see how to use CodeIgniter's encryption library.


RE: Can i use this Ci Starter. Is it safe? - ivantcholakov - 03-30-2015

All security-related changes are done, I've just made a stable release.