paragonie-scott

<?php

$publicKey = openssl_pkey_get_public('
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7o9A47JuO3wgZ/lbOIOs
Xc6cVSiCMsrglvORM/54StFRvcrxMi7OjXD6FX5fQpUOQYZfIOFZZMs6kmNXk8xO
hgTmdMJcBWolQ85acfAdWpTpCW29YMvXNARUDb8uJKAApsISnttyCnbvp7zYMdQm
HiTG/+bYaegSXzV3YN+Ej+ZcocubUpLp8Rpzz+xmXep3BrjBycAE9z2IrrV2rlwg
TTxU/B8xmvMsToBQpAbe+Cv130tEHsyW4UL9KZY1M9R+UHFPPmORjBKxSZvjJ1mS
UbUYN6PmMry35wCaFCfQoyTDUxBfxTGYqjaveQv4sxx0uvoiLXHt9cAm5Q8KJ+8d

paragonie-scott

Private-Key: (4096 bit)
modulus:
    00:f0:71:c0:a3:bb:5f:cc:63:f9:55:33:ed:a3:d0:
    78:ae:fc:ce:2e:f2:36:d1:e5:cb:64:d7:55:37:8b:
    7b:a0:60:5e:31:c3:2a:b3:6e:1f:33:89:0a:ba:f5:
    ab:48:0e:0d:f7:39:31:06:18:3d:66:d8:b9:0e:ba:
    bb:08:46:78:3a:51:4b:61:d7:0a:9d:46:54:72:94:
    71:b6:a7:82:58:5b:6d:96:11:ae:f7:d2:19:f2:b1:
    20:e7:00:72:df:15:ac:1f:1e:1e:34:04:fc:0b:63:
    b5:03:ff:47:34:27:c7:54:4e:ee:d7:c7:77:cd:1d:

paragonie-scott

<?php

$message = random_bytes(1024);
$key = random_bytes(32);
$nonce = random_bytes(12);
$tag = '';
$aad = random_bytes(random_int(1, 127));

$cipher = openssl_encrypt($message, 'aes-256-gcm', $key, OPENSSL_RAW_DATA, $nonce, $tag, $aad, 16);

paragonie-scott

This is a more "how" to the "what": https://paragonie.com/blog/2016/10/guide-automatic-security-updates-for-php-developers

HTTPS + Digital Signatures

This is a minimalistic secure auto update approach.

1. Make an API call to a server to get the latest version information. This should be delivered over HTTPS, possibly with HPKP.
2. If an update is available, the client software should download the update file.
3. An Ed25519 signature should be available, either as a separate API call or as an HTTP header with the downloaded file.
4. Verify that the signature is valid for one of the hard-coded Ed25519 public keys.

paragonie-scott

<?php
declare(strict_types=1);

use ParagonIE\ConstantTime\Base64UrlSafe;

class JWTKiller
{
    public static function sign(string $message, Key $key): string
    {
        $mac = sodium_crypto_auth($message, $key->getRaw());

paragonie-scott

<?php
declare(strict_types=1);

class Foo
{
    /**
     * Even if the code that calls isn't using strict_types, it will still TypeError
     * if the wrong type is passed.
     */
    public function bar($param, $secondParam)

paragonie-scott

DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB22C583AB

paragonie-scott

Changes to JOSE that will prevent insecurity

Deletions

JWS and JWE

Drop the alg header

Neither JOSE users nor JOSE library designers should be required to understand cryptography primitives. At a lower level, this can lead to badly implemented primitives. On a higher level, this can lead to reasoning by lego.

paragonie-scott

<?php

define('DEFUSE_CRYPTO_BASEDIR', __DIR__.'/src/');

/**
 * PSR-4 compatible autoloader
 *
 */
\spl_autoload_register(function ($class) {
    // Project-specific namespace prefix

paragonie-scott

<?php

/* Key generation */
$keypair = openssl_pkey_new([
    "digest_alg" => "sha512",
    "private_key_type" => OPENSSL_KEYTYPE_RSA,
    'private_key_bits' => 1024
]);
$secret = null;
if (!openssl_pkey_export($keypair, $secret)) {