Several Cryptography Flaws in Magento 2

[paragonie-scott]

See http://www.openwall.com/lists/oss-security/2016/07/19/3 for details

[piotrekkaminski]

Thanks. We are aware of the mcrypt issues and have plans to replace mcrypt with more modern library (phpseclib? libsodium?) pretty soon.

[paragonie-scott]

In the initial comment, you said Magento is not encrypting credit card data, but it was edited before I could reply.

I do want to point out, for the record, that Magento does appear to be decrypting credit card data here.

[piotrekkaminski]

@paragonie-scott to be exact, none of the payment methods included with Magento stores card data.

[paragonie-scott]

OK, that's good to know. I hope no plugins are using this for that purpose.

[paragonie-scott]

(phpseclib? libsodium?)

Libsodium is available as a PHP extension, so if you can't require your users to install it from PECL, that's probably not an option.

For symmetric-key encryption, you have a few good choices:

• defuse/php-encryption
• Zend\Crypt

Last I checked (which, admittedly, was ages ago, so it could have changed), phpseclib didn't offer a simple and easy-to-use authenticated encryption interface like defuse does. Unauthenticated encryption, though correctly implemented, doesn't fix the sensitivity to CPAs or CCAs.

If you need public-key encryption and/or digital signatures, give EasyRSA a gander. I wrote about its benefits in response to a Drupal thread about implementing automatic security updates.

https://www.drupal.org/node/2367319#comment-11415297

[piotrekkaminski]

Internal ticket ID MAGETWO-39838

I just ran into this issue on production :/ when do you plan to fix this?

[unfunco]

Since ext-openssl is already a requirement of Magento, would it not make more sense to use that instead? PHP 7.1 will be throwing E_DEPRECATED for the use of ext-mcrypt, and it will either be moved to PECL in 7.2 or 8.0. Usage (ignoring vendors) is contained within Framework/Encryption and it shouldn't be too complicated to migrate (code) – migrating existing data might be more involved.

On my PHP 7.0.12 installation, the OpenSSL extension has 190 cipher methods available, it should be suitable without requiring an additional library or extension.

[paragonie-scott]

defuse/php-encryption uses OpenSSL, but more importantly it offers simple and easy-to-use authenticated encryption.

You want authenticated encryption.