On Saturday, October 10, 2015 at 2:08:12 AM UTC-7, sri wrote: > > but you do have a number of places using unadorned SHA1 >> (including one where I'm really *not* sure why you're *not* using HMAC >> see DefaultHelpers::_csrf_token) >> > > The CSRF token just needs to be a reasonably random value, the hash > algorithm is irrelevant. > > > The CSRF token needs to be unguessable by an attacker. steady_time() is little more than a counter and rand() shouldn't really be relied on to be unguessable either. Which, I assume, is why you're prepending a secret key and hashing the result.
But this is exactly the problem that HMAC is intended to solve hmac_sha1_sum ( steady_time . rand(999), $c->app->secrets->[0] ) then no one has to worry about padding oracle attacks or any of that shit..) -- You received this message because you are subscribed to the Google Groups "Mojolicious" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/mojolicious. For more options, visit https://groups.google.com/d/optout.
