[RFC] Secure Automatic Upgrades

Note: We are moving the topics of this forum and it will be deleted at some point

Publish your own request for comments/change or patches for the next version of phpBB. Discuss the contributions and proposals of others. Upcoming releases are 3.2/Rhea and 3.3.
User avatar
EXreaction
Registered User
Posts: 1555
Joined: Sat Sep 10, 2005 2:15 am

Re: [RFC] Secure Automatic Upgrades

Post by EXreaction »

Don't you need to store the private key on the server if you want to let upgrades do verification?

Perhaps I just don't understand how you would make "signed" packages.

TerraFrost
Former Team Member
Posts: 90
Joined: Wed Feb 09, 2005 12:21 am

Re: [RFC] Secure Automatic Upgrades

Post by TerraFrost »

The person packaging the release would, after prepping the packages on their local machine, take a hash of the package (hash_file) and encrypt the hash with their locally stored private key. The packages and their respective signatures would then be uploaded to phpbb.com. The private key would never leave the developers machine.

phpBB installs would then, with the public key that it came with, decrypt the encrypted hash and compare it against the actual hash.

How familiar are you with public key cryptography? If you're not at all familiar with it then I should probably be phrasing my explanations differently.

User avatar
EXreaction
Registered User
Posts: 1555
Joined: Sat Sep 10, 2005 2:15 am

Re: [RFC] Secure Automatic Upgrades

Post by EXreaction »

I see, I am just not familiar with creating signed packages and thought it'd be something more like sending a request to the phpbb.com server to verify the information in the package. The way you explained works much better. :P

igorw
Registered User
Posts: 500
Joined: Thu Jan 04, 2007 11:47 pm

Re: [RFC] Secure Automatic Upgrades

Post by igorw »

It is true that if phpBB.com could get hacked and the public key replaced with an attackers'. You can simply distribute the key to another place (redundanyc) and/or monitor the key remotely with a script.

ToonArmy
Registered User
Posts: 335
Joined: Fri Mar 26, 2004 7:31 pm
Location: Bristol, UK
Contact:

Re: [RFC] Secure Automatic Upgrades

Post by ToonArmy »

TerraFrost wrote:The private key, presumably, wouldn't be stored on the server but on the hard drives of various developers or Management Team members or whatever. Or maybe they could just be stored on USB sticks, or something, only plugged into a computer when needed. They'd also, in theory, be encrypted with a symmetric key algorithm as well. phpseclib supports private keys encrypted with DES and 3DES. PuTTY private keys support AES, as well.
Regarding private key security: http://www.digital-scurf.org/software/libgfshare
Chris SmithBlogXMOOhlohArea51WikiNo support via PM/IM
Image

User avatar
bantu
3.0 Release Manager
3.0 Release Manager
Posts: 557
Joined: Thu Sep 07, 2006 11:22 am
Location: Karlsruhe, Germany
Contact:

Re: [RFC] Secure Automatic Upgrades

Post by bantu »

I like this. IMO the same or a similar mechanism should be provided for downloading/updating extensions/Bundles from the repositories like the phpBB.com MOD database.
nn- wrote:..., but please make this feature completely optional
Agreed. It should be possible to disable it entirely.
nn- wrote:..., but either case is less secure than a properly configured environment where automatic updates are not possible.
The package managers like those being used by Linux distributions basically work the same way and most people use those on a daily basis.

Slightly off-topic, but does Wordpress actually sign their packages for the auto updater right now?

TerraFrost
Former Team Member
Posts: 90
Joined: Wed Feb 09, 2005 12:21 am

Re: [RFC] Secure Automatic Upgrades

Post by TerraFrost »

bantu wrote:Slightly off-topic, but does Wordpress actually sign their packages for the auto updater right now?
Doesn't look like it:

http://wordpress.org/support/topic/338010

ToonArmy
Registered User
Posts: 335
Joined: Fri Mar 26, 2004 7:31 pm
Location: Bristol, UK
Contact:

Re: [RFC] Secure Automatic Upgrades

Post by ToonArmy »

bantu wrote:The package managers like those being used by Linux distributions basically work the same way and most people use those on a daily basis.
But to run my package manager I become root, by default I don't have the appropriate access credentials to overwrite all the binaries on my system.
Chris SmithBlogXMOOhlohArea51WikiNo support via PM/IM
Image

TerraFrost
Former Team Member
Posts: 90
Joined: Wed Feb 09, 2005 12:21 am

Re: [RFC] Secure Automatic Upgrades

Post by TerraFrost »

ToonArmy wrote:
bantu wrote:The package managers like those being used by Linux distributions basically work the same way and most people use those on a daily basis.
But to run my package manager I become root, by default I don't have the appropriate access credentials to overwrite all the binaries on my system.
You'd have to do the same thing here, too. Provide FTP or SFTP login information. That's how Wordpress does it. What Wordpress doesn't do is signature verification, because there's no signature available nor is there an embedded public key.

Incidentally, I was thinking about the public key and... maybe it'd be best to use a pgp / gpg formatted public key. The advantage of that is that easily available command line tools can be used to generate signatures and verify signatures (if you don't want phpBB to auto-upgrade). The disadvantage is that no pure-PHP pgp / gpg parser exists. At least none that I know of. PEAR's Crypt_GPG uses proc_open() calls to the OS, which makes it rather non-portable.

A proprietary - unique to phpBB format - can be used, as well, however, you'd then have to use phpBB specific CLI tools to verify the signature via the command line. At least I know of no tool that supports base64 encoded raw RSASSA-PSS.

ToonArmy
Registered User
Posts: 335
Joined: Fri Mar 26, 2004 7:31 pm
Location: Bristol, UK
Contact:

Re: [RFC] Secure Automatic Upgrades

Post by ToonArmy »

TerraFrost wrote:You'd have to do the same thing here, too. Provide FTP or SFTP login information. That's how Wordpress does it. What Wordpress doesn't do is signature verification, because there's no signature available nor is there an embedded public key.
Oh right, I was under the impression it required write access to the files. This is much more sane.
TerraFrost wrote:Incidentally, I was thinking about the public key and... maybe it'd be best to use a pgp / gpg formatted public key. The advantage of that is that easily available command line tools can be used to generate signatures and verify signatures (if you don't want phpBB to auto-upgrade). The disadvantage is that no pure-PHP pgp / gpg parser exists. At least none that I know of. PEAR's Crypt_GPG uses proc_open() calls to the OS, which makes it rather non-portable.

A proprietary - unique to phpBB format - can be used, as well, however, you'd then have to use phpBB specific CLI tools to verify the signature via the command line. At least I know of no tool that supports base64 encoded raw RSASSA-PSS.
I was thinking about this as well, I'd much prefer a GPG based solution but obviously a pure PHP implementation of signature verification would be required. If it's more suitable I won't object to a custom format for our automatic update packages and then using GPG signing for the public key (chain of trust) and the rest of the download packages.
Chris SmithBlogXMOOhlohArea51WikiNo support via PM/IM
Image

Post Reply