Don't you need to store the private key on the server if you want to let upgrades do verification?
Perhaps I just don't understand how you would make "signed" packages.
[RFC] Secure Automatic Upgrades
- EXreaction
- Registered User
- Posts: 1555
- Joined: Sat Sep 10, 2005 2:15 am
-
- Former Team Member
- Posts: 90
- Joined: Wed Feb 09, 2005 12:21 am
Re: [RFC] Secure Automatic Upgrades
The person packaging the release would, after prepping the packages on their local machine, take a hash of the package (hash_file) and encrypt the hash with their locally stored private key. The packages and their respective signatures would then be uploaded to phpbb.com. The private key would never leave the developers machine.
phpBB installs would then, with the public key that it came with, decrypt the encrypted hash and compare it against the actual hash.
How familiar are you with public key cryptography? If you're not at all familiar with it then I should probably be phrasing my explanations differently.
phpBB installs would then, with the public key that it came with, decrypt the encrypted hash and compare it against the actual hash.
How familiar are you with public key cryptography? If you're not at all familiar with it then I should probably be phrasing my explanations differently.
- EXreaction
- Registered User
- Posts: 1555
- Joined: Sat Sep 10, 2005 2:15 am
Re: [RFC] Secure Automatic Upgrades
I see, I am just not familiar with creating signed packages and thought it'd be something more like sending a request to the phpbb.com server to verify the information in the package. The way you explained works much better. 
Re: [RFC] Secure Automatic Upgrades
It is true that if phpBB.com could get hacked and the public key replaced with an attackers'. You can simply distribute the key to another place (redundanyc) and/or monitor the key remotely with a script.
Re: [RFC] Secure Automatic Upgrades
Regarding private key security: http://www.digital-scurf.org/software/libgfshareTerraFrost wrote:The private key, presumably, wouldn't be stored on the server but on the hard drives of various developers or Management Team members or whatever. Or maybe they could just be stored on USB sticks, or something, only plugged into a computer when needed. They'd also, in theory, be encrypted with a symmetric key algorithm as well. phpseclib supports private keys encrypted with DES and 3DES. PuTTY private keys support AES, as well.
- bantu
- 3.0 Release Manager
- Posts: 557
- Joined: Thu Sep 07, 2006 11:22 am
- Location: Karlsruhe, Germany
- Contact:
Re: [RFC] Secure Automatic Upgrades
I like this. IMO the same or a similar mechanism should be provided for downloading/updating extensions/Bundles from the repositories like the phpBB.com MOD database.
Slightly off-topic, but does Wordpress actually sign their packages for the auto updater right now?
Agreed. It should be possible to disable it entirely.nn- wrote:..., but please make this feature completely optional
The package managers like those being used by Linux distributions basically work the same way and most people use those on a daily basis.nn- wrote:..., but either case is less secure than a properly configured environment where automatic updates are not possible.
Slightly off-topic, but does Wordpress actually sign their packages for the auto updater right now?
-
- Former Team Member
- Posts: 90
- Joined: Wed Feb 09, 2005 12:21 am
Re: [RFC] Secure Automatic Upgrades
Doesn't look like it:bantu wrote:Slightly off-topic, but does Wordpress actually sign their packages for the auto updater right now?
http://wordpress.org/support/topic/338010
Re: [RFC] Secure Automatic Upgrades
But to run my package manager I become root, by default I don't have the appropriate access credentials to overwrite all the binaries on my system.bantu wrote:The package managers like those being used by Linux distributions basically work the same way and most people use those on a daily basis.
-
- Former Team Member
- Posts: 90
- Joined: Wed Feb 09, 2005 12:21 am
Re: [RFC] Secure Automatic Upgrades
You'd have to do the same thing here, too. Provide FTP or SFTP login information. That's how Wordpress does it. What Wordpress doesn't do is signature verification, because there's no signature available nor is there an embedded public key.ToonArmy wrote:But to run my package manager I become root, by default I don't have the appropriate access credentials to overwrite all the binaries on my system.bantu wrote:The package managers like those being used by Linux distributions basically work the same way and most people use those on a daily basis.
Incidentally, I was thinking about the public key and... maybe it'd be best to use a pgp / gpg formatted public key. The advantage of that is that easily available command line tools can be used to generate signatures and verify signatures (if you don't want phpBB to auto-upgrade). The disadvantage is that no pure-PHP pgp / gpg parser exists. At least none that I know of. PEAR's Crypt_GPG uses proc_open() calls to the OS, which makes it rather non-portable.
A proprietary - unique to phpBB format - can be used, as well, however, you'd then have to use phpBB specific CLI tools to verify the signature via the command line. At least I know of no tool that supports base64 encoded raw RSASSA-PSS.
Re: [RFC] Secure Automatic Upgrades
Oh right, I was under the impression it required write access to the files. This is much more sane.TerraFrost wrote:You'd have to do the same thing here, too. Provide FTP or SFTP login information. That's how Wordpress does it. What Wordpress doesn't do is signature verification, because there's no signature available nor is there an embedded public key.
I was thinking about this as well, I'd much prefer a GPG based solution but obviously a pure PHP implementation of signature verification would be required. If it's more suitable I won't object to a custom format for our automatic update packages and then using GPG signing for the public key (chain of trust) and the rest of the download packages.TerraFrost wrote:Incidentally, I was thinking about the public key and... maybe it'd be best to use a pgp / gpg formatted public key. The advantage of that is that easily available command line tools can be used to generate signatures and verify signatures (if you don't want phpBB to auto-upgrade). The disadvantage is that no pure-PHP pgp / gpg parser exists. At least none that I know of. PEAR's Crypt_GPG uses proc_open() calls to the OS, which makes it rather non-portable.
A proprietary - unique to phpBB format - can be used, as well, however, you'd then have to use phpBB specific CLI tools to verify the signature via the command line. At least I know of no tool that supports base64 encoded raw RSASSA-PSS.