Securing 'pickle'
Paul Rubin
http
Fri Jul 11 01:24:33 EDT 2003
Dave Cole <djc at object-craft.com.au> writes:
> def pickle_sign(self, text):
> m = md5.new()
> m.update(self.__secret)
> m.update(text)
> text = m.digest() + text
> return text
Use instead:
def pickle_sign(self, text):
m = hmac.new(self.__secret)
m.update(text)
text = m.digest() + text
return text
def pickle_unsign(self, text):
digest = text[:16]
text = text[16:]
m = hmac.new(self.__secret)
m.update(self.__secret)
m.update(text)
if m.digest() == digest:
return text
raise CookieError # or something like that
Differences are:
1) use hmac instead of md5, to prevent appending attack
2) raise an exception if authentication fails, and handle it of
course. The null string might be a valid cookie value and
returning it on authentication failure lets attacker force return
of a null string.
There's another issue, mentioned in other post: if you have several
pickles in separate cookies, you should sign them all together, not
use an independent signature for each pickle like your class does.
Say session 1 sets pickles A and B, and session 2 sets pickles C and
D. With independent signatures, an attacker controlling both sessions
can send back A and C, or B and D, with results that might confuse
the application.
More information about the Python-list
mailing list