Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix!: update argon2 and improve key handling #4892

Merged
merged 1 commit into from
Nov 7, 2022
Merged

fix!: update argon2 and improve key handling #4892

merged 1 commit into from
Nov 7, 2022

Conversation

AaronFeickert
Copy link
Collaborator

@AaronFeickert AaronFeickert commented Nov 4, 2022
edited
Loading

Description

Updates argon2 for the gRPC and wallet use cases. Improves handling of keys and secret data. Fixes issue 4882.

Motivation and Context

Issue 4882 notes that different versions of argon2 are used throughout the codebase. The newer minor version 0.4 changes the API significantly, and the older version 0.2 is no longer supported.

Additionally, gRPC and wallet implementations use the default parameter set from the crate, which is not in line with the OWASP recommendations that we use elsewhere in the key manager.

Further, it's recommended that a specific function be used when performing KDF functionality, as this binds the parameter set into the output. While not a major security issue, it's worth updating to this function where appropriate.

Finally, secret data is kept in memory in many places through the codebase, and this area is no exception. As part of good practice, we should try to zeroize such data wherever possible.

This PR addresses these issues. It updates the gRPC and wallet argon2 versions to 0.4 (the key manager is addressed in PR 4860 and makes the necessary API changes. It updates the parameter set to be consistent with the linked recommendations. It also adds some improved handling of secret data (but does not do so comprehensively, limiting the scope to the updated code).

How Has This Been Tested?

Existing tests pass.

BREAKING: This changes how wallet passphrase-based hashes and keys are derived.

@CjS77 CjS77 added P-acks_required Process - Requires more ACKs or utACKs P-reviews_required Process - Requires a review from a lead maintainer to be merged labels Nov 4, 2022
@stringhandler stringhandler added W-transaction-breaking Warning - Changes data that wallets use to send transactions and removed W-transaction-breaking Warning - Changes data that wallets use to send transactions labels Nov 7, 2022
@CjS77 CjS77 removed the P-reviews_required Process - Requires a review from a lead maintainer to be merged label Nov 7, 2022
@stringhandler stringhandler merged commit 9aa9087 into tari-project:development Nov 7, 2022
@AaronFeickert AaronFeickert deleted the bump-argon2 branch November 7, 2022 14:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@stringhandler stringhandler stringhandler approved these changes

Assignees
No one assigned
Labels
P-acks_required Process - Requires more ACKs or utACKs
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Standardize on an argon2 version
3 participants
@AaronFeickert @stringhandler @CjS77