% usage of crypt()
-\begin{enumerate}[label={7.\arabic*}]
+\begin{enumerate}[label={V7.\arabic*}]
\addtocounter{enumi}{1}
\item
- \TODO{}
+ \pass{}
Verify that all cryptographic modules fail securely, and errors are handled
in a way that does not enable oracle padding.
+ \begin{result}
+ The only cryptographic operation is the hashing of the password, which can
+ not be vulnerable to a padding attack as it does not use a block cipher.
+ \end{result}
+
\addtocounter{enumi}{3}
- \notapplicable{
\item
- Verify that all random numbers, random file names, random GUIDs, and random
+ \fail{}
+ Verify that all random numbers, random file names, random \GUID{}s, and random
strings are generated using the cryptographic module’s approved random
number generator when these random values are intended to be not guessable
by an attacker.
- }
+ \begin{result}
+ The application uses \PHP{}'s \code{mt\_rand()} function to generate the
+ initial password. This function uses a Mersenne Twister and does not
+ generate cryptographically secure values.
+ \end{result}
+
\item
- \TODO{}
+ \fail{}
Verify that cryptographic algorithms used by the application have been
- validated against FIPS 140-2 or an equivalent standard.
+ validated against FIPS 140{-}2 or an equivalent standard.
+ \begin{result}
+ \begin{itemize}[leftmargin=*]
+ \item
+ The application uses MD5 for password hashing, which is insecure by current
+ standards of FIPS 140{-}2.
+ \item
+ The application uses \code{crypt()} for passwords, and does not supply a
+ salt in these cases. This means \PHP{} will use DES{-}based algorithm,
+ which is insecure by the current standard of FIPS 140{-}2.
+ \end{itemize}
+ \end{result}
- \notapplicable{
+ \notapplicable{%
\item
Verify that cryptographic modules operate in their approved mode according
to their published security policies.
}
- \notapplicable{
\item
+ \fail{}
Verify that there is an explicit policy for how cryptographic keys are
managed (e.g., generated, distributed, revoked, and expired). Verify that
this key lifecycle is properly enforced.
- }
+ \begin{result}
+ There is no such policy. The unique application key that is used to sign
+ passwords in generated by \code{mt\_rand()}, which is insuitable for
+ generating cryptographically secure values. The lifecycle of this key is
+ unlimited.
+ \end{result}
+
\addtocounter{enumi}{1}
- \notapplicable{
+ \notapplicable{%
\item
Verify that all consumers of cryptographic services do not have direct
access to key material. Isolate cryptographic processes, including master
(HSM).
}
- \notapplicable{
\item
+ \fail{}
\textit{Personally Identifiable Information} should be stored encrypted at
rest and ensure that communication goes via protected channels.
- }
+ \begin{result}
+ The information stored consists of an email address, the user's real
+ name and a biography. All of these are stored in the database unencrypted.
+ \end{result}
- \notapplicable{
\item
+ \fail{}
Verify that sensitive passwords or key material maintained in memory is
overwritten with zeros as soon as it no longer required, to mitigate memory
dumping attacks.
- }
+ \begin{result}
+ This does not happen anywhere, any passwords submitted to the application
+ will stay in memory for an undefined amount of time.
+ \end{result}
- \notapplicable{
\item
+ \pass{}
Verify that all keys and passwords are replaceable, and are generated or
replaced at installation time.
- }
+ \begin{result}
+ All users can replace their password in their profile. Note that there is
+ no `confirmation field' which makes it easy to change an password to an
+ unintended value.
+ \end{result}
- \notapplicable{
+ \notapplicable{%
\item
Verify that random numbers are created with proper entropy even when the
application is under heavy load, or that the application degrades gracefully
repositories / ssproject1617.git / blobdiff