Public bug reported:
Fernet tokens all start with a plaintext string of either "F00" or "F01"
indicating either "version 0" (normal unscoped and scoped tokens) or
"version 1" (trust-based tokens). That versioning lies outside of the
integrity-verified portion of the token, and is thus susceptible to
manipulation by end users.
With only two token versions, this doesn't present any issues that I'm
aware of, but to harden ourselves against the future, we should move
that versioning information into the integrity-verified portion of the
message. Otherwise, we carry of risk of future implementations
inadvertently introducing privilege escalation vulnerabilities, a means
for end users to disable authorization checks by supplying older
versions, etc, etc.
In addition, the format prefix was originally intended to make it easier
for remote clients (keystonemiddleware.auth_token) to parse apart and
validate tokens without going back to talk to Keystone. Since that's not
the plan here (Fernet tokens must be validated with Keystone, since
that's the only place where the encryption keys are accessible), the
entire format prefix ("F00" / "F01") can be dropped, as long as Keystone
can still validate the tokens it's issuing.
** Affects: keystone
Importance: Medium
Assignee: Dolph Mathews (dolph)
Status: New
** Tags: fernet
** Tags added: fernet
** Summary changed:
- Fernet tokens contain non-integrity verified version identifier
+ Fernet tokens contain a version identifier that is not integrity verified
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1427485
Title:
Fernet tokens contain a version identifier that is not integrity
verified
Status in OpenStack Identity (Keystone):
New
Bug description:
Fernet tokens all start with a plaintext string of either "F00" or
"F01" indicating either "version 0" (normal unscoped and scoped
tokens) or "version 1" (trust-based tokens). That versioning lies
outside of the integrity-verified portion of the token, and is thus
susceptible to manipulation by end users.
With only two token versions, this doesn't present any issues that I'm
aware of, but to harden ourselves against the future, we should move
that versioning information into the integrity-verified portion of the
message. Otherwise, we carry of risk of future implementations
inadvertently introducing privilege escalation vulnerabilities, a
means for end users to disable authorization checks by supplying older
versions, etc, etc.
In addition, the format prefix was originally intended to make it
easier for remote clients (keystonemiddleware.auth_token) to parse
apart and validate tokens without going back to talk to Keystone.
Since that's not the plan here (Fernet tokens must be validated with
Keystone, since that's the only place where the encryption keys are
accessible), the entire format prefix ("F00" / "F01") can be dropped,
as long as Keystone can still validate the tokens it's issuing.
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1427485/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : yahoo-eng-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
