[core] use sha3 instead of md5 for csrf tokens

2024-06-21 19:18:21 +01:00 · 2024-06-21 19:18:21 +01:00 · 7150af6b9e
commit 7150af6b9e
parent 17b0b4e94f
1 changed files with 6 additions and 10 deletions
--- a/core/user.php
+++ b/core/user.php
@ -238,20 +238,16 @@ class User
    /**
     * Get an auth token to be used in POST forms
     *
-     * password = secret, avoid storing directly
-     * passhash = bcrypt(password), so someone who gets to the database can't get passwords
-     * sesskey  = md5(passhash . IP), so if it gets sniffed it can't be used from another IP,
-     *            and it can't be used to get the passhash to generate new sesskeys
-     * authtok  = md5(sesskey, salt), presented to the user in web forms, to make sure that
-     *            the form was generated within the session. Salted and re-hashed so that
-     *            reading a web page from the user's cache doesn't give access to the session key
+     * the token is based on
+     * - the user's password, so that only this user can use the token
+     * - the session IP, to reduce the blast radius of guessed passwords
+     * - a salt known only to the server, so that clients or attackers
+     *   can't generate their own tokens even if they know the first two
     */
    public function get_auth_token(): string
    {
        global $config;
-        $salt = SECRET;
-        $addr = get_session_ip($config);
-        return md5(md5($this->passhash . $addr) . "salty-csrf-" . $salt);
+        return hash("sha3-256", $this->passhash . get_session_ip($config) . SECRET);
    }