hidden-string icon indicating copy to clipboard operation
hidden-string copied to clipboard

Published 20 hours ago verified publisher icon paragonie

Keep getting exception error

Open mitmelon opened this issue 3 years ago • 8 comments

I keep getting exception error when using hidden string with halite.

The error was

This HiddenString object cannot be inlined as a string.

Am pasiing the cypher directly to halite and its showing that error

What does this mean and how to correct this...

mitmelon avatar Apr 20 '21 07:04 mitmelon

It means you're not invoking getString() on the HiddenString object, but trying to e.g. print it directly.

The entire point of HiddenString is to prevent data from leaking via e.g. stack traces, or accidentally var_dumping its contents.

paragonie-security avatar Apr 20 '21 14:04 paragonie-security

It means you're not invoking getString() on the HiddenString object, but trying to e.g. print it directly.

The entire point of HiddenString is to prevent data from leaking via e.g. stack traces, or accidentally var_dumping its contents.

So in such case it should be like this right (new HiddenString(STRING DATA))->getString();

If am correct

mitmelon avatar Apr 20 '21 15:04 mitmelon

Not sure if it makes sense to use it like this... I don't think you gain anything here.

jdreesen avatar Apr 20 '21 15:04 jdreesen

It probably helps if you understand the problem being solved here.

Take a look at this code:

<?php
$secret = bin2hex(random_bytes(32)); // SECRET

function doSomething(string $secret)
{
    throw new Exception("It failed :'(");
}

doSomething($secret);

This produces the following stack trace:

Fatal error: Uncaught Exception: It failed :'( in /in/4WAgA:7
Stack trace:
#0 /in/4WAgA(10): doSomething('e5f01ddbc5d08be...')
#1 {main}
  thrown in /in/4WAgA on line 7

Process exited with code 255.

Which leaks our $secret: #0 /in/4WAgA(10): doSomething('e5f01ddbc5d08be...') (result is truncated in 3v4l, not in all environments).

The purpose of HiddenString is to prevent this leakage. Thus, you would never do (new HiddenString(STRING DATA))->getString();

What you will do is instantiate it $foo = new HiddenString(STRING_DATA); and then pass $foo around. When you need to actually inspect the value of $foo (which could be, like, a database password), you invoke $foo->getString() there, and only there. Then you can also strictly type your code to use HiddenString everywhere else.

paragonie-security avatar Apr 20 '21 16:04 paragonie-security

It probably helps if you understand the problem being solved here.

Take a look at this code:

<?php
$secret = bin2hex(random_bytes(32)); // SECRET

function doSomething(string $secret)
{
    throw new Exception("It failed :'(");
}

doSomething($secret);

This produces the following stack trace:

Fatal error: Uncaught Exception: It failed :'( in /in/4WAgA:7
Stack trace:
#0 /in/4WAgA(10): doSomething('e5f01ddbc5d08be...')
#1 {main}
  thrown in /in/4WAgA on line 7

Process exited with code 255.

Which leaks our $secret: #0 /in/4WAgA(10): doSomething('e5f01ddbc5d08be...') (result is truncated in 3v4l, not in all environments).

The purpose of HiddenString is to prevent this leakage. Thus, you would never do (new HiddenString(STRING DATA))->getString();

What you will do is instantiate it $foo = new HiddenString(STRING_DATA); and then pass $foo around. When you need to actually inspect the value of $foo (which could be, like, a database password), you invoke $foo->getString() there, and only there. Then you can also strictly type your code to use HiddenString everywhere else.

Yes I know... Switching off error output to browser will also prevent this...

But I don't want to do that...

The problem is that... When am trying to decrypt the cypertext I passed it like this...

Symmetric::decrypt(HiddenString(STRING DATA), $key);

But I keep getting the error again... And again...

This HiddenString object cannot be inlined as a string....

Once I set the disableInline to true on the HiddenString Constructor everything works fine without errors...

In the previous version too, there were no such errors. It's the new version that keeps giving this error...

mitmelon avatar Apr 20 '21 18:04 mitmelon

I had the exact same issue when I upgraded halite to 4.8.0 and hidden-string was updated to 2.0.0.

Downgrading to 4.6.0 and 1.1.0 respectively solved the issue, so there is something wrong on halite Symmetric::decrypt from version 4.8.0 onwards

twmobius avatar Jul 21 '21 17:07 twmobius

The problem is that... When am trying to decrypt the cypertext I passed it like this...

Symmetric::decrypt(HiddenString(STRING DATA), $key);

But I keep getting the error again... And again...

This HiddenString object cannot be inlined as a string....

The definition of Symmetric::decrypt() accepts a string, not a HiddenString. This string is necessarily encrypted.

HiddenString is only accepted in the encrypt path. Plaintext and ciphertext have different security requirements, after all.

The result of Symmetric::decrypt(), however, is a HiddenString.

paragonie-security avatar Jul 21 '21 17:07 paragonie-security

Thanks for the explanation! It might be helpful to add a note about this to https://github.com/paragonie/halite/blob/master/doc/Basic.md, for example:

The important thing to keep in mind is that $enc_key is not a string, it is an instance of \ParagonIE\Halite\Symmetric\EncryptionKey.

Similarly, to avoid accidental leakage of secrets in stack traces, Crypto::decrypt() returns a HiddenString object instead of an ordinary string. Call the getString method on the object to retrieve the plaintext – but only do this at the point you use it.

andfinally avatar Nov 13 '21 10:11 andfinally