#62005 closed enhancement (fixed)
Enhance wp_hash function to support custom hashing algorithms
| Reported by: |
|
Owned by: |
|
|---|---|---|---|
| Milestone: | 6.8 | Priority: | normal |
| Severity: | normal | Version: | 2.0.3 |
| Component: | Security | Keywords: | has-patch |
| Focuses: | Cc: |
Description
Currently In wp_hash function, it has hardcoded the hashing algorithm i.e. md5, but as we know, that md5 is an unsecure algorithm & is vulnerable to collision attacks.
So the aim of this PR is to enhance the wp_hash function, so that user can supply secure custom hashing algorithm such as sha256, while they were building Plugins or Themes.
If the $algo argument is not supplied then it should fallback to md5, just to support backward compatibility.
Following are some more details about this new feature enhancement:
Summary
This PR updates the wp_hash function to allow users to specify a custom hashing algorithm, enhancing the security and flexibility of the function. Previously, the function hardcoded the md5 algorithm, which is vulnerable to collision attacks.
Changes:
Added a new parameter $algo to the wp_hash function, allowing users to specify the hashing algorithm.
The default remains md5 for backward compatibility.
Implemented a check using hash_hmac_algos() to ensure the provided algorithm is supported. If not, the function will fall back to md5.
Benefits:
Users can now choose more secure hashing algorithms like sha256.
Improved security by allowing the use of modern, collision-resistant hashing algorithms.
Backward Compatibility:
The function retains md5 as the default algorithm, ensuring backward compatibility with existing code.
Testing:
Tested with various algorithms (md5, sha256, sha512) to confirm correct functionality.
Validated fallback to md5 when an unsupported algorithm is provided.
Change History (10)
This ticket was mentioned in PR #7306 on WordPress/wordpress-develop by PushpenderIndia.
7 months ago
#1
#2
follow-up:
↓ 3
@
7 months ago
I think this is a good improvement.
The only suggestion I have is to throw an exception on non-hmac hashing algorithms instead of silently falling back to md5. This is security-sensitive code, and we should be more cautious and not forgiving.
#3
in reply to:
↑ 2
@
6 months ago
Replying to ayeshrajans:
I think this is a good improvement.
The only suggestion I have is to throw an exception on non-hmac hashing algorithms instead of silently falling back to md5. This is security-sensitive code, and we should be more cautious and not forgiving.
I've updated the code, now it will throw an exception on non-hmac hashing algorithms
#4
@
6 months ago
Hi @ayeshrajans , Now all the checks are passing and I've implemented the patch correctly as per your suggestions, I kindly request to review it and approve the changes.
#5
@
4 months ago
@pushpenderindia This seems like a sensible change. Out of interest do you have any concrete use cases for this change?
#6
@
3 months ago
- Focuses privacy removed
- Milestone changed from Awaiting Review to 6.8
- Owner set to johnbillion
- Status changed from new to accepted
@johnbillion commented on PR #7306:
2 months ago
#10
Committed in https://core.trac.wordpress.org/changeset/59578
Trac ticket: https://core.trac.wordpress.org/ticket/62005
### Summary
This PR updates the
wp_hashfunction to allow users to specify a custom hashing algorithm, enhancing the security and flexibility of the function. Previously, the function hardcoded themd5algorithm, which is vulnerable to collision attacks.### Changes:
$algoto thewp_hashfunction, allowing users to specify the hashing algorithm. The default remainsmd5for backward compatibility.hash_hmac_algos()to ensure the provided algorithm is supported. If not, the function will fall back tomd5.### Benefits:
sha256.### Backward Compatibility:
md5as the default algorithm, ensuring backward compatibility with existing code.### Testing:
md5,sha256,sha512) to confirm correct functionality.md5when an unsupported algorithm is provided.