Insuficient entropy in CSRF token

Othernet-Project / bottle-utils

Miscellaneous utiltiies for Bottle, Python web framework

http://bottle-utils.readthedocs.org/en/latest/

Other

26 stars 5 forks source link

Insuficient entropy in CSRF token #23

Open randomstuff opened 6 years ago

randomstuff commented 6 years ago

The CSRF token is using 64 bits of entropy :

sha256 = hashlib.sha256()
sha256.update(os.urandom(8))
token = sha256.hexdigest().encode(ENCODING)
response.set_cookie(token_name, token, path=path,
                                  secret=secret, max_age=expires)
request.csrf_token = token.decode(ENCODING)

Apparently, the 128 bits of entropy is considered a minimum these days, the OWASP example is using 512 bits of entropy.

randomstuff commented 6 years ago

By the way I don't think using SHA256 is any useful here. You could just as well keep the original random bytes. You won't get any extra entropy by hashing it.