Closed Bug 742751 Opened 13 years ago Closed 13 years ago

Encrypt in-app payment secrets

Categories

(addons.mozilla.org Graveyard :: API, defect, P1)

Product:
addons.mozilla.org Graveyard
Component:
API
Platform:
x86
macOS
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: kumar, Assigned: kumar)

References

Details

+++ This bug was initially created as a clone of Bug #736573 +++

For an app to talk securely to the marketplace it needs to encrypt all requests with its secret (provided on sign-up in bug 703093)

Instead of storing plain text secrets in the database we can store an encrypted secret in the database using a secure key.

The marketplace app will have two main parts:

- when a secret is generated on the management pages, encrypt/decrypt using a key file
- when an app makes a payment request, decrypt its secret to verify the request

Some concerns:
- the key will need to be stored in a vault away from the db
- we need a way to rotate the key easily

For reference: http://dev.mysql.com/doc/refman/5.5/en/encryption-functions.html#function_aes-decrypt
Blocks: 742752
Is this really a blocker?  I thought we decided we weren't going to do this.  Or was that just off the HSM?
Assignee: nobody → kumar.mcmillan
AFAIK, we do still need to encrypt them, but we don't need to use the HSM to do it.
last I heard, security said encryption was a blocker. rforbes, is that still correct? Otherwise we're storing plaintext payment secrets in the db.
Target Milestone: --- → 6.5.1
Target Milestone: 6.5.1 → 6.5.2
This has been fixed: https://github.com/mozilla/zamboni/commit/32883fe58a89b3f429a0512fd1f9ea50c4e33c66

To deploy this we need:

python manage.py genkey

which will create a key file. The path to that file needs to be set in INAPP_KEY_PATH. I'll add these to our deploy notes.
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Product: addons.mozilla.org → addons.mozilla.org Graveyard
You need to log in before you can comment on or make changes to this bug.