11ad32c85e
The test documents the current behavior of hashing algorithms that fail if the passphrase has 512 bytes or more. Moreover, it documents the behavior of the current bcrypt implementation that compares only the first 72 bytes of the password. Although we don't typically use bcrypt for password hashing, it is possible to insert such a hash using `CREATE ROLE ... WITH HASHED PASSWORD ...`. Refs: scylladb/scylladb#26842
139 lines
4.7 KiB
C++
139 lines
4.7 KiB
C++
/*
|
|
* Copyright (C) 2018-present ScyllaDB
|
|
*/
|
|
|
|
/*
|
|
* SPDX-License-Identifier: LicenseRef-ScyllaDB-Source-Available-1.0
|
|
*/
|
|
|
|
#include <seastar/testing/test_case.hh>
|
|
|
|
#include <array>
|
|
#include <random>
|
|
#include <unordered_set>
|
|
|
|
#include "auth/passwords.hh"
|
|
|
|
#include <boost/test/unit_test.hpp>
|
|
#include <seastar/core/sstring.hh>
|
|
#include <seastar/core/coroutine.hh>
|
|
|
|
#include "seastarx.hh"
|
|
|
|
extern "C" {
|
|
#include <crypt.h>
|
|
#include <unistd.h>
|
|
}
|
|
|
|
static auto rng_for_salt = std::default_random_engine(std::random_device{}());
|
|
|
|
//
|
|
// The same password hashed multiple times will result in different strings because the salt will be different.
|
|
//
|
|
SEASTAR_TEST_CASE(passwords_are_salted) {
|
|
const char* const cleartext = "my_excellent_password";
|
|
std::unordered_set<sstring> observed_passwords{};
|
|
|
|
for (int i = 0; i < 10; ++i) {
|
|
const sstring e = auth::passwords::hash(cleartext, rng_for_salt, auth::passwords::scheme::sha_512);
|
|
BOOST_REQUIRE(!observed_passwords.contains(e));
|
|
observed_passwords.insert(e);
|
|
}
|
|
co_return;
|
|
}
|
|
|
|
//
|
|
// A hashed password will authenticate against the same password in cleartext.
|
|
//
|
|
SEASTAR_TEST_CASE(correct_passwords_authenticate) {
|
|
// Common passwords.
|
|
std::array<const char*, 3> passwords{
|
|
"12345",
|
|
"1_am_the_greatest!",
|
|
"password1"
|
|
};
|
|
|
|
for (const char* p : passwords) {
|
|
BOOST_REQUIRE(co_await auth::passwords::check(p, auth::passwords::hash(p, rng_for_salt, auth::passwords::scheme::sha_512)));
|
|
}
|
|
}
|
|
|
|
std::string long_password(uint32_t len) {
|
|
std::string out;
|
|
auto pattern = "0123456789";
|
|
for (uint32_t i = 0; i < len; ++i) {
|
|
out.push_back(pattern[i % strlen(pattern)]);
|
|
}
|
|
|
|
return out;
|
|
}
|
|
|
|
SEASTAR_TEST_CASE(same_hashes_as_crypt_h) {
|
|
|
|
std::string long_pwd_254 = long_password(254);
|
|
std::string long_pwd_255 = long_password(255);
|
|
std::string long_pwd_511 = long_password(511);
|
|
|
|
std::array<const char*, 8> passwords{
|
|
"12345",
|
|
"1_am_the_greatest!",
|
|
"password1",
|
|
// Some special characters
|
|
"!@#$%^&*()_+-=[]{}|\n;:'\",.<>/?",
|
|
// UTF-8 characters
|
|
"こんにちは、世界!",
|
|
// Passwords close to __crypt_sha512 length limit
|
|
long_pwd_254.c_str(),
|
|
long_pwd_255.c_str(),
|
|
// Password of maximal accepted length
|
|
long_pwd_511.c_str(),
|
|
};
|
|
|
|
auto salt = "$6$aaaabbbbccccdddd";
|
|
|
|
for (const char* p : passwords) {
|
|
auto res = co_await auth::passwords::detail::hash_with_salt_async(p, salt);
|
|
BOOST_REQUIRE(res == auth::passwords::detail::hash_with_salt(p, salt));
|
|
}
|
|
}
|
|
|
|
SEASTAR_TEST_CASE(too_long_password) {
|
|
auto p1 = long_password(71);
|
|
auto p2 = long_password(72);
|
|
auto p3 = long_password(73);
|
|
auto too_long_password = long_password(512);
|
|
|
|
auto salt_bcrypt = "$2a$05$mAyzaIeJu41dWUkxEbn8hO";
|
|
auto h1_bcrypt = co_await auth::passwords::detail::hash_with_salt_async(p1, salt_bcrypt);
|
|
auto h2_bcrypt = co_await auth::passwords::detail::hash_with_salt_async(p2, salt_bcrypt);
|
|
auto h3_bcrypt = co_await auth::passwords::detail::hash_with_salt_async(p3, salt_bcrypt);
|
|
BOOST_REQUIRE(h1_bcrypt != h2_bcrypt);
|
|
|
|
// The check below documents the behavior of the current bcrypt
|
|
// implementation that compares only the first 72 bytes of the password.
|
|
// Although we don't typically use bcrypt for password hashing, it is
|
|
// possible to insert such a hash using`CREATE ROLE ... WITH HASHED PASSWORD ...`.
|
|
// Refs: scylladb/scylladb#26842
|
|
BOOST_REQUIRE(h2_bcrypt == h3_bcrypt);
|
|
|
|
// The current implementation of bcrypt password hasing fails with passwords of length 512 and above
|
|
BOOST_CHECK_THROW(co_await auth::passwords::detail::hash_with_salt_async(too_long_password, salt_bcrypt), std::system_error);
|
|
|
|
auto salt_sha512 = "$6$aaaabbbbccccdddd";
|
|
auto h1_sha512 = co_await auth::passwords::detail::hash_with_salt_async(p1, salt_sha512);
|
|
auto h2_sha512 = co_await auth::passwords::detail::hash_with_salt_async(p2, salt_sha512);
|
|
auto h3_sha512 = co_await auth::passwords::detail::hash_with_salt_async(p3, salt_sha512);
|
|
BOOST_REQUIRE(h1_sha512 != h2_sha512);
|
|
BOOST_REQUIRE(h2_sha512 != h3_sha512);
|
|
// The current implementation of SHA-512 password hasing fails with passwords of length 512 and above
|
|
BOOST_CHECK_THROW(co_await auth::passwords::detail::hash_with_salt_async(too_long_password, salt_sha512), std::system_error);
|
|
}
|
|
|
|
//
|
|
// A hashed password that does not match the password in cleartext does not authenticate.
|
|
//
|
|
SEASTAR_TEST_CASE(incorrect_passwords_do_not_authenticate) {
|
|
const sstring hashed_password = auth::passwords::hash("actual_password", rng_for_salt,auth::passwords::scheme::sha_512);
|
|
BOOST_REQUIRE(!co_await auth::passwords::check("password_guess", hashed_password));
|
|
}
|