b3c6af3923
Before this change, the following hashing schemes were supported by `identify_best_supported_scheme()`: bcrypt_y, bcrypt_a, SHA-512, SHA-256, and MD5. The reason for this was that the `crypt_r` function used for password hashing comes from an external library (currently `libxcrypt`), and the supported hashing algorithms vary depending on the library in use. However: - The bcrypt algorithms do not work because their scheme prefix lacks the required round count (e.g., it is `$2y$` instead of `$2y$05$`). We suspect this never worked as intended. Moreover, bcrypt tends to be slower than SHA-512, so we do not want to fix the prefix and start using it. - SHA-256 and SHA-512 are both part of the SHA-2 family, and libraries that support one almost always support the other. It is not expected to find a library that supports only SHA-256 but not SHA-512. - MD5 is not considered secure for password hashing. Therefore, this commit removes support for bcrypt_y, bcrypt_a, SHA-256, and MD5 for hashing new passwords to ensure that the correct hashing function (SHA-512) is used everywhere. This commit does not change the behavior of `passwords::check`, so it is still possible to use passwords hashed with the removed algorithms. Ref. scylladb/scylladb#24524
66 lines
1.5 KiB
C++
66 lines
1.5 KiB
C++
/*
|
|
* Copyright (C) 2018-present ScyllaDB
|
|
*/
|
|
|
|
/*
|
|
* SPDX-License-Identifier: LicenseRef-ScyllaDB-Source-Available-1.0
|
|
*/
|
|
|
|
#include "auth/passwords.hh"
|
|
|
|
#include <cerrno>
|
|
|
|
extern "C" {
|
|
#include <crypt.h>
|
|
#include <unistd.h>
|
|
}
|
|
|
|
namespace auth::passwords {
|
|
|
|
static thread_local crypt_data tlcrypt = {};
|
|
|
|
namespace detail {
|
|
|
|
void verify_scheme(scheme scheme) {
|
|
const sstring random_part_of_salt = "aaaabbbbccccdddd";
|
|
|
|
const sstring salt = sstring(prefix_for_scheme(scheme)) + random_part_of_salt;
|
|
const char* e = crypt_r("fisk", salt.c_str(), &tlcrypt);
|
|
|
|
if (e && (e[0] != '*')) {
|
|
return;
|
|
}
|
|
|
|
throw no_supported_schemes();
|
|
}
|
|
|
|
sstring hash_with_salt(const sstring& pass, const sstring& salt) {
|
|
auto res = crypt_r(pass.c_str(), salt.c_str(), &tlcrypt);
|
|
if (!res || (res[0] == '*')) {
|
|
throw std::system_error(errno, std::system_category());
|
|
}
|
|
return res;
|
|
}
|
|
|
|
std::string_view prefix_for_scheme(scheme c) noexcept {
|
|
switch (c) {
|
|
case scheme::bcrypt_y: return "$2y$";
|
|
case scheme::bcrypt_a: return "$2a$";
|
|
case scheme::sha_512: return "$6$";
|
|
case scheme::sha_256: return "$5$";
|
|
case scheme::md5: return "$1$";
|
|
}
|
|
}
|
|
|
|
} // namespace detail
|
|
|
|
no_supported_schemes::no_supported_schemes()
|
|
: std::runtime_error("No allowed hashing schemes are supported on this system") {
|
|
}
|
|
|
|
bool check(const sstring& pass, const sstring& salted_hash) {
|
|
return detail::hash_with_salt(pass, salted_hash) == salted_hash;
|
|
}
|
|
|
|
} // namespace auth::passwords
|