cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jeff Jirsa (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CASSANDRA-13626) Check hashed password matches expected bcrypt hash format before checking
Date Wed, 30 Aug 2017 17:41:00 GMT

    [ https://issues.apache.org/jira/browse/CASSANDRA-13626?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16147668#comment-16147668
] 

Jeff Jirsa commented on CASSANDRA-13626:
----------------------------------------

Sam and I talked about this a bit offline, a few notes for those following along:
- The length is 60 now, but may be 59 with other bcrypt variants, and may be some other length
in the future. The two components of the length that were chosen before (salt+digest) were
expected to be fixed length, which is true now but may not be true later). ID is definitely
variable length now, though. 
- We don't want a real regex, for a few reasons (combination of futureproofing and the risk
of introducing auth weaknesses) - we should let bcrypt handle the hash, we don't need to get
involved.
- We can be less invasive here and make it slightly more testable by breaking the hash check
into its own static function 

Force pushed branches that simplifies things a bit, makes it less arbitrary.

|| branch || utest || dtest ||
| [3.0|https://github.com/jeffjirsa/cassandra/tree/cassandra-3.0-13626] | [3.0 circle|https://circleci.com/gh/jeffjirsa/cassandra/tree/cassandra-3.0-13626]
| [3.0 dtest|https://builds.apache.org/view/A-D/view/Cassandra/job/Cassandra-devbranch-dtest/244/]
|
| [3.11|https://github.com/jeffjirsa/cassandra/tree/cassandra-3.11-13626] | [3.11 circle|https://circleci.com/gh/jeffjirsa/cassandra/tree/cassandra-3.11-13626]
| [3.11 dtest|https://builds.apache.org/view/A-D/view/Cassandra/job/Cassandra-devbranch-dtest/245/]
|
| [trunk|https://github.com/jeffjirsa/cassandra/tree/cassandra-13626] | [trunk circle|https://circleci.com/gh/jeffjirsa/cassandra/tree/cassandra-13626]
| [trunk dtest|https://builds.apache.org/view/A-D/view/Cassandra/job/Cassandra-devbranch-dtest/246/]
|


> Check hashed password matches expected bcrypt hash format before checking
> -------------------------------------------------------------------------
>
>                 Key: CASSANDRA-13626
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-13626
>             Project: Cassandra
>          Issue Type: Bug
>          Components: Auth
>            Reporter: Jeff Jirsa
>            Assignee: Jeff Jirsa
>            Priority: Minor
>             Fix For: 3.0.x, 3.11.x, 4.x
>
>
> We use {{Bcrypt.checkpw}} in the auth subsystem, but do a reasonably poor job of guaranteeing
that the hashed password we send to it is really a hashed password, and {{checkpw}} does an
even worse job of failing nicely. We should at least sanity check the hash complies with the
expected format prior to validating.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cassandra.apache.org
For additional commands, e-mail: commits-help@cassandra.apache.org


Mime
View raw message