[prev in list] [next in list] [prev in thread] [next in thread]
List: openldap-technical
Subject: Re: [EXT] Re: slappasswd generating a supposedly incorrect password hash (only when using {SHA256})
From: Howard Chu <hyc () symas ! com>
Date: 2022-12-29 12:55:45
Message-ID: 6b04a653-77be-54f4-0e3a-dd48ba84b18a () symas ! com
[Download RAW message or body]
Ulrich Windl wrote:
> Hi!
>
> Maybe the binary or build process should use a test vector to warn if that produces \
> the wrong result, assuming the problem is the SHA code itself.
We're talking about a contrib module here. The Project doesn't make any promises to \
maintain these, they're just included for user convenience and are entirely up to the \
community to maintain.
Certainly, a better written module would use an existing crypto library instead of \
duplicating SHA2 code on its own, but it's probably moot here since SHA is a poor \
choice of password hash algorithm. The only algos anyone should be using today are \
either PBKDF2 or ARGON2.
As always, patches welcome, "free advice" to /dev/null.
>
> Regards,
> Ulrich
>
> 29.12.2022 00:39:44 Howard Chu <hyc@symas.com>:
>
> > Ralf Hildebrandt wrote:
> > > Using slapd 2.5.13+dfsg-1ubuntu1 on ubuntu 22.10:
> > > =================================================
> > >
> > > The password hashes are differing between what "slappasswd" and
> > > "openssl dgst" emit:
> > >
> > > $ slappasswd -s secret -h '{SHA256}' -o module-path=/usr/lib/ldap -o \
> > > module-load=pw-sha2 {SHA256}WIrrpN3OjEVOUf6yrH1j+o+ODuUuNBo979Od4UXnu54=
> > >
> > > $ echo -n "secret" | openssl dgst -sha256 -binary | openssl enc -base64
> > > K7gNU3sdo+OL0wNhqoVWhr3g6s1xYv72ol/pe/Unols=
> > >
> > > With SHA512 on the other hand, the hash generated by different programs is \
> > > identical:
> > > $ slappasswd -s secret -h '{SHA512}' -o module-path=/usr/lib/ldap -o \
> > > module-load=pw-sha2 \
> > > {SHA512}vSsar3708Jvp9Szi2NWZZ02Bqp1qRCFpbcTZPdBhnWgs5WtNZKnvCXdhztmeD2cmW192CF5bDufKRpayrW/isg==
> > >
> > > $ echo -n "secret" | openssl dgst -sha512 -binary | openssl enc -base64
> > > vSsar3708Jvp9Szi2NWZZ02Bqp1qRCFpbcTZPdBhnWgs5WtNZKnvCXdhztmeD2cm
> > > W192CF5bDufKRpayrW/isg==
> > >
> > > On an older box (ubuntu 20.04) with slapd 2.4.49+dfsg-2ubuntu1.9 we're seeing:
> > > ==============================================================================
> > >
> > > $ slappasswd -s secret -h '{SHA256}' -o module-path=/usr/lib/ldap -o \
> > > module-load=pw-sha2 {SHA256}K7gNU3sdo+OL0wNhqoVWhr3g6s1xYv72ol/pe/Unols=
> > > $ echo -n "secret" | openssl dgst -sha256 -binary | openssl enc -base64
> > > K7gNU3sdo+OL0wNhqoVWhr3g6s1xYv72ol/pe/Unols=
> > >
> > >
> > > So why is the SHA256 password hash generated by the 2.5.13 slappasswd
> > > command different from the hashes generated by the other programs/versions?
> > >
> > The source code for the pw-sha2 module hasn't changed since 2015 at least. \
> > There's no difference between 2.4 and 2.5.
> > The variable here is your OS and compiler versions. I get the same result as you \
> > on ubuntu 22 with the default compile options. If I compile the module with only \
> > "-g" and no optimization, I get a different result. So the compiler is doing \
> > something screwy.
> > Note that the sha2.c used in the pw module comes from \
> > https://aarongifford.com/computers/sha.html and is unmodified. Probably you \
> > should report a bug to the gcc project.
> > --
> > -- Howard Chu
> > CTO, Symas Corp. http://www.symas.com
> > Director, Highland Sun http://highlandsun.com/hyc/
> > Chief Architect, OpenLDAP http://www.openldap.org/project/
>
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic