This is an automated email from the ASF dual-hosted git repository. rnewson pushed a commit to branch decouple_offline_hash_strength_from_online in repository https://gitbox.apache.org/repos/asf/couchdb.git
commit b1ecd6b69a463f3508627f75548fd654eb43dc34 Author: Robert Newson <[email protected]> AuthorDate: Wed Oct 18 16:58:32 2023 +0100 switch PBKDF2 to erlang/OTP implementation OTP 24+ --- src/couch/src/couch_passwords.erl | 71 ++++----------------------------------- 1 file changed, 7 insertions(+), 64 deletions(-) diff --git a/src/couch/src/couch_passwords.erl b/src/couch/src/couch_passwords.erl index b89104603..37f8c241e 100644 --- a/src/couch/src/couch_passwords.erl +++ b/src/couch/src/couch_passwords.erl @@ -113,62 +113,13 @@ pbkdf2(Password, Salt, Iterations, DerivedLength) when Iterations > 0, is_integer(DerivedLength) -> - L = ceiling(DerivedLength / ?SHA1_OUTPUT_LENGTH), - <<Bin:DerivedLength/binary, _/binary>> = - iolist_to_binary(pbkdf2(Password, Salt, Iterations, L, 1, [])), - {ok, couch_util:to_hex_bin(Bin)}. + DerivedKey = crypto:pbkdf2_hmac(sha, Password, Salt, Iterations, DerivedLength), + {ok, couch_util:to_hex_bin(DerivedKey)}. --spec pbkdf2(binary(), binary(), integer(), integer(), integer(), iolist()) -> - iolist(). -pbkdf2(_Password, _Salt, _Iterations, BlockCount, BlockIndex, Acc) when - BlockIndex > BlockCount --> - lists:reverse(Acc); -pbkdf2(Password, Salt, Iterations, BlockCount, BlockIndex, Acc) -> - Block = pbkdf2(Password, Salt, Iterations, BlockIndex, 1, <<>>, <<>>), - pbkdf2(Password, Salt, Iterations, BlockCount, BlockIndex + 1, [Block | Acc]). - --spec pbkdf2( - binary(), - binary(), - integer(), - integer(), - integer(), - binary(), - binary() -) -> binary(). -pbkdf2(_Password, _Salt, Iterations, _BlockIndex, Iteration, _Prev, Acc) when - Iteration > Iterations --> - Acc; -pbkdf2(Password, Salt, Iterations, BlockIndex, 1, _Prev, _Acc) -> - InitialBlock = couch_util:hmac( - sha, - Password, - <<Salt/binary, BlockIndex:32/integer>> - ), - pbkdf2( - Password, - Salt, - Iterations, - BlockIndex, - 2, - InitialBlock, - InitialBlock - ); -pbkdf2(Password, Salt, Iterations, BlockIndex, Iteration, Prev, Acc) -> - Next = couch_util:hmac(sha, Password, Prev), - pbkdf2( - Password, - Salt, - Iterations, - BlockIndex, - Iteration + 1, - Next, - crypto:exor(Next, Acc) - ). - -%% verify two lists for equality without short-circuits to avoid timing attacks. +-if((?OTP_RELEASE) >= 25). +verify(BinA, BinB) -> + crypto:hash_equals(BinA, BinB). +-else. -spec verify(string(), string(), integer()) -> boolean(). verify([X | RestX], [Y | RestY], Result) -> verify(RestX, RestY, (X bxor Y) bor Result); @@ -189,12 +140,4 @@ verify(X, Y) when is_list(X) and is_list(Y) -> end; verify(_X, _Y) -> false. - --spec ceiling(number()) -> integer(). -ceiling(X) -> - T = erlang:trunc(X), - case (X - T) of - Neg when Neg < 0 -> T; - Pos when Pos > 0 -> T + 1; - _ -> T - end. +-endif.
