Ulrich Windl wrote: > Hi! > > Maybe the binary or build process should use a test vector to warn if that > produces the wrong result, assuming the problem is the SHA code itself.
We're talking about a contrib module here. The Project doesn't make any promises to maintain these, they're just included for user convenience and are entirely up to the community to maintain. Certainly, a better written module would use an existing crypto library instead of duplicating SHA2 code on its own, but it's probably moot here since SHA is a poor choice of password hash algorithm. The only algos anyone should be using today are either PBKDF2 or ARGON2. As always, patches welcome, "free advice" to /dev/null. > > Regards, > Ulrich > > 29.12.2022 00:39:44 Howard Chu <[email protected]>: > >> Ralf Hildebrandt wrote: >>> Using slapd 2.5.13+dfsg-1ubuntu1 on ubuntu 22.10: >>> ================================================= >>> >>> The password hashes are differing between what "slappasswd" and >>> "openssl dgst" emit: >>> >>> $ slappasswd -s secret -h '{SHA256}' -o module-path=/usr/lib/ldap -o >>> module-load=pw-sha2 >>> {SHA256}WIrrpN3OjEVOUf6yrH1j+o+ODuUuNBo979Od4UXnu54= >>> >>> $ echo -n "secret" | openssl dgst -sha256 -binary | openssl enc -base64 >>> K7gNU3sdo+OL0wNhqoVWhr3g6s1xYv72ol/pe/Unols= >>> >>> With SHA512 on the other hand, the hash generated by different programs is >>> identical: >>> >>> $ slappasswd -s secret -h '{SHA512}' -o module-path=/usr/lib/ldap -o >>> module-load=pw-sha2 >>> {SHA512}vSsar3708Jvp9Szi2NWZZ02Bqp1qRCFpbcTZPdBhnWgs5WtNZKnvCXdhztmeD2cmW192CF5bDufKRpayrW/isg== >>> >>> $ echo -n "secret" | openssl dgst -sha512 -binary | openssl enc -base64 >>> vSsar3708Jvp9Szi2NWZZ02Bqp1qRCFpbcTZPdBhnWgs5WtNZKnvCXdhztmeD2cm >>> W192CF5bDufKRpayrW/isg== >>> >>> On an older box (ubuntu 20.04) with slapd 2.4.49+dfsg-2ubuntu1.9 we're >>> seeing: >>> ============================================================================== >>> >>> $ slappasswd -s secret -h '{SHA256}' -o module-path=/usr/lib/ldap -o >>> module-load=pw-sha2 >>> {SHA256}K7gNU3sdo+OL0wNhqoVWhr3g6s1xYv72ol/pe/Unols= >>> $ echo -n "secret" | openssl dgst -sha256 -binary | openssl enc -base64 >>> K7gNU3sdo+OL0wNhqoVWhr3g6s1xYv72ol/pe/Unols= >>> >>> >>> So why is the SHA256 password hash generated by the 2.5.13 slappasswd >>> command different from the hashes generated by the other programs/versions? >>> >> The source code for the pw-sha2 module hasn't changed since 2015 at least. >> There's no difference between 2.4 and 2.5. >> >> The variable here is your OS and compiler versions. I get the same result as >> you on ubuntu 22 with the >> default compile options. If I compile the module with only "-g" and no >> optimization, I get a different >> result. So the compiler is doing something screwy. >> >> Note that the sha2.c used in the pw module comes from >> https://aarongifford.com/computers/sha.html and is >> unmodified. Probably you should report a bug to the gcc project. >> >> -- >> -- Howard Chu >> CTO, Symas Corp. http://www.symas.com >> Director, Highland Sun http://highlandsun.com/hyc/ >> Chief Architect, OpenLDAP http://www.openldap.org/project/ > -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
