[jira] [Commented] (CODEC-245) RegEx for verifying salts in ShaCrypt is incorrect
[
https://issues.apache.org/jira/browse/CODEC-245?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16376204#comment-16376204
]
Gary Gregory commented on CODEC-245:
I'm open to discussing what makes the most sense for users here, while keeping
in mind reasonable backward compatibility if possible.
> RegEx for verifying salts in ShaCrypt is incorrect
> --
>
> Key: CODEC-245
> URL: https://issues.apache.org/jira/browse/CODEC-245
> Project: Commons Codec
> Issue Type: Bug
>Affects Versions: 1.11
>Reporter: Simon Levermann
>Priority: Major
>
> The regex/code that extracts the salt from a given salt string in Sha2Crypt
> treats some invalid salt formats as valid:
> {code:java}
> ^\$([56])\$(rounds=(\d+)\$)?([\.\/a-zA-Z0-9]{1,16}).*
> {code}
> The code then goes on to use capture group 3 (the round count) to determine
> how many rounds are used, and capture group 4 (the actual salt) to use as
> salt data.
> However, for an input that contains an invalid salt specification like this:
> {code:java}
> $5$notrounds=1000$asdfasdf
> {code}
> This string is treated as valid. The operation then uses "notrounds" as the
> salt for hashing:
> {code:java}
> System.out.println(Sha2Crypt.sha256Crypt(new byte[100],
> "$5$notrounds=1000$asdfasdf"));
> {code}
> The above code prints
> {code:java}
> $5$notrounds$aAEx6EzUBfc.aIIeiItVjUREbj/ar4xlb/qcMxD90NA
> {code}
> This code should probably throw an exception. Additionally, other invalid
> salt strings like
>
> {code:java}
> $6$rounds=1000$äöüäöü
> {code}
> Result in hashes like:
> {code:java}
> $5$rounds$ZIRdMgi25kK5Zmi1whKjcnFN/Pe8QCAOlTmxMfwAoq5
> {code}
> Completely ignoring the rounds parameter, and using the literal string
> "rounds" as the salt for hashing.
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (CODEC-245) RegEx for verifying salts in ShaCrypt is incorrect
[
https://issues.apache.org/jira/browse/CODEC-245?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16369090#comment-16369090
]
Simon Levermann commented on CODEC-245:
---
Is there interest in a PR that aligns the behaviour to be more similar to the
original crypt function, or should this behaviour (since honestly, I found it
quite unexpected) not be ported to this library?
> RegEx for verifying salts in ShaCrypt is incorrect
> --
>
> Key: CODEC-245
> URL: https://issues.apache.org/jira/browse/CODEC-245
> Project: Commons Codec
> Issue Type: Bug
>Affects Versions: 1.11
>Reporter: Simon Levermann
>Priority: Major
>
> The regex/code that extracts the salt from a given salt string in Sha2Crypt
> treats some invalid salt formats as valid:
> {code:java}
> ^\$([56])\$(rounds=(\d+)\$)?([\.\/a-zA-Z0-9]{1,16}).*
> {code}
> The code then goes on to use capture group 3 (the round count) to determine
> how many rounds are used, and capture group 4 (the actual salt) to use as
> salt data.
> However, for an input that contains an invalid salt specification like this:
> {code:java}
> $5$notrounds=1000$asdfasdf
> {code}
> This string is treated as valid. The operation then uses "notrounds" as the
> salt for hashing:
> {code:java}
> System.out.println(Sha2Crypt.sha256Crypt(new byte[100],
> "$5$notrounds=1000$asdfasdf"));
> {code}
> The above code prints
> {code:java}
> $5$notrounds$aAEx6EzUBfc.aIIeiItVjUREbj/ar4xlb/qcMxD90NA
> {code}
> This code should probably throw an exception. Additionally, other invalid
> salt strings like
>
> {code:java}
> $6$rounds=1000$äöüäöü
> {code}
> Result in hashes like:
> {code:java}
> $5$rounds$ZIRdMgi25kK5Zmi1whKjcnFN/Pe8QCAOlTmxMfwAoq5
> {code}
> Completely ignoring the rounds parameter, and using the literal string
> "rounds" as the salt for hashing.
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (CODEC-245) RegEx for verifying salts in ShaCrypt is incorrect
[
https://issues.apache.org/jira/browse/CODEC-245?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16361183#comment-16361183
]
Simon Levermann commented on CODEC-245:
---
Though I suppose it's still *somewhat* incorrect: Apparently, *all bytes* are
valid salts, not just base64 characters. For example, invoking the libc crypt
function like this:
{code:java}
char *foo = crypt("asdfasdf", "$6$mounds=1000$asdf$");
{code}
results in the following hash:
{code:java}
$6$mounds=1000$A9qEzceIj1cqGxb4w8WdBvHHotUYOmx.xnedWJRwQQJCZCHKpSHX4qwcY9DIvXN.ggWMhKRW4pE93oGgPOOBy0
{code}
That is: "mounds=1000" is the literal salt here, and the actually supplied
salt, "asdf" is discarded. Apparently the specification does NOT mandate that
salts must be B64-encoded. It seems like any bytes (even non-printable
characters) are valid for salts, but only ever the first 16 bytes are used.
Thoughts on how to continue here?
> RegEx for verifying salts in ShaCrypt is incorrect
> --
>
> Key: CODEC-245
> URL: https://issues.apache.org/jira/browse/CODEC-245
> Project: Commons Codec
> Issue Type: Bug
>Affects Versions: 1.11
>Reporter: Simon Levermann
>Priority: Major
>
> The regex/code that extracts the salt from a given salt string in Sha2Crypt
> treats some invalid salt formats as valid:
> {code:java}
> ^\$([56])\$(rounds=(\d+)\$)?([\.\/a-zA-Z0-9]{1,16}).*
> {code}
> The code then goes on to use capture group 3 (the round count) to determine
> how many rounds are used, and capture group 4 (the actual salt) to use as
> salt data.
> However, for an input that contains an invalid salt specification like this:
> {code:java}
> $5$notrounds=1000$asdfasdf
> {code}
> This string is treated as valid. The operation then uses "notrounds" as the
> salt for hashing:
> {code:java}
> System.out.println(Sha2Crypt.sha256Crypt(new byte[100],
> "$5$notrounds=1000$asdfasdf"));
> {code}
> The above code prints
> {code:java}
> $5$notrounds$aAEx6EzUBfc.aIIeiItVjUREbj/ar4xlb/qcMxD90NA
> {code}
> This code should probably throw an exception. Additionally, other invalid
> salt strings like
>
> {code:java}
> $6$rounds=1000$äöüäöü
> {code}
> Result in hashes like:
> {code:java}
> $5$rounds$ZIRdMgi25kK5Zmi1whKjcnFN/Pe8QCAOlTmxMfwAoq5
> {code}
> Completely ignoring the rounds parameter, and using the literal string
> "rounds" as the salt for hashing.
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (CODEC-245) RegEx for verifying salts in ShaCrypt is incorrect
[
https://issues.apache.org/jira/browse/CODEC-245?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16361180#comment-16361180
]
Simon Levermann commented on CODEC-245:
---
Well it turns out it was I who was wrong. The spec for shacrypt was apparently
written with the following thought in mind: "Invalid inputs do not exist. Every
input is valid *no matter what*". So, apparently, this behaviour, despite being
HIGHLY confusing and obviously insane, is correct. Not quite sure what to do
about this.
> RegEx for verifying salts in ShaCrypt is incorrect
> --
>
> Key: CODEC-245
> URL: https://issues.apache.org/jira/browse/CODEC-245
> Project: Commons Codec
> Issue Type: Bug
>Affects Versions: 1.11
>Reporter: Simon Levermann
>Priority: Major
>
> The regex/code that extracts the salt from a given salt string in Sha2Crypt
> treats some invalid salt formats as valid:
> {code:java}
> ^\$([56])\$(rounds=(\d+)\$)?([\.\/a-zA-Z0-9]{1,16}).*
> {code}
> The code then goes on to use capture group 3 (the round count) to determine
> how many rounds are used, and capture group 4 (the actual salt) to use as
> salt data.
> However, for an input that contains an invalid salt specification like this:
> {code:java}
> $5$notrounds=1000$asdfasdf
> {code}
> This string is treated as valid. The operation then uses "notrounds" as the
> salt for hashing:
> {code:java}
> System.out.println(Sha2Crypt.sha256Crypt(new byte[100],
> "$5$notrounds=1000$asdfasdf"));
> {code}
> The above code prints
> {code:java}
> $5$notrounds$aAEx6EzUBfc.aIIeiItVjUREbj/ar4xlb/qcMxD90NA
> {code}
> This code should probably throw an exception. Additionally, other invalid
> salt strings like
>
> {code:java}
> $6$rounds=1000$äöüäöü
> {code}
> Result in hashes like:
> {code:java}
> $5$rounds$ZIRdMgi25kK5Zmi1whKjcnFN/Pe8QCAOlTmxMfwAoq5
> {code}
> Completely ignoring the rounds parameter, and using the literal string
> "rounds" as the salt for hashing.
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (CODEC-245) RegEx for verifying salts in ShaCrypt is incorrect
[
https://issues.apache.org/jira/browse/CODEC-245?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16361065#comment-16361065
]
Gary Gregory commented on CODEC-245:
We gladly accept GitHub PRs :) with a unit test would be fantastic.
> RegEx for verifying salts in ShaCrypt is incorrect
> --
>
> Key: CODEC-245
> URL: https://issues.apache.org/jira/browse/CODEC-245
> Project: Commons Codec
> Issue Type: Bug
>Affects Versions: 1.11
>Reporter: Simon Levermann
>Priority: Major
>
> The regex/code that extracts the salt from a given salt string in Sha2Crypt
> treats some invalid salt formats as valid:
> {code:java}
> ^\$([56])\$(rounds=(\d+)\$)?([\.\/a-zA-Z0-9]{1,16}).*
> {code}
> The code then goes on to use capture group 3 (the round count) to determine
> how many rounds are used, and capture group 4 (the actual salt) to use as
> salt data.
> However, for an input that contains an invalid salt specification like this:
> {code:java}
> $5$notrounds=1000$asdfasdf
> {code}
> This string is treated as valid. The operation then uses "notrounds" as the
> salt for hashing:
> {code:java}
> System.out.println(Sha2Crypt.sha256Crypt(new byte[100],
> "$5$notrounds=1000$asdfasdf"));
> {code}
> The above code prints
> {code:java}
> $5$notrounds$aAEx6EzUBfc.aIIeiItVjUREbj/ar4xlb/qcMxD90NA
> {code}
> This code should probably throw an exceptions. Additionally, other invalid
> salt strings like
>
> {code:java}
> $6$rounds=1000$äöüäöü
> {code}
> Result in hashes like:
> {code:java}
> $5$rounds$ZIRdMgi25kK5Zmi1whKjcnFN/Pe8QCAOlTmxMfwAoq5
> {code}
> Completely ignoring the rounds parameter, and using the literal string
> "rounds" as the salt for hashing.
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
