Re: [Zope3-dev] SHA1Password manager, add a pinch of salt
Giovannetti, Mark wrote: From: Dmitry Vasiliev [mailto:[EMAIL PROTECTED] Giovannetti, Mark wrote: Surely, welcoming obvious improvements that will save some other zope developer from re-implementing a secure /etc/passwd equivalent is desirable. I agreed. I'll apply slightly modified version of the patch with fixed-length salt if you don't object. By all means, I have no objections. Thanks! The changes committed at revision 74700. Python 2.5 has hashlib which supports sha224, sha256 and so forth. I may look into adding support for those hashes to password when zope has been updated for 2.5. I think in this case it will make sense to move the module into self contained package for example zope.app.password or even zope.password. Ok, I might be able to help if you want. It would be cool! By the way you may consider to join Zope Foundation as Committer Member (http://foundation.zope.org/members/classes.html) if you want to contribute. -- Dmitry Vasiliev http://hlabs.spb.ru ___ Zope3-dev mailing list Zope3-dev@zope.org Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com
Re: [Zope3-dev] SHA1Password manager, add a pinch of salt
Giovannetti, Mark wrote: From: Dmitry Vasiliev [mailto:[EMAIL PROTECTED] Slices doesn't wrap around. Right, this was what I was seeing/thinking about: for i in range(41): print i, "'" + "password"[:i-40] + "'" [skip] Can't really call it wrap around, I guess. Anyway: def checkPassword(self, storedPassword, password): salt = storedPassword[:max(0, len(storedPassword)-40)] return storedPassword == self.encodePassword(password, salt) With Python you can do things as simply as possible. :-) The expression storedPassword[:-40] (which is equivalent to storedPassword[:len(storedPassword)-40]) does exactly what you want: >>> "password"[:-40] '' Keeping it simple is often the best way. Given the above, in order to ensure a blank salt with a password less than 40 characters, keeping it simple may not suffice. I think in the example above you're testing for wrong use case since we use constant slice index, the following example explains what I mean: >>> hash = "123456789" >>> while hash: ... print (hash[:-4], hash[-4:]) ... hash = hash[1:] ... ('12345', '6789') ('2345', '6789') ('345', '6789') ('45', '6789') ('5', '6789') ('', '6789') ('', '789') ('', '89') ('', '9') -- Dmitry Vasiliev http://hlabs.spb.ru ___ Zope3-dev mailing list Zope3-dev@zope.org Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com
RE: [Zope3-dev] SHA1Password manager, add a pinch of salt
> -Original Message- > From: Dmitry Vasiliev [mailto:[EMAIL PROTECTED] > > Slices doesn't wrap around. Right, this was what I was seeing/thinking about: >>> for i in range(41): print i, "'" + "password"[:i-40] + "'" ... 0 '' 1 '' 2 '' 3 '' 4 '' 5 '' 6 '' 7 '' 8 '' 9 '' 10 '' 11 '' 12 '' 13 '' 14 '' 15 '' 16 '' 17 '' 18 '' 19 '' 20 '' 21 '' 22 '' 23 '' 24 '' 25 '' 26 '' 27 '' 28 '' 29 '' 30 '' 31 '' 32 '' 33 'p' 34 'pa' 35 'pas' 36 'pass' 37 'passw' 38 'passwo' 39 'passwor' 40 '' Can't really call it wrap around, I guess. > > > Might make debugging a problem just a little > > easier, you never know. > > > > Anyway: > > > > def checkPassword(self, storedPassword, password): > > salt = storedPassword[:max(0, len(storedPassword)-40)] > > return storedPassword == self.encodePassword(password, salt) > > With Python you can do things as simply as possible. :-) The > expression > storedPassword[:-40] (which is equivalent to > storedPassword[:len(storedPassword)-40]) does exactly what you want: > > >>> "password"[:-40] > '' > Keeping it simple is often the best way. Given the above, in order to ensure a blank salt with a password less than 40 characters, keeping it simple may not suffice. Cheers Mark -- 613-947-1359 System Scientist / Scientifique, spécialiste des systèmes Canada Centre for Remote Sensing / Centre canadien de télédéction Natural Resources Canada, 588 Booth Street, Ottawa, Ontario, Canada, K1A 0Y7 Ressources naturelles Canada, 588 rue Booth, Ottawa, Ontario, Canada, K1A 0Y7 Government of Canada / Gouvernement du Canada ___ Zope3-dev mailing list Zope3-dev@zope.org Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com
RE: [Zope3-dev] SHA1Password manager, add a pinch of salt
> -Original Message- > From: Dmitry Vasiliev [mailto:[EMAIL PROTECTED] > > Giovannetti, Mark wrote: > > Surely, welcoming obvious improvements that will save some > > other zope developer from re-implementing a secure /etc/passwd > > equivalent is desirable. > > I agreed. I'll apply slightly modified version of the patch with > fixed-length salt if you don't object. > By all means, I have no objections. Thanks! > > Python 2.5 has hashlib which supports sha224, sha256 and so forth. > > I may look into adding support for those hashes to password > > when zope has been updated for 2.5. > > I think in this case it will make sense to move the module into self > contained package for example zope.app.password or even zope.password. Ok, I might be able to help if you want. Regards, Mark ___ Zope3-dev mailing list Zope3-dev@zope.org Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com
Re: [Zope3-dev] SHA1Password manager, add a pinch of salt
Giovannetti, Mark wrote: From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Martijn Pieters def checkPassword(self, storedPassword, password): salt = storedPassword[:len(storedPassword)-40] return storedPassword == self.encodePassword(password, salt) That'll capture any salt length as the sha.hexdigest output is always 40 characters long. I like that update. However, it would fail authentication on stored lengths less than 40. Yes, I know that a length less than 40 would mean an anomalous stored password, but at least we guarantee a blank '' salt, rather than the possibility of getting some of the last hex digits of the stored password due to list wrap around. Slices doesn't wrap around. Might make debugging a problem just a little easier, you never know. Anyway: def checkPassword(self, storedPassword, password): salt = storedPassword[:max(0, len(storedPassword)-40)] return storedPassword == self.encodePassword(password, salt) With Python you can do things as simply as possible. :-) The expression storedPassword[:-40] (which is equivalent to storedPassword[:len(storedPassword)-40]) does exactly what you want: >>> "password"[:-40] '' -- Dmitry Vasiliev http://hlabs.spb.ru ___ Zope3-dev mailing list Zope3-dev@zope.org Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com
Re: [Zope3-dev] SHA1Password manager, add a pinch of salt
Giovannetti, Mark wrote: Surely, welcoming obvious improvements that will save some other zope developer from re-implementing a secure /etc/passwd equivalent is desirable. I agreed. I'll apply slightly modified version of the patch with fixed-length salt if you don't object. Python 2.5 has hashlib which supports sha224, sha256 and so forth. I may look into adding support for those hashes to password when zope has been updated for 2.5. I think in this case it will make sense to move the module into self contained package for example zope.app.password or even zope.password. -- Dmitry Vasiliev http://hlabs.spb.ru ___ Zope3-dev mailing list Zope3-dev@zope.org Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com
Re: [Zope3-dev] SHA1Password manager, add a pinch of salt
On Apr 23, 2007, at 12:03 PM, Giovannetti, Mark wrote: You make a point, although I would expect a reference implementation to be as good as possible. Hence, improvements can be encouraged and, perhaps, the security bar raised. Adding this salt patch allows a better, more secure reference implementation. Surely, welcoming obvious improvements that will save some other zope developer from re-implementing a secure /etc/passwd equivalent is desirable. +1 Gary ___ Zope3-dev mailing list Zope3-dev@zope.org Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com
Re: [Zope3-dev] SHA1Password manager, add a pinch of salt
Giovannetti, Mark wrote: I like that update. However, it would fail authentication on stored lengths less than 40. Yes, I know that a length less than 40 would mean an anomalous stored password, but at least we guarantee a blank '' salt, rather than the possibility of getting some of the last hex digits of the stored password due to list wrap around. Might make debugging a problem just a little easier, you never know. How about putting the salt on the end of the stored value. Then fetching the salt would look like this: salt = storedPassword[40:] That way if the stored value was less than 40 characters, the salt would be the empty string. -- Benji York Senior Software Engineer Zope Corporation ___ Zope3-dev mailing list Zope3-dev@zope.org Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com
RE: [Zope3-dev] SHA1Password manager, add a pinch of salt
Hi Dimitry, > -Original Message- > From: Dmitry Vasiliev [mailto:[EMAIL PROTECTED] > > Giovannetti, Mark wrote: > > I've been researching authentication and whatnot in Zope 3 > > and was looking at the password management implementations. > > I don't like the fact that the SHA1 password manager > > doesn't use a random salt value when encoding and storing > > a password. Salts are commonly used in /etc/passwd and > > friends to eliminate the identification of passwords that > > are the same among users, as well as to make the brute > > forcing space a little larger. > > Actually I've always thought about z.a.authentication.password as a > simple reference implementation which you can use if you > don't care much > about security. However in production it always preferred to use more > secure password managers. I'm not sure we need to apply the proposed > patch but rather add note about reference implementation at > the top of > the z.a.a.password. > You make a point, although I would expect a reference implementation to be as good as possible. Hence, improvements can be encouraged and, perhaps, the security bar raised. Adding this salt patch allows a better, more secure reference implementation. Surely, welcoming obvious improvements that will save some other zope developer from re-implementing a secure /etc/passwd equivalent is desirable. A note is likely to make the potential zope developer sigh and realize that there is more work for them to do. Don't get me wrong, I will be using LDAP in the future, but for many zope implementations, a good local passwd file is and can be secure enough for people who care about security. I do, which is why I took the time to write this patch. Anyway, I hope I've convinced you! If not, c'est la vie! Mark P.S. Python 2.5 has hashlib which supports sha224, sha256 and so forth. I may look into adding support for those hashes to password when zope has been updated for 2.5. ___ Zope3-dev mailing list Zope3-dev@zope.org Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com
RE: [Zope3-dev] SHA1Password manager, add a pinch of salt
Hi Martijn, > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On > Behalf Of Martijn Pieters > > On 4/20/07, Giovannetti, Mark <[EMAIL PROTECTED]> wrote: > > +def checkPassword(self, storedPassword, password): > > +if len(storedPassword) == 48: > > +salt = storedPassword[0:8] > > +else: > > +salt = '' > > +return storedPassword == > self.encodePassword(password, salt) > > Because you allow the passing in of an arbirtary salt on encoding, you > should either check the salt length on encoding (ensuring len 8) or, > better, do the following: > > def checkPassword(self, storedPassword, password): > salt = storedPassword[:len(storedPassword)-40] > return storedPassword == self.encodePassword(password, salt) > > That'll capture any salt length as the sha.hexdigest output is always > 40 characters long. > I like that update. However, it would fail authentication on stored lengths less than 40. Yes, I know that a length less than 40 would mean an anomalous stored password, but at least we guarantee a blank '' salt, rather than the possibility of getting some of the last hex digits of the stored password due to list wrap around. Might make debugging a problem just a little easier, you never know. Anyway: def checkPassword(self, storedPassword, password): salt = storedPassword[:max(0, len(storedPassword)-40)] return storedPassword == self.encodePassword(password, salt) Thanks! Mark ___ Zope3-dev mailing list Zope3-dev@zope.org Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com
Re: [Zope3-dev] SHA1Password manager, add a pinch of salt
Giovannetti, Mark wrote: I've been researching authentication and whatnot in Zope 3 and was looking at the password management implementations. I don't like the fact that the SHA1 password manager doesn't use a random salt value when encoding and storing a password. Salts are commonly used in /etc/passwd and friends to eliminate the identification of passwords that are the same among users, as well as to make the brute forcing space a little larger. Actually I've always thought about z.a.authentication.password as a simple reference implementation which you can use if you don't care much about security. However in production it always preferred to use more secure password managers. I'm not sure we need to apply the proposed patch but rather add note about reference implementation at the top of the z.a.a.password. -- Dmitry Vasiliev http://hlabs.spb.ru ___ Zope3-dev mailing list Zope3-dev@zope.org Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com
Re: [Zope3-dev] SHA1Password manager, add a pinch of salt
On 4/20/07, Giovannetti, Mark <[EMAIL PROTECTED]> wrote: +def checkPassword(self, storedPassword, password): +if len(storedPassword) == 48: +salt = storedPassword[0:8] +else: +salt = '' +return storedPassword == self.encodePassword(password, salt) Because you allow the passing in of an arbirtary salt on encoding, you should either check the salt length on encoding (ensuring len 8) or, better, do the following: def checkPassword(self, storedPassword, password): salt = storedPassword[:len(storedPassword)-40] return storedPassword == self.encodePassword(password, salt) That'll capture any salt length as the sha.hexdigest output is always 40 characters long. -- Martijn Pieters ___ Zope3-dev mailing list Zope3-dev@zope.org Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com