Switch to direct usage of bcrypt

Continue the journey deprecating abandoned passlib. Move bcrypt hashing
to `bcrypt` library directly

- for `bcrypt` hash type simply passthrough to the `bcrypt` lib
- `bcrypt-sha256` implement the same format and processing as `passlib`
  does to guarantee backwards compatibility.

Change-Id: I1b7ce09638d2d5501494326f8c01162279a85896
This commit is contained in:
Artem Goncharov 2024-09-23 13:26:25 +02:00
parent 4c4bd6e1d1
commit 364e8bb712
3 changed files with 231 additions and 5 deletions

View File

@ -0,0 +1,156 @@
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import base64
import hmac
import bcrypt
from keystone import exception
class Bcrypt:
"""passlib transition class for implementing bcrypt password hashing"""
name: str = "bcrypt"
ident_values: set[str] = {"$2$", "$2a$", "$2b$", "$2x$", "$2y$"}
@staticmethod
def hash(
password: bytes,
rounds: int = 12,
**kwargs,
) -> str:
"""Generate password hash string with ident and params
https://pypi.org/project/bcrypt/
:param bytes password: Password to be hashed.
:param int round: Count of rounds.
:returns: String in format `$2b${rounds}${salt}{digest}`
"""
salt: bytes = bcrypt.gensalt(rounds)
digest: bytes = bcrypt.hashpw(password, salt)
return digest.decode("ascii")
@staticmethod
def verify(password: bytes, hashed: str) -> bool:
"""Verify hashing password would be equal to the `hashed` value
:param bytes password: Password to verify
:param string hashed: Hashed password. Used to extract hashing
parameters
:returns: boolean whether hashing password with the same parameters
would match hashed value
"""
return bcrypt.checkpw(password, hashed.encode("ascii"))
class Bcrypt_sha256:
"""passlib transition class for bcrypt_sha256 password hashing"""
name: str = "bcrypt_sha256"
ident_values: set[str] = {"$2a$", "$2b$"}
prefix: str = "$bcrypt-sha256$"
@staticmethod
def hash(
password: bytes,
rounds: int = 12,
**kwargs,
) -> str:
"""Generate password hash string with ident and params
https://pypi.org/project/bcrypt/
:param bytes password: Password to be hashed.
:param int round: Count of rounds.
:returns: String in format
`$bcrypt-sha256$r={rounds},t={ident},v={version}${salt}${digest}`
"""
# generate salt with ident and options
salt_with_opts: bytes = bcrypt.gensalt(rounds)
# get the pure salt
salt: bytes = salt_with_opts[-22:]
# make a `str` salt
salt_str: str = salt.decode("ascii")
# NOTE(gtema): passlib calculates sha256 hmac digest of the password
# with the key set to salt
# Calculate password hmac digest with salt as key
hmac_digest: bytes = base64.b64encode(
hmac.digest(salt, password, "sha256")
)
# calculate bcrypt hash
hashed: str = bcrypt.hashpw(hmac_digest, salt_with_opts).decode(
"ascii"
)
# get the digest part of the hash
digest: str = hashed[-31:]
# Construct `passlib` compatible format of the bcrypt-sha256 hash
return f"{Bcrypt_sha256.prefix}v=2,t=2b,r={rounds}${salt_str}${digest}"
@staticmethod
def verify(password: bytes, hashed: str) -> bool:
"""Verify hashing password would be equal to the `hashed` value
:param bytes password: Password to verify
:param string hashed: Hashed password. Used to extract hashing
parameters
:returns: boolean whether hashing password with the same parameters
would match hashed value
"""
opts: dict = {}
data: str = hashed
# Strip the ident from the hashed value
if hashed.startswith(Bcrypt_sha256.prefix):
data = hashed[len(Bcrypt_sha256.prefix) :]
# split hashed string to extract parameters
parts: list[str] = data.split("$")
salt: str
digest: str
if len(parts) == 3:
params, salt, digest = parts
else:
raise exception.PasswordValidationError("malformed password hash")
for param in params.split(","):
if param.startswith("r="):
# Extract rounds passlib applied
opts["r"] = int(param[2:])
if param.startswith("t="):
# indent applied during hashing
opts["t"] = param[2:]
# Calculate password hmac digest with salt as key
hmac_digest: bytes = base64.b64encode(
hmac.digest(salt.encode("ascii"), password, "sha256")
)
# Normalize salt to whatever bcrypt expects it to be
new_salt: str = f"${opts['t']}${opts['r']}${salt}"
# verify_digest: str = bcrypt.hashpw(
# hmac_digest.encode("ascii"), new_salt.encode("ascii")
# )[-31:].decode("ascii")
# Invoke bcrypt checkpw with the re-calculated salt
return bcrypt.checkpw(
hmac_digest, f"{new_salt}{digest}".encode("ascii")
)

View File

@ -18,6 +18,7 @@ import itertools
from oslo_log import log from oslo_log import log
import passlib.hash import passlib.hash
from keystone.common.password_hashers import bcrypt
from keystone.common.password_hashers import scrypt from keystone.common.password_hashers import scrypt
import keystone.conf import keystone.conf
from keystone import exception from keystone import exception
@ -28,11 +29,11 @@ LOG = log.getLogger(__name__)
SUPPORTED_HASHERS = frozenset( SUPPORTED_HASHERS = frozenset(
[ [
passlib.hash.bcrypt,
passlib.hash.bcrypt_sha256,
passlib.hash.pbkdf2_sha512, passlib.hash.pbkdf2_sha512,
passlib.hash.sha512_crypt, passlib.hash.sha512_crypt,
scrypt.Scrypt, scrypt.Scrypt,
bcrypt.Bcrypt,
bcrypt.Bcrypt_sha256,
] ]
) )
@ -170,5 +171,9 @@ def hash_password(password: str) -> str:
if CONF.identity.salt_bytesize: if CONF.identity.salt_bytesize:
params["salt_size"] = CONF.identity.salt_bytesize params["salt_size"] = CONF.identity.salt_bytesize
return scrypt.Scrypt.hash(password_utf8, **params) return scrypt.Scrypt.hash(password_utf8, **params)
elif hasher is bcrypt.Bcrypt:
return bcrypt.Bcrypt.hash(password_utf8, **params)
elif hasher is bcrypt.Bcrypt_sha256:
return bcrypt.Bcrypt_sha256.hash(password_utf8, **params)
return hasher.using(**params).hash(password_utf8) return hasher.using(**params).hash(password_utf8)

View File

@ -26,6 +26,7 @@ CONF = keystone.conf.CONF
class TestPasswordHashing(unit.BaseTestCase): class TestPasswordHashing(unit.BaseTestCase):
OPTIONAL = object() OPTIONAL = object()
ITERATIONS: int = 10
def setUp(self): def setUp(self):
super().setUp() super().setUp()
@ -38,10 +39,10 @@ class TestPasswordHashing(unit.BaseTestCase):
) )
self.config_fixture.config(group="identity", max_password_length="96") self.config_fixture.config(group="identity", max_password_length="96")
# Few iterations to test different inputs # Few iterations to test different inputs
for _ in range(10): for _ in range(self.ITERATIONS):
password: str = "".join( # type: ignore password: str = "".join( # type: ignore
secrets.choice(string.printable) secrets.choice(string.printable)
for i in range(random.randint(1, 96)) for i in range(random.randint(1, 72))
) )
hashed = password_hashing.hash_password(password) hashed = password_hashing.hash_password(password)
self.assertTrue(password_hashing.check_password(password, hashed)) self.assertTrue(password_hashing.check_password(password, hashed))
@ -57,7 +58,7 @@ class TestPasswordHashing(unit.BaseTestCase):
) )
self.config_fixture.config(group="identity", max_password_length="96") self.config_fixture.config(group="identity", max_password_length="96")
# Few iterations to test different inputs # Few iterations to test different inputs
for _ in range(10): for _ in range(self.ITERATIONS):
# Would be nice to check all pass lengths from 1 till max, but it # Would be nice to check all pass lengths from 1 till max, but it
# takes too much time, thus using rand to pick up the password # takes too much time, thus using rand to pick up the password
# length # length
@ -69,3 +70,67 @@ class TestPasswordHashing(unit.BaseTestCase):
self.assertTrue( self.assertTrue(
password_hashing.check_password(password, hashed_passlib) password_hashing.check_password(password, hashed_passlib)
) )
def test_bcrypt(self):
self.config_fixture.config(strict_password_check=True)
self.config_fixture.config(
group="identity", password_hash_algorithm="bcrypt"
)
self.config_fixture.config(group="identity", max_password_length="72")
# Few iterations to test different inputs
for _ in range(self.ITERATIONS):
password: str = "".join( # type: ignore
secrets.choice(string.printable)
for i in range(random.randint(1, 72))
)
hashed = password_hashing.hash_password(password)
self.assertTrue(password_hashing.check_password(password, hashed))
def test_bcrypt_passlib_compat(self):
self.config_fixture.config(strict_password_check=True)
self.config_fixture.config(
group="identity", password_hash_algorithm="bcrypt"
)
self.config_fixture.config(group="identity", max_password_length="72")
# Few iterations to test different inputs
for _ in range(self.ITERATIONS):
password: str = "".join( # type: ignore
secrets.choice(string.printable)
for i in range(random.randint(1, 72))
)
hashed_passlib = passlib.hash.bcrypt.hash(password)
self.assertTrue(
password_hashing.check_password(password, hashed_passlib)
)
def test_bcrypt_sha256(self):
self.config_fixture.config(strict_password_check=True)
self.config_fixture.config(
group="identity", password_hash_algorithm="bcrypt_sha256"
)
self.config_fixture.config(group="identity", max_password_length="96")
# Few iterations to test different inputs
for _ in range(self.ITERATIONS):
password: str = "".join( # type: ignore
secrets.choice(string.printable)
for i in range(random.randint(1, 96))
)
hashed = password_hashing.hash_password(password)
self.assertTrue(password_hashing.check_password(password, hashed))
def test_bcrypt_sha256_passlib_compat(self):
self.config_fixture.config(strict_password_check=True)
self.config_fixture.config(
group="identity", password_hash_algorithm="bcrypt_sha256"
)
self.config_fixture.config(group="identity", max_password_length="96")
# Few iterations to test different inputs
for _ in range(self.ITERATIONS):
password: str = "".join( # type: ignore
secrets.choice(string.printable)
for i in range(random.randint(1, 96))
)
hashed_passlib = passlib.hash.bcrypt_sha256.hash(password)
self.assertTrue(
password_hashing.check_password(password, hashed_passlib)
)