diff --git a/keystone/common/password_hashers/bcrypt.py b/keystone/common/password_hashers/bcrypt.py new file mode 100644 index 0000000000..f7c8709e60 --- /dev/null +++ b/keystone/common/password_hashers/bcrypt.py @@ -0,0 +1,156 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +import base64 +import hmac + +import bcrypt + +from keystone import exception + + +class Bcrypt: + """passlib transition class for implementing bcrypt password hashing""" + + name: str = "bcrypt" + ident_values: set[str] = {"$2$", "$2a$", "$2b$", "$2x$", "$2y$"} + + @staticmethod + def hash( + password: bytes, + rounds: int = 12, + **kwargs, + ) -> str: + """Generate password hash string with ident and params + + https://pypi.org/project/bcrypt/ + + :param bytes password: Password to be hashed. + :param int round: Count of rounds. + + :returns: String in format `$2b${rounds}${salt}{digest}` + """ + salt: bytes = bcrypt.gensalt(rounds) + digest: bytes = bcrypt.hashpw(password, salt) + return digest.decode("ascii") + + @staticmethod + def verify(password: bytes, hashed: str) -> bool: + """Verify hashing password would be equal to the `hashed` value + + :param bytes password: Password to verify + :param string hashed: Hashed password. Used to extract hashing + parameters + + :returns: boolean whether hashing password with the same parameters + would match hashed value + """ + return bcrypt.checkpw(password, hashed.encode("ascii")) + + +class Bcrypt_sha256: + """passlib transition class for bcrypt_sha256 password hashing""" + + name: str = "bcrypt_sha256" + ident_values: set[str] = {"$2a$", "$2b$"} + prefix: str = "$bcrypt-sha256$" + + @staticmethod + def hash( + password: bytes, + rounds: int = 12, + **kwargs, + ) -> str: + """Generate password hash string with ident and params + + https://pypi.org/project/bcrypt/ + + :param bytes password: Password to be hashed. + :param int round: Count of rounds. + + :returns: String in format + `$bcrypt-sha256$r={rounds},t={ident},v={version}${salt}${digest}` + """ + # generate salt with ident and options + salt_with_opts: bytes = bcrypt.gensalt(rounds) + # get the pure salt + salt: bytes = salt_with_opts[-22:] + # make a `str` salt + salt_str: str = salt.decode("ascii") + + # NOTE(gtema): passlib calculates sha256 hmac digest of the password + # with the key set to salt + # Calculate password hmac digest with salt as key + hmac_digest: bytes = base64.b64encode( + hmac.digest(salt, password, "sha256") + ) + + # calculate bcrypt hash + hashed: str = bcrypt.hashpw(hmac_digest, salt_with_opts).decode( + "ascii" + ) + # get the digest part of the hash + digest: str = hashed[-31:] + + # Construct `passlib` compatible format of the bcrypt-sha256 hash + return f"{Bcrypt_sha256.prefix}v=2,t=2b,r={rounds}${salt_str}${digest}" + + @staticmethod + def verify(password: bytes, hashed: str) -> bool: + """Verify hashing password would be equal to the `hashed` value + + :param bytes password: Password to verify + :param string hashed: Hashed password. Used to extract hashing + parameters + + :returns: boolean whether hashing password with the same parameters + would match hashed value + """ + opts: dict = {} + data: str = hashed + # Strip the ident from the hashed value + if hashed.startswith(Bcrypt_sha256.prefix): + data = hashed[len(Bcrypt_sha256.prefix) :] + # split hashed string to extract parameters + parts: list[str] = data.split("$") + salt: str + digest: str + + if len(parts) == 3: + params, salt, digest = parts + else: + raise exception.PasswordValidationError("malformed password hash") + + for param in params.split(","): + if param.startswith("r="): + # Extract rounds passlib applied + opts["r"] = int(param[2:]) + if param.startswith("t="): + # indent applied during hashing + opts["t"] = param[2:] + + # Calculate password hmac digest with salt as key + hmac_digest: bytes = base64.b64encode( + hmac.digest(salt.encode("ascii"), password, "sha256") + ) + + # Normalize salt to whatever bcrypt expects it to be + new_salt: str = f"${opts['t']}${opts['r']}${salt}" + + # verify_digest: str = bcrypt.hashpw( + # hmac_digest.encode("ascii"), new_salt.encode("ascii") + # )[-31:].decode("ascii") + + # Invoke bcrypt checkpw with the re-calculated salt + return bcrypt.checkpw( + hmac_digest, f"{new_salt}{digest}".encode("ascii") + ) diff --git a/keystone/common/password_hashing.py b/keystone/common/password_hashing.py index 40d45e1d88..0531f83259 100644 --- a/keystone/common/password_hashing.py +++ b/keystone/common/password_hashing.py @@ -18,6 +18,7 @@ import itertools from oslo_log import log import passlib.hash +from keystone.common.password_hashers import bcrypt from keystone.common.password_hashers import scrypt import keystone.conf from keystone import exception @@ -28,11 +29,11 @@ LOG = log.getLogger(__name__) SUPPORTED_HASHERS = frozenset( [ - passlib.hash.bcrypt, - passlib.hash.bcrypt_sha256, passlib.hash.pbkdf2_sha512, passlib.hash.sha512_crypt, scrypt.Scrypt, + bcrypt.Bcrypt, + bcrypt.Bcrypt_sha256, ] ) @@ -170,5 +171,9 @@ def hash_password(password: str) -> str: if CONF.identity.salt_bytesize: params["salt_size"] = CONF.identity.salt_bytesize return scrypt.Scrypt.hash(password_utf8, **params) + elif hasher is bcrypt.Bcrypt: + return bcrypt.Bcrypt.hash(password_utf8, **params) + elif hasher is bcrypt.Bcrypt_sha256: + return bcrypt.Bcrypt_sha256.hash(password_utf8, **params) return hasher.using(**params).hash(password_utf8) diff --git a/keystone/tests/unit/common/test_password_hashing.py b/keystone/tests/unit/common/test_password_hashing.py index e2dc38527a..137162ae60 100644 --- a/keystone/tests/unit/common/test_password_hashing.py +++ b/keystone/tests/unit/common/test_password_hashing.py @@ -26,6 +26,7 @@ CONF = keystone.conf.CONF class TestPasswordHashing(unit.BaseTestCase): OPTIONAL = object() + ITERATIONS: int = 10 def setUp(self): super().setUp() @@ -38,10 +39,10 @@ class TestPasswordHashing(unit.BaseTestCase): ) self.config_fixture.config(group="identity", max_password_length="96") # Few iterations to test different inputs - for _ in range(10): + for _ in range(self.ITERATIONS): password: str = "".join( # type: ignore secrets.choice(string.printable) - for i in range(random.randint(1, 96)) + for i in range(random.randint(1, 72)) ) hashed = password_hashing.hash_password(password) self.assertTrue(password_hashing.check_password(password, hashed)) @@ -57,7 +58,7 @@ class TestPasswordHashing(unit.BaseTestCase): ) self.config_fixture.config(group="identity", max_password_length="96") # Few iterations to test different inputs - for _ in range(10): + for _ in range(self.ITERATIONS): # Would be nice to check all pass lengths from 1 till max, but it # takes too much time, thus using rand to pick up the password # length @@ -69,3 +70,67 @@ class TestPasswordHashing(unit.BaseTestCase): self.assertTrue( password_hashing.check_password(password, hashed_passlib) ) + + def test_bcrypt(self): + self.config_fixture.config(strict_password_check=True) + self.config_fixture.config( + group="identity", password_hash_algorithm="bcrypt" + ) + self.config_fixture.config(group="identity", max_password_length="72") + # Few iterations to test different inputs + for _ in range(self.ITERATIONS): + password: str = "".join( # type: ignore + secrets.choice(string.printable) + for i in range(random.randint(1, 72)) + ) + hashed = password_hashing.hash_password(password) + self.assertTrue(password_hashing.check_password(password, hashed)) + + def test_bcrypt_passlib_compat(self): + self.config_fixture.config(strict_password_check=True) + self.config_fixture.config( + group="identity", password_hash_algorithm="bcrypt" + ) + self.config_fixture.config(group="identity", max_password_length="72") + # Few iterations to test different inputs + for _ in range(self.ITERATIONS): + password: str = "".join( # type: ignore + secrets.choice(string.printable) + for i in range(random.randint(1, 72)) + ) + hashed_passlib = passlib.hash.bcrypt.hash(password) + self.assertTrue( + password_hashing.check_password(password, hashed_passlib) + ) + + def test_bcrypt_sha256(self): + self.config_fixture.config(strict_password_check=True) + self.config_fixture.config( + group="identity", password_hash_algorithm="bcrypt_sha256" + ) + self.config_fixture.config(group="identity", max_password_length="96") + # Few iterations to test different inputs + for _ in range(self.ITERATIONS): + password: str = "".join( # type: ignore + secrets.choice(string.printable) + for i in range(random.randint(1, 96)) + ) + hashed = password_hashing.hash_password(password) + self.assertTrue(password_hashing.check_password(password, hashed)) + + def test_bcrypt_sha256_passlib_compat(self): + self.config_fixture.config(strict_password_check=True) + self.config_fixture.config( + group="identity", password_hash_algorithm="bcrypt_sha256" + ) + self.config_fixture.config(group="identity", max_password_length="96") + # Few iterations to test different inputs + for _ in range(self.ITERATIONS): + password: str = "".join( # type: ignore + secrets.choice(string.printable) + for i in range(random.randint(1, 96)) + ) + hashed_passlib = passlib.hash.bcrypt_sha256.hash(password) + self.assertTrue( + password_hashing.check_password(password, hashed_passlib) + )