Project

General

Profile

Actions

Bug #2278

closed

"Password hashing weakness in DF" (Matthias Schmidt)

Added by robin.carey1 almost 13 years ago. Updated almost 13 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:

Description

Further to the email posted by Matthias Schmidt to DragonFly users list
(17/01/2012):

I had a look at (GitWeb) the source code:

lib/libcrypt/crypt-sha256.c

and

lib/libcrypt/crypt-sha512.c

Both of those C files have bugs in them: "crypt-sha256.c:":

....
/* Then the magic string */
SHA256_Update(&ctx, magic, sizeof(magic));
....

Should be strlen(magic) instead of sizeof(magic).
-----

And practically the same bug in: "crypt-sha512.c":

....
/* Then the magic string */
SHA512_Update(&ctx, magic, sizeof(magic));
.....

Should be strlen(magic) instead of sizeof(magic).
------

There might be other bugs - I didn't really check for any .....

--
Sincerely,

Robin Carey BSc

Actions #1

Updated by sjg almost 13 years ago

  • Status changed from New to Closed

I have deprecated that code, but the bugs will have to stick around until we tear it out to ensure peoples passwords keep working.

Actions #2

Updated by dillon almost 13 years ago

:Issue #2278 has been reported by Robin Carey.
:
:----------------------------------------
:Bug #2278: "Password hashing weakness in DF" (Matthias Schmidt)
:http://bugs.dragonflybsd.org/issues/2278

After some coordination on IRC, Sam committed the linux sha256 and
sha512 code ($5$ and $6$) and set the default to the new sha512
code. The broken sha256/512 code ($3$ and $4$) is still present
in order to properly decrypt any passwords using the broken hash,
but can no longer be used to encrypt new passwords.
-Matt
Actions

Also available in: Atom PDF