-
Notifications
You must be signed in to change notification settings - Fork 343
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(general): User profile hashing version to algorithm translation #3816
feat(general): User profile hashing version to algorithm translation #3816
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The high level comment is that the password hashing versions, and thus the corresponding mapping to their string equivalents, are part of the user profile management, and belong in the internal/user
package.
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## master #3816 +/- ##
==========================================
+ Coverage 75.86% 77.06% +1.20%
==========================================
Files 470 473 +3
Lines 37301 28680 -8621
==========================================
- Hits 28299 22103 -6196
+ Misses 7071 4686 -2385
+ Partials 1931 1891 -40 ☔ View full report in Codecov by Sentry. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🥇Thanks @bathina2 for doing this.
LG. Couple of minor nits. Those can be addressed separately after merging.
Thanks again.
Pbkdf2Algorithm = "pbkdf2-sha256-600000" | ||
|
||
// DefaultKeyDerivationAlgorithm is the key derivation algorithm for new configurations. | ||
DefaultKeyDerivationAlgorithm = ScryptAlgorithm |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: it seems that the default should be "testing-only-insecure"
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This breaks tests, since we have separated the hash versions from the key derivation algorithms.
I would have to handle testing-only-insecure
in the internal/user
package but that would mean introducing testing code in production
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
OK
// Different key derivation algorithm besides the original should fail | ||
p.KeyDerivationAlgorithm = crypto.Pbkdf2Algorithm | ||
// Assume the key derivation algorithm is bad. This will cause | ||
// a panic when validating |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: Is the comment accurate? does it panic?
algorithms := crypto.AllowedKeyDerivationAlgorithms() | ||
// if the user is invalid, return false but use the same amount of time as when we | ||
// if the Username is invalid, return false but use the same amount of time as when we |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit:
// if the Username is invalid, return false but use the same amount of time as when we | |
// if the user profile is invalid (either invalid user name or password hash version, return false but use the same amount of time as when we |
…3821) Code movement and simplification, no functional changes. Objectives: - Allow callers specifying the needed key (or hash) size, instead of hard-coding it in the registered PBK derivers. Conceptually, the caller needs to specify the key size, since that is a requirement of the (encryption) algorithm being used in the caller. Now, the code changes here do not result in any functional changes since the key size is always 32 bytes. - Remove a global definition for the default PB key deriver to use. Instead, each of the 3 use case sets the default value. Changes: - `crypto.DeriveKeyFromPassword` now takes a key size. - Adds new constants for the key sizes at the callers. - Removes the global `crypto.MasterKeySize` const. - Removes the global `crypto.DefaultKeyDerivationAlgorithm` const. - Adds const for the default derivation algorithms for each use case. - Adds a const for the salt length in the `internal/user` package, to ensure the same salt length is used in both hash versions. - Unexports various functions, variables and constants in the `internal/crypto` & `internal/user` packages. - Renames various constants for consistency. - Removes unused functions and symbols. - Renames files to be consistent and better reflect the structure of the code. - Adds a couple of tests to ensure the const values are in sync and supported. - Fixes a couple of typos Followups to: - #3725 - #3770 - #3779 - #3799 - #3816 The individual commits show the code transformations to simplify the review of the changes.
This PR reverts the behavior of storing the key derivation algorithm in the profile.
We will continue to use the
PasswordHashVersion
and have internal tooling to translate to the key derivation algorithm (password hashing algorithm).