SEC-2128: BCrypt.checkpw gives false positive when long pw with same prefix.

[spring-projects-issues]

Jem Mawson (Migrated from SEC-2128) said:

BCrypt.checkpw seems to ignore differences in the password after a certain number of characters. If the first 70 or 80 characters of the password being checked is the same as the password that generated the hash then the check will succeed.

See referenced commit for a failing testcase.

[spring-projects-issues]

Rob Winch said:

This does not seem to be an issue with the implementation, but the choice of using BCrypt. BCrypt only uses the first 72 bytes of a password. This occurs because the length of the subkeys is 72 bytes. You can find many other references on the web that refer to this limitation.

In other words, without more information I do not consider this a bug. Can you please provide clarification if there is something I am missing?

[spring-projects-issues]

Jem Mawson said:

Thanks for the links Rob. I agree, this is not a bug.

[spring-projects-issues]

Rob Winch said:

Resolving as invalid per feedback