Bug 509030 - salted password encoding writes garbage to salt part
salted password encoding writes garbage to salt part
Status: CLOSED NOTABUG
Product: 389
Classification: Community
Component: Security - Password Policy (Show other bugs)
1.2.1
All Linux
high Severity high
: ---
: ---
Assigned To: Rich Megginson
Chandrasekar Kannan
:
Depends On:
Blocks: 434915 389_1.3.0
  Show dependency treegraph
 
Reported: 2009-06-30 18:34 EDT by Rich Megginson
Modified: 2015-01-04 18:39 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-06-30 19:29:48 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Rich Megginson 2009-06-30 18:34:42 EDT
salted_sha_pw_enc() provides this much space for the hash value:
    char hash[ MAX_SHA_HASH_SIZE + SHA_SALT_LENGTH ];
that is, it wants hash to contain the hashed value + the salt.  But when it actually generates the hash
    /* hash the user's key */
    if ( sha_salted_hash( hash, pwd, &saltval, secOID ) != SECSuccess ) {
        return( NULL );
    }
the length of hash is always the length the hash algorithm produces - SHA1_LENGTH, SHA256_LENGTH, etc. - even though salt is passed in, and added to the hash value, it is not appended to the hash.  salted_sha_pw_enc() allocates space for the password hash plus the salt
    if (( enc = slapi_ch_malloc( 3 + schemeNameLen +
        LDIF_BASE64_LEN(shaLen + SHA_SALT_LENGTH))) == NULL ) {
        return( NULL );
    }
however, it never actually writes the salt value into enc - it only writes the first shaLen bytes from hash, plus SHA_SALT_LENGTH bytes of garbage.  I think the assumption was that calling sha_salted_hash() would append the salt value to the end of hash, but this is not done.  I think the fix is to have sha_salted_hash() do something like this, after generating the hash:
    memcpy(hash_out + outLen, salt.bv_val, salt.bv_len);
Comment 1 Rich Megginson 2009-06-30 19:29:48 EDT
never mind

Note You need to log in before you can comment on or make changes to this bug.