GitHub
/
ergo
mirror of https://github.com/ergochat/ergo.git
3
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #284 from slingamn/passhashing.1 

new password hashing technique
This commit is contained in:
Shivaram Lingamneni 2018-08-27 23:55:54 -04:00 committed by GitHub
parent 1fd63672f3 7ebd35f5a0
commit c72a84e49f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
19 changed files with 287 additions and 347 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Gopkg.lock generated
View File

@ -134,6 +134,7 @@
packages = [
"bcrypt",
"blowfish",
"sha3",
"ssh/terminal",
]
pruneopts = ""
@ -200,6 +201,7 @@
"github.com/oragono/go-ident",
"github.com/tidwall/buntdb",
"golang.org/x/crypto/bcrypt",
"golang.org/x/crypto/sha3",
"golang.org/x/crypto/ssh/terminal",
"golang.org/x/text/secure/precis",
"gopkg.in/yaml.v2",

1
Makefile
View File

@ -22,5 +22,6 @@ test:
cd irc/caps && go test . && go vet .
cd irc/isupport && go test . && go vet .
cd irc/modes && go test . && go vet .
cd irc/passwd && go test . && go vet .
cd irc/utils && go test . && go vet .
./.check-gofmt.sh

111
irc/accounts.go
View File

@ -16,6 +16,7 @@ import (
"sync"
"sync/atomic"
"time"
"unicode"
"github.com/oragono/oragono/irc/caps"
"github.com/oragono/oragono/irc/passwd"
@ -175,7 +176,8 @@ func (am *AccountManager) Register(client *Client, account string, callbackNames
}
// can't register a guest nickname
renamePrefix := strings.ToLower(am.server.AccountConfig().NickReservation.RenamePrefix)
config := am.server.AccountConfig()
renamePrefix := strings.ToLower(config.NickReservation.RenamePrefix)
if renamePrefix != "" && strings.HasPrefix(casefoldedAccount, renamePrefix) {
return errAccountAlreadyRegistered
}
@ -188,34 +190,16 @@ func (am *AccountManager) Register(client *Client, account string, callbackNames
verificationCodeKey := fmt.Sprintf(keyAccountVerificationCode, casefoldedAccount)
certFPKey := fmt.Sprintf(keyCertToAccount, certfp)
var creds AccountCredentials
// always set passphrase salt
creds.PassphraseSalt, err = passwd.NewSalt()
credStr, err := am.serializeCredentials(passphrase, certfp)
if err != nil {
return errAccountCreation
return err
}
// it's fine if this is empty, that just means no certificate is authorized
creds.Certificate = certfp
if passphrase != "" {
creds.PassphraseHash, err = am.server.passwords.GenerateFromPassword(creds.PassphraseSalt, passphrase)
if err != nil {
am.server.logger.Error("internal", fmt.Sprintf("could not hash password: %v", err))
return errAccountCreation
}
}
credText, err := json.Marshal(creds)
if err != nil {
am.server.logger.Error("internal", fmt.Sprintf("could not marshal credentials: %v", err))
return errAccountCreation
}
credStr := string(credText)
registeredTimeStr := strconv.FormatInt(time.Now().Unix(), 10)
callbackSpec := fmt.Sprintf("%s:%s", callbackNamespace, callbackValue)
var setOptions *buntdb.SetOptions
ttl := am.server.AccountConfig().Registration.VerifyTimeout
ttl := config.Registration.VerifyTimeout
if ttl != 0 {
setOptions = &buntdb.SetOptions{Expires: true, TTL: ttl}
}
@ -271,6 +255,75 @@ func (am *AccountManager) Register(client *Client, account string, callbackNames
}
}
// validatePassphrase checks whether a passphrase is allowed by our rules
func validatePassphrase(passphrase string) error {
// sanity check the length
if len(passphrase) == 0 || len(passphrase) > 600 {
return errAccountBadPassphrase
}
// for now, just enforce that spaces are not allowed
for _, r := range passphrase {
if unicode.IsSpace(r) {
return errAccountBadPassphrase
}
}
return nil
}
// helper to assemble the serialized JSON for an account's credentials
func (am *AccountManager) serializeCredentials(passphrase string, certfp string) (result string, err error) {
var creds AccountCredentials
creds.Version = 1
// we need at least one of passphrase and certfp:
if passphrase == "" && certfp == "" {
return "", errAccountBadPassphrase
}
// but if we have one, it's fine if the other is missing, it just means no
// credential of that type will be accepted.
creds.Certificate = certfp
if passphrase != "" {
if validatePassphrase(passphrase) != nil {
return "", errAccountBadPassphrase
}
bcryptCost := int(am.server.Config().Accounts.Registration.BcryptCost)
creds.PassphraseHash, err = passwd.GenerateFromPassword([]byte(passphrase), bcryptCost)
if err != nil {
am.server.logger.Error("internal", fmt.Sprintf("could not hash password: %v", err))
return "", errAccountCreation
}
}
credText, err := json.Marshal(creds)
if err != nil {
am.server.logger.Error("internal", fmt.Sprintf("could not marshal credentials: %v", err))
return "", errAccountCreation
}
return string(credText), nil
}
// changes the password for an account
func (am *AccountManager) setPassword(account string, password string) (err error) {
casefoldedAccount, err := CasefoldName(account)
if err != nil {
return err
}
act, err := am.LoadAccount(casefoldedAccount)
if err != nil {
return err
}
credStr, err := am.serializeCredentials(password, act.Credentials.Certificate)
if err != nil {
return err
}
credentialsKey := fmt.Sprintf(keyAccountCredentials, casefoldedAccount)
return am.server.store.Update(func(tx *buntdb.Tx) error {
_, _, err := tx.Set(credentialsKey, credStr, nil)
return err
})
}
func (am *AccountManager) dispatchCallback(client *Client, casefoldedAccount string, callbackNamespace string, callbackValue string) (string, error) {
if callbackNamespace == "*" || callbackNamespace == "none" {
return "", nil
@ -522,8 +575,15 @@ func (am *AccountManager) AuthenticateByPassphrase(client *Client, accountName s
return errAccountUnverified
}
err = am.server.passwords.CompareHashAndPassword(
account.Credentials.PassphraseHash, account.Credentials.PassphraseSalt, passphrase)
switch account.Credentials.Version {
case 0:
err = handleLegacyPasswordV0(am.server, accountName, account.Credentials, passphrase)
case 1:
err = passwd.CompareHashAndPassword(account.Credentials.PassphraseHash, []byte(passphrase))
default:
err = errAccountInvalidCredentials
}
if err != nil {
return errAccountInvalidCredentials
}
@ -982,7 +1042,8 @@ var (
// AccountCredentials stores the various methods for verifying accounts.
type AccountCredentials struct {
PassphraseSalt []byte
Version uint
PassphraseSalt []byte // legacy field, not used by v1 and later
PassphraseHash []byte
Certificate string // fingerprint
}

23
irc/config.go
View File

@ -81,6 +81,7 @@ type AccountRegistrationConfig struct {
VerifyMessage string `yaml:"verify-message"`
}
}
BcryptCost uint `yaml:"bcrypt-cost"`
}
type VHostConfig struct {
@ -151,15 +152,6 @@ type OperConfig struct {
Modes string
}
// PasswordBytes returns the bytes represented by the password hash.
func (conf *OperConfig) PasswordBytes() []byte {
bytes, err := passwd.DecodePasswordHash(conf.Password)
if err != nil {
log.Fatal("decode password error: ", err)
}
return bytes
}
// LineLenConfig controls line lengths.
type LineLenLimits struct {
Tags int
@ -375,7 +367,11 @@ func (conf *Config) Operators(oc map[string]*OperClass) (map[string]*Oper, error
}
oper.Name = name
oper.Pass = opConf.PasswordBytes()
oper.Pass, err = decodeLegacyPasswordHash(opConf.Password)
if err != nil {
return nil, err
}
oper.Vhost = opConf.Vhost
class, exists := oc[opConf.Class]
if !exists {
@ -704,11 +700,14 @@ func LoadConfig(filename string) (config *Config, err error) {
config.Channels.defaultModes = ParseDefaultChannelModes(config.Channels.RawDefaultModes)
if config.Server.Password != "" {
bytes, err := passwd.DecodePasswordHash(config.Server.Password)
config.Server.passwordBytes, err = decodeLegacyPasswordHash(config.Server.Password)
if err != nil {
return nil, err
}
config.Server.passwordBytes = bytes
}
if config.Accounts.Registration.BcryptCost == 0 {
config.Accounts.Registration.BcryptCost = passwd.DefaultCost
}
return config, nil

12
irc/database.go
View File

@ -5,7 +5,6 @@
package irc
import (
"encoding/base64"
"encoding/json"
"fmt"
"log"
@ -14,7 +13,6 @@ import (
"time"
"github.com/oragono/oragono/irc/modes"
"github.com/oragono/oragono/irc/passwd"
"github.com/oragono/oragono/irc/utils"
"github.com/tidwall/buntdb"
@ -25,8 +23,6 @@ const (
keySchemaVersion = "db.version"
// latest schema of the db
latestDbSchema = "3"
// key for the primary salt used by the ircd
keySalt = "crypto.salt"
)
type SchemaChanger func(*Config, *buntdb.Tx) error
@ -68,14 +64,6 @@ func InitDB(path string) {
defer store.Close()
err = store.Update(func(tx *buntdb.Tx) error {
// set base db salt
salt, err := passwd.NewSalt()
encodedSalt := base64.StdEncoding.EncodeToString(salt)
if err != nil {
log.Fatal("Could not generate cryptographically-secure salt for the user:", err.Error())
}
tx.Set(keySalt, encodedSalt, nil)
// set schema version
tx.Set(keySchemaVersion, latestDbSchema, nil)
return nil

14
irc/errors.go
View File

@ -10,17 +10,19 @@ import "errors"
// Runtime Errors
var (
errAccountAlreadyRegistered = errors.New("Account already exists")
errAccountAlreadyVerified = errors.New("Account is already verified")
errAccountCantDropPrimaryNick = errors.New("Can't unreserve primary nickname")
errAccountCreation = errors.New("Account could not be created")
errAccountCredUpdate = errors.New("Could not update password hash to new method")
errAccountDoesNotExist = errors.New("Account does not exist")
errAccountInvalidCredentials = errors.New("Invalid account credentials")
errAccountBadPassphrase = errors.New("Passphrase contains forbidden characters or is otherwise invalid")
errAccountNickReservationFailed = errors.New("Could not (un)reserve nick")
errAccountNotLoggedIn = errors.New("You're not logged into an account")
errAccountTooManyNicks = errors.New("Account has too many reserved nicks")
errAccountUnverified = errors.New("Account is not yet verified")
errAccountVerificationFailed = errors.New("Account verification failed")
errAccountVerificationInvalidCode = errors.New("Invalid account verification code")
errAccountUnverified = errors.New("Account is not yet verified")
errAccountAlreadyVerified = errors.New("Account is already verified")
errAccountInvalidCredentials = errors.New("Invalid account credentials")
errAccountTooManyNicks = errors.New("Account has too many reserved nicks")
errAccountNickReservationFailed = errors.New("Could not (un)reserve nick")
errAccountCantDropPrimaryNick = errors.New("Can't unreserve primary nickname")
errAccountUpdateFailed = errors.New("Error while updating your account information")
errCallbackFailed = errors.New("Account verification could not be sent")
errCertfpAlreadyExists = errors.New("An account already exists with your certificate")

5
irc/gateways.go
View File

@ -10,7 +10,6 @@ import (
"net"
"github.com/oragono/oragono/irc/modes"
"github.com/oragono/oragono/irc/passwd"
"github.com/oragono/oragono/irc/utils"
)
@ -28,9 +27,7 @@ func (wc *webircConfig) Populate() (err error) {
}
if wc.PasswordString != "" {
var password []byte
password, err = passwd.DecodePasswordHash(wc.PasswordString)
wc.Password = password
wc.Password, err = decodeLegacyPasswordHash(wc.PasswordString)
}
return err
}

7
irc/handlers.go
View File

@ -27,7 +27,6 @@ import (
"github.com/oragono/oragono/irc/caps"
"github.com/oragono/oragono/irc/custime"
"github.com/oragono/oragono/irc/modes"
"github.com/oragono/oragono/irc/passwd"
"github.com/oragono/oragono/irc/sno"
"github.com/oragono/oragono/irc/utils"
"github.com/tidwall/buntdb"
@ -155,6 +154,8 @@ func accRegisterHandler(server *Server, client *Client, msg ircmsg.IrcMessage, r
} else if err == errAccountAlreadyRegistered {
msg = "Account already exists"
code = ERR_ACCOUNT_ALREADY_EXISTS
} else if err == errAccountBadPassphrase {
msg = "Passphrase contains forbidden characters or is otherwise invalid"
}
if err == errAccountAlreadyRegistered || err == errAccountCreation || err == errCertfpAlreadyExists {
msg = err.Error()
@ -1818,7 +1819,7 @@ func passHandler(server *Server, client *Client, msg ircmsg.IrcMessage, rb *Resp
// check the provided password
password := []byte(msg.Params[0])
if passwd.ComparePassword(serverPassword, password) != nil {
if bcrypt.CompareHashAndPassword(serverPassword, password) != nil {
rb.Add(nil, server.name, ERR_PASSWDMISMATCH, client.nick, client.t("Password incorrect"))
rb.Add(nil, server.name, "ERROR", client.t("Password incorrect"))
return true
@ -2402,7 +2403,7 @@ func webircHandler(server *Server, client *Client, msg ircmsg.IrcMessage, rb *Re
if isGatewayAllowed(client.socket.conn.RemoteAddr(), gateway) {
// confirm password and/or fingerprint
givenPassword := msg.Params[0]
if 0 < len(info.Password) && passwd.ComparePasswordString(info.Password, givenPassword) != nil {
if 0 < len(info.Password) && bcrypt.CompareHashAndPassword(info.Password, []byte(givenPassword)) != nil {
continue
}
if 0 < len(info.Fingerprint) && client.certfp != info.Fingerprint {

72
irc/legacy.go Normal file
View File

@ -0,0 +1,72 @@
// Copyright (c) 2018 Shivaram Lingamneni
package irc
import (
"encoding/base64"
"errors"
"fmt"
"github.com/tidwall/buntdb"
"golang.org/x/crypto/bcrypt"
)
var (
errInvalidPasswordHash = errors.New("invalid password hash")
)
// Decode a hashed passphrase as it would appear in a config file,
// retaining compatibility with old versions of `oragono genpasswd`
// that used to apply a redundant layer of base64
func decodeLegacyPasswordHash(hash string) ([]byte, error) {
// a correctly formatted bcrypt hash is 60 bytes of printable ASCII
if len(hash) == 80 {
// double-base64, remove the outer layer:
return base64.StdEncoding.DecodeString(hash)
} else if len(hash) == 60 {
return []byte(hash), nil
} else {
return nil, errInvalidPasswordHash
}
}
// helper to check a version 0 password hash, with global and per-passphrase salts
func checkLegacyPasswordV0(hashedPassword, globalSalt, passphraseSalt []byte, passphrase string) error {
var assembledPasswordBytes []byte
assembledPasswordBytes = append(assembledPasswordBytes, globalSalt...)
assembledPasswordBytes = append(assembledPasswordBytes, '-')
assembledPasswordBytes = append(assembledPasswordBytes, passphraseSalt...)
assembledPasswordBytes = append(assembledPasswordBytes, '-')
assembledPasswordBytes = append(assembledPasswordBytes, []byte(passphrase)...)
return bcrypt.CompareHashAndPassword(hashedPassword, assembledPasswordBytes)
}
// checks a version 0 password hash; if successful, upgrades the database entry to version 1
func handleLegacyPasswordV0(server *Server, account string, credentials AccountCredentials, passphrase string) (err error) {
var globalSaltString string
err = server.store.View(func(tx *buntdb.Tx) (err error) {
globalSaltString, err = tx.Get("crypto.salt")
return err
})
if err != nil {
return err
}
globalSalt, err := base64.StdEncoding.DecodeString(globalSaltString)
if err != nil {
return err
}
err = checkLegacyPasswordV0(credentials.PassphraseHash, globalSalt, credentials.PassphraseSalt, passphrase)
if err != nil {
// invalid password
return err
}
// upgrade credentials
err = server.accounts.setPassword(account, passphrase)
if err != nil {
server.logger.Error("internal", fmt.Sprintf("could not upgrade user password: %v", err))
}
return nil
}

2
irc/nickserv.go
View File

@ -313,6 +313,8 @@ func nsRegisterHandler(server *Server, client *Client, command, params string, r
errMsg = client.t("An account already exists for your certificate fingerprint")
} else if err == errAccountAlreadyRegistered {
errMsg = client.t("Account already exists")
} else if err == errAccountBadPassphrase {
errMsg = client.t("Passphrase contains forbidden characters or is otherwise invalid")
}
nsNotice(rb, errMsg)
return

34
irc/passwd/bcrypt.go Normal file
View File

@ -0,0 +1,34 @@
// Copyright (c) 2018 Shivaram Lingamneni
// released under the MIT license
package passwd
import "golang.org/x/crypto/bcrypt"
import "golang.org/x/crypto/sha3"
const (
MinCost = bcrypt.MinCost
DefaultCost = 12 // ballpark: 250 msec on a modern Intel CPU
)
// implements Dropbox's strategy of applying an initial pass of a "normal"
// (i.e., fast) cryptographically secure hash with 512 bits of output before
// applying bcrypt. This allows the use of, e.g., Diceware/XKCD-style passphrases
// that may be longer than the 80-character bcrypt limit.
// https://blogs.dropbox.com/tech/2016/09/how-dropbox-securely-stores-your-passwords/
// we are only using this for user-generated passwords, as opposed to the server
// and operator passwords that are hashed by `oragono genpasswd` and then
// hard-coded by the server admins into the config file, to avoid breaking
// backwards compatibility (since we can't upgrade the config file on the fly
// the way we can with the database).
func GenerateFromPassword(password []byte, cost int) (result []byte, err error) {
sum := sha3.Sum512(password)
return bcrypt.GenerateFromPassword(sum[:], cost)
}
func CompareHashAndPassword(hashedPassword, password []byte) error {
sum := sha3.Sum512(password)
return bcrypt.CompareHashAndPassword(hashedPassword, sum[:])
}

58
irc/passwd/bcrypt_test.go Normal file
View File

@ -0,0 +1,58 @@
// Copyright (c) 2018 Shivaram Lingamneni
// released under the MIT license
package passwd
import (
"testing"
)
func TestBasic(t *testing.T) {
hash, err := GenerateFromPassword([]byte("this is my passphrase"), DefaultCost)
if err != nil || len(hash) != 60 {
t.Errorf("bad password hash output: error %s, output %s, len %d", err, hash, len(hash))
}
if CompareHashAndPassword(hash, []byte("this is my passphrase")) != nil {
t.Errorf("hash comparison failed unexpectedly")
}
if CompareHashAndPassword(hash, []byte("this is not my passphrase")) == nil {
t.Errorf("hash comparison succeeded unexpectedly")
}
}
func TestLongPassphrases(t *testing.T) {
longPassphrase := make([]byte, 168)
for i := range longPassphrase {
longPassphrase[i] = 'a'
}
hash, err := GenerateFromPassword(longPassphrase, DefaultCost)
if err != nil {
t.Errorf("bad password hash output: error %s", err)
}
if CompareHashAndPassword(hash, longPassphrase) != nil {
t.Errorf("hash comparison failed unexpectedly")
}
// change a byte of the passphrase beyond the normal 80-character
// bcrypt truncation boundary:
longPassphrase[150] = 'b'
if CompareHashAndPassword(hash, longPassphrase) == nil {
t.Errorf("hash comparison succeeded unexpectedly")
}
}
// this could be useful for tuning the cost parameter on specific hardware
func BenchmarkComparisons(b *testing.B) {
pass := []byte("passphrase for benchmarking")
hash, err := GenerateFromPassword(pass, DefaultCost)
if err != nil {
b.Errorf("bad output")
}
b.ResetTimer()
for i := 0; i < b.N; i++ {
CompareHashAndPassword(hash, pass)
}
}

66
irc/passwd/salted.go
View File

@ -1,66 +0,0 @@
// Copyright (c) 2016 Daniel Oaks <daniel@danieloaks.net>
// released under the MIT license
package passwd
import (
"crypto/rand"
"golang.org/x/crypto/bcrypt"
)
const (
// newSaltLen is how many bytes long newly-generated salts are.
newSaltLen = 30
// defaultPasswordCost is the bcrypt cost we use for passwords.
defaultPasswordCost = 14
)
// NewSalt returns a salt for crypto uses.
func NewSalt() ([]byte, error) {
salt := make([]byte, newSaltLen)
_, err := rand.Read(salt)
if err != nil {
var emptySalt []byte
return emptySalt, err
}
return salt, nil
}
// SaltedManager supports the hashing and comparing of passwords with the given salt.
type SaltedManager struct {
salt []byte
}
// NewSaltedManager returns a new SaltedManager with the given salt.
func NewSaltedManager(salt []byte) SaltedManager {
return SaltedManager{
salt: salt,
}
}
// assemblePassword returns an assembled slice of bytes for the given password details.
func (sm *SaltedManager) assemblePassword(specialSalt []byte, password string) []byte {
var assembledPasswordBytes []byte
assembledPasswordBytes = append(assembledPasswordBytes, sm.salt...)
assembledPasswordBytes = append(assembledPasswordBytes, '-')
assembledPasswordBytes = append(assembledPasswordBytes, specialSalt...)
assembledPasswordBytes = append(assembledPasswordBytes, '-')
assembledPasswordBytes = append(assembledPasswordBytes, []byte(password)...)
return assembledPasswordBytes
}
// GenerateFromPassword encrypts the given password.
func (sm *SaltedManager) GenerateFromPassword(specialSalt []byte, password string) ([]byte, error) {
assembledPasswordBytes := sm.assemblePassword(specialSalt, password)
return bcrypt.GenerateFromPassword(assembledPasswordBytes, defaultPasswordCost)
}
// CompareHashAndPassword compares a hashed password with its possible plaintext equivalent.
// Returns nil on success, or an error on failure.
func (sm *SaltedManager) CompareHashAndPassword(hashedPassword []byte, specialSalt []byte, password string) error {
assembledPasswordBytes := sm.assemblePassword(specialSalt, password)
return bcrypt.CompareHashAndPassword(hashedPassword, assembledPasswordBytes)
}

86
irc/passwd/salted_test.go
View File

@ -1,86 +0,0 @@
// Copyright (c) 2016 Daniel Oaks <daniel@danieloaks.net>
// released under the MIT license
package passwd
import (
"encoding/base64"
"testing"
)
type SaltedPasswordTest struct {
ManagerSalt string
Salt string
Hash string
Password string
}
var SaltedPasswords = []SaltedPasswordTest{
{
ManagerSalt: "3TPITDVf/NGb4OlCyV1uZNW1H7zy3BFos+Dsu7dj",
Salt: "b6oVqshJUfcm1zWEtqwKqUVylqLONAZfqt17ns+Y",
Hash: "JDJhJDE0JFYuT28xOFFNZldaaTI1UWpzNENMeHVKdm5vS1lkL2tFL1lFVkQ2a0loUEY2Vzk3UTZSVDVP",
Password: "test",
},
{
ManagerSalt: "iNGeNEfuPihM8kYDZ/C6qAJ0JERKeKkUYp6wYDU0",
Salt: "U7TA6k6VLSLHfdjSsQH0vc3Jqq6cUezJNyd0DC9c",
Hash: "JDJhJDE0JEguY2Rva3VOTVRrNm1VeGdXWjAwamViMGNvV0xYZFdHcTZjenFCRWE3Ymt2N1JiSFJDZlYy",
Password: "test2",
},
{
ManagerSalt: "ghKJaaSNTjuFmgLRqrgY4FGfx8wXEGOBE02PZvbv",
Salt: "NO/mtrMhGjX1FGDGdpGrDJIi4jxsb0aFa7ybId7r",
Hash: "JDJhJDE0JEI0M055Z2NDcjNUanB5ZEJ5MzUybi5FT3o4Y1MyNXp2c1NDVS9hS0hOcUxSRDZTWmUxTnN5",
Password: "supermono",
},
}
func TestSaltedPassword(t *testing.T) {
// check newly-generated password
managerSalt, err := NewSalt()
if err != nil {
t.Error("Could not generate manager salt")
}
salt, err := NewSalt()
if err != nil {
t.Error("Could not generate salt")
}
manager := NewSaltedManager(managerSalt)
passHash, err := manager.GenerateFromPassword(salt, "this is a test password")
if err != nil {
t.Error("Could not generate from password")
}
if manager.CompareHashAndPassword(passHash, salt, "this is a test password") != nil {
t.Error("Generated password does not match")
}
// check our stored passwords
for i, info := range SaltedPasswords {
// decode strings to bytes
managerSalt, err = base64.StdEncoding.DecodeString(info.ManagerSalt)
if err != nil {
t.Errorf("Could not decode manager salt for test %d", i)
}
salt, err := base64.StdEncoding.DecodeString(info.Salt)
if err != nil {
t.Errorf("Could not decode salt for test %d", i)
}
hash, err := base64.StdEncoding.DecodeString(info.Hash)
if err != nil {
t.Errorf("Could not decode hash for test %d", i)
}
// make sure our test values are still correct
manager := NewSaltedManager(managerSalt)
if manager.CompareHashAndPassword(hash, salt, info.Password) != nil {
t.Errorf("Password does not match for [%s]", info.Password)
}
}
}

50
irc/passwd/unsalted.go
View File

@ -1,50 +0,0 @@
// Copyright (c) 2012-2014 Jeremy Latt
// released under the MIT license
package passwd
import (
"encoding/base64"
"errors"
"golang.org/x/crypto/bcrypt"
)
var (
// ErrEmptyPassword means that an empty password was given.
ErrEmptyPassword = errors.New("empty password")
)
// GenerateEncodedPassword returns an encrypted password, encoded into a string with base64.
func GenerateEncodedPassword(passwd string) (encoded string, err error) {
if passwd == "" {
err = ErrEmptyPassword
return
}
bcrypted, err := bcrypt.GenerateFromPassword([]byte(passwd), bcrypt.MinCost)
if err != nil {
return
}
encoded = base64.StdEncoding.EncodeToString(bcrypted)
return
}
// DecodePasswordHash takes a base64-encoded password hash and returns the appropriate bytes.
func DecodePasswordHash(encoded string) (decoded []byte, err error) {
if encoded == "" {
err = ErrEmptyPassword
return
}
decoded, err = base64.StdEncoding.DecodeString(encoded)
return
}
// ComparePassword compares a given password with the given hash.
func ComparePassword(hash, password []byte) error {
return bcrypt.CompareHashAndPassword(hash, password)
}
// ComparePasswordString compares a given password string with the given hash.
func ComparePasswordString(hash []byte, password string) error {
return ComparePassword(hash, []byte(password))
}

54
irc/passwd/unsalted_test.go
View File

@ -1,54 +0,0 @@
// Copyright (c) 2016 Daniel Oaks <daniel@danieloaks.net>
// released under the MIT license
package passwd
import (
"testing"
)
var UnsaltedPasswords = map[string]string{
"test1": "JDJhJDA0JFFwZ1V0RWZTMFVaMkFrdlRrTG9FZk9FNEZWbWkvVEhsdGFnSXlIUC5wVmpYTkNERFJPNlcu",
"test2": "JDJhJDA0JHpQTGNqczlIanc3V2NFQ3JEOVlTM09aNkRTbGRsQzRyNmt3Q01aSUs2Y2xyWURVODZ1V0px",
"supernomo": "JDJhJDA0JHdJekhnQmk1VXQ4WUphL0pIL0tXQWVKVXJ6dXcvRDJ3WFljWW9XOGhzNllIbW1DRlFkL1VL",
}
func TestUnsaltedPassword(t *testing.T) {
for password, hash := range UnsaltedPasswords {
generatedHash, err := GenerateEncodedPassword(password)
if err != nil {
t.Errorf("Could not hash password for [%s]: %s", password, err.Error())
}
hashBytes, err := DecodePasswordHash(hash)
if err != nil {
t.Errorf("Could not decode hash for [%s]: %s", password, err.Error())
}
generatedHashBytes, err := DecodePasswordHash(generatedHash)
if err != nil {
t.Errorf("Could not decode generated hash for [%s]: %s", password, err.Error())
}
passwordBytes := []byte(password)
if ComparePassword(hashBytes, passwordBytes) != nil {
t.Errorf("Stored hash for [%s] did not match", password)
}
if ComparePassword(generatedHashBytes, passwordBytes) != nil {
t.Errorf("Generated hash for [%s] did not match", password)
}
}
}
func TestUnsaltedPasswordFailures(t *testing.T) {
_, err := GenerateEncodedPassword("")
if err != ErrEmptyPassword {
t.Error("Generating empty password did not fail as expected!")
}
_, err = DecodePasswordHash("")
if err != ErrEmptyPassword {
t.Error("Decoding empty password hash did not fail as expected!")
}
}

24
irc/server.go
View File

@ -8,7 +8,6 @@ package irc
import (
"bufio"
"crypto/tls"
"encoding/base64"
"fmt"
"math/rand"
"net"
@ -30,7 +29,6 @@ import (
"github.com/oragono/oragono/irc/languages"
"github.com/oragono/oragono/irc/logger"
"github.com/oragono/oragono/irc/modes"
"github.com/oragono/oragono/irc/passwd"
"github.com/oragono/oragono/irc/sno"
"github.com/oragono/oragono/irc/utils"
"github.com/tidwall/buntdb"
@ -89,7 +87,6 @@ type Server struct {
motdLines []string
name string
nameCasefolded string
passwords *passwd.SaltedManager
rehashMutex sync.Mutex // tier 4
rehashSignal chan os.Signal
pprofServer *http.Server
@ -980,27 +977,6 @@ func (server *Server) loadDatastore(config *Config) error {
server.loadDLines()
server.loadKLines()
// load password manager
server.logger.Debug("startup", "Loading passwords")
err = server.store.View(func(tx *buntdb.Tx) error {
saltString, err := tx.Get(keySalt)
if err != nil {
return fmt.Errorf("Could not retrieve salt string: %s", err.Error())
}
salt, err := base64.StdEncoding.DecodeString(saltString)
if err != nil {
return err
}
pwm := passwd.NewSaltedManager(salt)
server.passwords = &pwm
return nil
})
if err != nil {
return fmt.Errorf("Could not load salt: %s", err.Error())
}
server.channelRegistry = NewChannelRegistry(server)
server.accounts = NewAccountManager(server)

6
oragono.go
View File

@ -17,7 +17,7 @@ import (
"github.com/oragono/oragono/irc"
"github.com/oragono/oragono/irc/logger"
"github.com/oragono/oragono/irc/mkcerts"
"github.com/oragono/oragono/irc/passwd"
"golang.org/x/crypto/bcrypt"
"golang.org/x/crypto/ssh/terminal"
)
@ -72,11 +72,11 @@ Options:
if confirm != password {
log.Fatal("passwords do not match")
}
encoded, err := passwd.GenerateEncodedPassword(password)
hash, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.MinCost)
if err != nil {
log.Fatal("encoding error:", err.Error())
}
fmt.Println(encoded)
fmt.Println(string(hash))
} else if arguments["initdb"].(bool) {
irc.InitDB(config.Datastore.Path)
if !arguments["--quiet"].(bool) {

7
oragono.yaml
View File

@ -76,7 +76,7 @@ server:
fingerprint: 938dd33f4b76dcaf7ce5eb25c852369cb4b8fb47ba22fc235aa29c6623a5f182
# password the gateway uses to connect, made with oragono genpasswd
password: JDJhJDA0JG9rTTVERlNRa0hpOEZpNkhjZE95SU9Da1BseFdlcWtOTEQxNEFERVlqbEZNTkdhOVlYUkMu
password: "$2a$04$sLEFDpIOyUp55e6gTMKbOeroT6tMXTjPFvA0eGvwvImVR9pkwv7ee"
# hosts that can use this webirc command
# you should also add these addresses to the connection limits and throttling exemption lists
@ -145,6 +145,9 @@ accounts:
# can users register new accounts?
enabled: true
# this is the bcrypt cost we'll use for account passwords
bcrypt-cost: 12
# length of time a user has to verify their account before it can be re-registered
verify-timeout: "32h"
@ -300,7 +303,7 @@ opers:
# password to login with /OPER command
# generated using "oragono genpasswd"
password: JDJhJDA0JE1vZmwxZC9YTXBhZ3RWT2xBbkNwZnV3R2N6VFUwQUI0RUJRVXRBRHliZVVoa0VYMnlIaGsu
password: "$2a$04$LiytCxaY0lI.guDj2pBN4eLRD5cdM2OLDwqmGAgB6M2OPirbF5Jcu"
# logging, takes inspiration from Insp
logging: