Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:114091 Return-Path: Delivered-To: mailing list internals@lists.php.net Received: (qmail 50591 invoked from network); 22 Apr 2021 05:55:01 -0000 Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5) by pb1.pair.com with SMTP; 22 Apr 2021 05:55:01 -0000 Received: from php-smtp4.php.net (localhost [127.0.0.1]) by php-smtp4.php.net (Postfix) with ESMTP id 51F3A1804DB for ; Wed, 21 Apr 2021 22:57:58 -0700 (PDT) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net X-Spam-Level: X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,HTML_MESSAGE,RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_PASS,SPF_NONE autolearn=no autolearn_force=no version=3.4.2 X-Spam-Virus: No X-Envelope-From: Received: from mo4-p00-ob.smtp.rzone.de (mo4-p00-ob.smtp.rzone.de [81.169.146.161]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by php-smtp4.php.net (Postfix) with ESMTPS for ; Wed, 21 Apr 2021 22:57:56 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1619071075; cv=none; d=strato.com; s=strato-dkim-0002; b=Pp5uRLX+0HXO5zJtDwqa5zeMzOTcaZdn0NoC9A9ZMVgG6yF1W4OussrjO5iakFxpbK IAcK50y6oU/elCVUkacMxLZFuRkzca+ocsifyyXrreGlZiTnZ3g5MgpZzR6SxNcUoi4Z 8GOI2VmQGSkU488YPYqt9kKfqgL5f6rKGfJavR2ntBBvnVN32jtd1ZlPAapUVFQ6MI6H ydJiYcoP3Io41Q7UUfIlzovHKHfVib6MBLFWWvP5aYAsXZLMjtG6DTcKfdaEmh/II5+Q i41MCDWop9BRqbuj/E4yvfFH2JyjlL4LoMgU4FKnsYa8NmQ1UjWjAIQ/f7gNmMvAFmPr S52A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; t=1619071075; s=strato-dkim-0002; d=strato.com; h=Cc:To:Subject:Message-ID:Date:From:In-Reply-To:References:Cc:Date: From:Subject:Sender; bh=LWdEIoBS8iy6CWhMNbqXPS523tO0rQkfhDKwjo2gVvQ=; b=c4+yG0IbC25k6ewYWzVu0glvmJvKTlWZk/d2RXc+2EHqrFKygK/ijmbVnmiO+7g2lR mKWWI72qrHwm+LJ5T+vhxW7DNeB/t7N4kuZTYg0kdY9qJ74D89ZkvfkIVa5XMJQiS07U RW+XvobxMW23M2XPZm071/zNLVusWXU8IqGF4mtqYmxnAT6hjgUpEeahqLDTN7C5zKHo 6oXcq79dIf0nffGaRAKV0ep8niq196MKLDCYr0V4dIKdnXXlC2HhcKJqdt3gkJTst2p5 Jt2N2FIOQs9IHN7iio5PW7IvcZV2bKFcBi7BhyBzJFe7QIu88TVOlMa02pSPpkBFM+PW zJQA== ARC-Authentication-Results: i=1; strato.com; dkim=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1619071075; s=strato-dkim-0002; d=kelunik.com; h=Cc:To:Subject:Message-ID:Date:From:In-Reply-To:References:Cc:Date: From:Subject:Sender; bh=LWdEIoBS8iy6CWhMNbqXPS523tO0rQkfhDKwjo2gVvQ=; b=VnbXbAEcVOgH5q/1lSy6ZE/E7WM8f7ZMJgfPWseiNuRUtUvDXDse/mcXgNrMXUbjzZ qzGtueLu3O2EgYNJJA6lKC+w1dleEtVF6hbaC21tFHx0rBCCvrbb4d/h0aSFofTX9uhu EOyzX9u4JR/RdgDa0U2lHRVe9i2MSxn4mtUd0RrPX0CbDoxm6OCudWdMbrCBbts26/Jb vJ9rlVuOFGaBjrpJixrFsgYLrkiTFiGlKMw2KPJQZgJZauuwG70vuXoEHxoKOR1fc/SE wh+JRSETg0iURVq2cDDzDj8Pyw9DBWvwhIvoKKpB2wCK0RW9aXqrdcFCfgt6p/8mA3qm PiYg== Authentication-Results: strato.com; dkim=none X-RZG-AUTH: ":IWkkfkWkbvHsXQGmRYmUo9mlsGbEv0XHBzMIJSS+jKTzde5mDb8AaBAcYiRB" X-RZG-CLASS-ID: mo00 Received: from mail-pj1-f53.google.com by smtp.strato.de (RZmta 47.24.3 AUTH) with ESMTPSA id R0b4f3x3M5vsQL7 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256 bits)) (Client did not present a certificate) for ; Thu, 22 Apr 2021 07:57:54 +0200 (CEST) Received: by mail-pj1-f53.google.com with SMTP id nk8so7548605pjb.3 for ; Wed, 21 Apr 2021 22:57:54 -0700 (PDT) X-Gm-Message-State: AOAM530ysITlZwxdPBrh0+KOmcv1GyypGVTW6kAuDnp+vcOwIA+qq+lp 3rqPW29xIX41WR0mypXzGjbTUMgJ7fjvLz8LGCM= X-Google-Smtp-Source: ABdhPJwnTxrouXrQeT9nMLG6oLRsaLbtn8qwDrh4S6TMyFvB93vqW19H06Tt6ipuxCh8kyf84GHeODuQt0q3Rq7XJ08= X-Received: by 2002:a17:902:b18f:b029:ec:7ac0:fd1a with SMTP id s15-20020a170902b18fb02900ec7ac0fd1amr1791880plr.84.1619071073993; Wed, 21 Apr 2021 22:57:53 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: Date: Thu, 22 Apr 2021 07:57:45 +0200 X-Gmail-Original-Message-ID: Message-ID: To: Sara Golemon Cc: PHP internals Content-Type: multipart/alternative; boundary="0000000000003b497605c0895ce6" Subject: Re: [PHP-DEV] Binary (un)safety of password_hash() used with PASSWORD_BCRYPT From: me@kelunik.com (Niklas Keller) --0000000000003b497605c0895ce6 Content-Type: text/plain; charset="UTF-8" Sara Golemon schrieb am Do., 22. Apr. 2021, 03:47: > I have this notion that we've discussed this before, I'm certain I knew > that bcrypt wasn't binary safe, but someone reminded me that > password_hash() could be called with null bytes in the password itself and > that is just SCREAMING to have some safety-rails put on IMO. > > So I've thrown together https://github.com/php/php-src/pull/6897 to test > that argon2 algos behave well (they do!), and modified the bcrypt algo to > throw an exception if you try to hash a new password containing a null, but > only warns if you've got a null when running password_verify(). My > reasoning for the latter is because anyone trying to auth with a null > character that succeeds does definitely know enough of the password to pass > by simply not passing the null, so we shouldn't break existing users who > already have hashes. This only aims to break users who would otherwise be > able to include a null, because they would have a false sense of security > having their password truncated and can remedy that in their password > choosing. > Hey Sara, Thank you for your work. I think this is a really good safety check to have. I'd however go a step further and also throw on NUL in password_verify. You seem to assume that NUL bytes as input come from the end user, but I think it's more likely the developer uses a hash function with raw output as a pre-encoding, for reasons such as bringing long passwords below the bcrypt character limit. Best, Niklas Since this does introduce a (small) break, I'm putting it to the list for > opinions. > If nobody objects, I'll merge this (8.1 only) at the end of the month. > > -Sara > --0000000000003b497605c0895ce6--