Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:117076
Return-Path: <ocramius@gmail.com>
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 10749 invoked from network); 20 Feb 2022 12:05:31 -0000
Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5)
  by pb1.pair.com with SMTP; 20 Feb 2022 12:05:31 -0000
Received: from php-smtp4.php.net (localhost [127.0.0.1])
	by php-smtp4.php.net (Postfix) with ESMTP id C1F7A180381
	for <internals@lists.php.net>; Sun, 20 Feb 2022 05:24:29 -0800 (PST)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net
X-Spam-Level: 
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,HTML_MESSAGE,
	RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,
	SPF_PASS autolearn=no autolearn_force=no version=3.4.2
X-Spam-ASN: AS15169 209.85.128.0/17
X-Spam-Virus: No
X-Envelope-From: <ocramius@gmail.com>
Received: from mail-oo1-f51.google.com (mail-oo1-f51.google.com [209.85.161.51])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by php-smtp4.php.net (Postfix) with ESMTPS
	for <internals@lists.php.net>; Sun, 20 Feb 2022 05:24:29 -0800 (PST)
Received: by mail-oo1-f51.google.com with SMTP id w10-20020a4ae08a000000b0031bdf7a6d76so9766780oos.10
        for <internals@lists.php.net>; Sun, 20 Feb 2022 05:24:29 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=5kgkYLX3fL7S7Uex/UK5K7iNALbo2+/aWz1VCn7l9Ds=;
        b=DbrSrPpXuvAVsl84Zw6+L/gvczvuUn0ZT3ONt2lR086sfiB0miIP2iJmNUkh47Xg0j
         bzUDuCXgddUMyk+TSFn40+8TpOGmqMzEyHMy58160tWw6uSynOGhb5ZG4mHjzxjOhCP6
         jl2HepiLpjlHNm0C4SVZKk2dlyWWkuX4Z07t4qG/4W+VzHMwBwc6G015EjT8hqrni422
         kXGa/S8HoHJ+AVKZ48MWL6hYmLTMTUCyb/IeC3AepoHmWxwTRMWkDKlKE1MWvKQp4RL9
         R+xMV2T/XONr6wuzRQ6TCIMZLkWURTdE5Ga9FP9qPYRc1zGoTdJnByOjtaeXt/L9CW8F
         yDTg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=5kgkYLX3fL7S7Uex/UK5K7iNALbo2+/aWz1VCn7l9Ds=;
        b=2a7YsJ4t6QEOJ8bWN2JoLQFl1NWcEMzTG8kcXJUgZ2FGik+uivdnGCqEV+e2o9/CD2
         XMD6XVOvKzJif8mmxDo1/4bSekV2/dZycjAMucgTp64k0rUXOT54tu5lwEU42c/Ea9vs
         34c2TrELIDmam0OHzzi/tfAYUKIC2peMoUmUa6ZnX1hd8FHpezKFTQbAseUELVVMJihg
         Ubl1jTRVI16r2RdaQM2/C3dis3Artgx/yXfLuAMWJ7frcR6bNzKhXzNso5gkrIN4xjVq
         VgvjBVbomM9rwtaYWPFZz0WLd9q+q/5aV4imTcQFXLw13MZ4eeWvgq/GyxTF1olo+pMF
         LNrQ==
X-Gm-Message-State: AOAM531qrbvWnjIYrnu45cDJuq/LgsV7T4fUOB51i1IkDmU67BpSU/FH
	HwmsPlc7lKudurs2Ugwnk8u69t9GXmV9DG3TJOo=
X-Google-Smtp-Source: ABdhPJy3UDldmRpajIHIsyf8JavjXtSvVvp+TTa+Yi8WxaWoeamMQtxMdY0eZTzpyEwAD87bxQO7m3UowdmkRjbUn4w=
X-Received: by 2002:a05:6870:82a0:b0:d3:6905:5fc1 with SMTP id
 q32-20020a05687082a000b000d369055fc1mr7365154oae.135.1645363468300; Sun, 20
 Feb 2022 05:24:28 -0800 (PST)
MIME-Version: 1.0
References: <5983302.2649742.1645319015766@email.ionos.com>
 <6238bf00-011e-35cc-d84b-4082b4f05099@gmail.com> <497325306.1564942.1645357444018@email.ionos.com>
 <3c6871ca-589d-6812-800c-a3b9ad6bb575@bastelstu.be>
In-Reply-To: <3c6871ca-589d-6812-800c-a3b9ad6bb575@bastelstu.be>
Date: Sun, 20 Feb 2022 14:24:16 +0100
Message-ID: <CADyq6sLWRfD2DJwRNWmX=s7rbA2Rs+Agu9tsW9mLQbCeJ27vwA@mail.gmail.com>
To: =?UTF-8?Q?Tim_D=C3=BCsterhus?= <tim@bastelstu.be>
Cc: steve@tobtu.com, Stanislav Malyshev <smalyshev@gmail.com>, 
	PHP Internals List <internals@lists.php.net>
Content-Type: multipart/alternative; boundary="0000000000000df74805d8730973"
Subject: Re: [PHP-DEV] RFC proposal to deprecate crypt()
From: ocramius@gmail.com (Marco Pivetta)

--0000000000000df74805d8730973
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

On Sun, 20 Feb 2022, 14:17 Tim D=C3=BCsterhus, <tim@bastelstu.be> wrote:

> Hi Steve,
>
> On 2/20/22 12:44, steve@tobtu.com wrote:
>
>
> > If that's the case, you may not know that password_verify() can verify
> all password hashes created by crypt(). The whole point of deprecating an=
d
> finally removing crypt() is that users can no longer create bad password
> hashes. This is a massive gain in security. It's like removing mcrypt whi=
ch
> removed people's ability to ECB encrypt data. Sure there are very limited
> uses that are secure but 99.9999% are crypto101 errors.
>
> I am maintaining a software that supports a *legacy* password hashing
> algorithm that, for reasons that are not relevant to this discussion,
> performs two passes of BCrypt hashing with the *same* salt:
>
> crypt(crypt('password', '$2a$08$salt'), '$2a$08$salt');
>
> This is not something that can be replicated with password_hash and
> password_verify, because password_hash does not accept an explicit salt
> starting with PHP 8.0 and password_verify does not know about this
> double hashing.
>
> Even though this hashing algorithm is legacy, we need to maintain
> compatibility with that for the foreseeable future to be able to upgrade
> users into the current (password_hash() based) hashes, without them
> needing to reset their passwords.
>

The RFC is about deprecation, not removal.

Set a deadline for your customer (few years?):

 * Enable rehashing (you already do)
 * Deprecate the old algo internally
 * When the deadline is past, drop the old algo: users with an old hash
will have to reset their password

Note that PHP 9 is still far away, so you have time to rehash.

>

--0000000000000df74805d8730973--