Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:61934
Return-Path: <keisial@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 10323 invoked from network); 1 Aug 2012 18:14:18 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 1 Aug 2012 18:14:18 -0000
Authentication-Results: pb1.pair.com header.from=keisial@gmail.com; sender-id=pass
Authentication-Results: pb1.pair.com smtp.mail=keisial@gmail.com; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.215.170 as permitted sender)
X-PHP-List-Original-Sender: keisial@gmail.com
X-Host-Fingerprint: 209.85.215.170 mail-ey0-f170.google.com  
Received: from [209.85.215.170] ([209.85.215.170:47700] helo=mail-ey0-f170.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 87/ED-32875-AF179105 for <internals@lists.php.net>; Wed, 01 Aug 2012 14:14:18 -0400
Received: by eaao10 with SMTP id o10so1789092eaa.29
        for <internals@lists.php.net>; Wed, 01 Aug 2012 11:14:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=message-id:date:from:user-agent:mime-version:to:cc:subject
         :references:in-reply-to:content-type:content-transfer-encoding;
        bh=LSYzLc/AYHOUcjDNQKtjkvGKV4VrHYxCSFis+IzrcKA=;
        b=EHR7jZHn7K1fj8qrJMawu4NbcDP+vDabub/rRBhPiroKfj3sqqr1Vqyh/8K4RN7Kfh
         HDL97dWqetZVwm5Xl6XyUiQyACC1cq6hO5AVDytHvW/03SwRxaq+cMR95OkCsNJkiL6u
         5IaHKs8E2vW7Vd3BUE4RZJBMvFO0gF5ksaMB0kZXiYoYxHOfOKm+8hKdPtXlLdVFMVEq
         69yDIPVC3+97vPwVnwOoj4NBjcPGhZM3SJygev7mL4kX8RcdMGe2YfsoCaRXRjg+FpBi
         sEEiYYnIH01arZIC9s9Vgv2o98EbqF5sxhjx0D2/qZXkXfNBhmhtKWYtR4Cx7mxkAsa7
         +u/A==
Received: by 10.14.178.134 with SMTP id f6mr23764652eem.2.1343844855535;
        Wed, 01 Aug 2012 11:14:15 -0700 (PDT)
Received: from [192.168.1.26] (47.Red-81-39-65.dynamicIP.rima-tde.net. [81.39.65.47])
        by mx.google.com with ESMTPS id 7sm10936746eeb.3.2012.08.01.11.14.13
        (version=SSLv3 cipher=OTHER);
        Wed, 01 Aug 2012 11:14:14 -0700 (PDT)
Message-ID: <50197136.7040401@gmail.com>
Date: Wed, 01 Aug 2012 20:11:02 +0200
User-Agent: Thunderbird
MIME-Version: 1.0
To: Peter Lind <peter.e.lind@gmail.com>
CC: Anthony Ferrara <ircmaxell@gmail.com>, internals@lists.php.net
References: <CAAyV7nFRT24rksh6iDWxstfQwJ4+KdEC7Zs6EC8wBtJ8Zorf7w@mail.gmail.com> <4FFF1831.8070902@sugarcrm.com> <CAAyV7nHi0k6S-zbi5=xCE8EmXpaEds9RoZTB8RPOeO8K_ZLY=w@mail.gmail.com> <005101cd6f18$9da38510$d8ea8f30$@com> <CAAyV7nGOiVD0=z+6nJKAhr6qu96GuU4+nBTTQiizcP9DxNRUUg@mail.gmail.com> <009401cd6f28$b71c69c0$25553d40$@com> <CAAyV7nH8w5j+AQYQqh0O5eA78tjrvEzAAvKkPNPNrRFhBvDxvQ@mail.gmail.com> <00b701cd6f35$b2d621a0$188264e0$@com> <CAAyV7nHr532Bi-K0k99wSSg5RgJYLGAdusMqCYt9pRRr6LqscA@mail.gmail.com> <CAEU6NAeQsnDr0uDKMLU3F9SE=dopaiELGozkPX8zOj9CsGFagQ@mail.gmail.com> <CAAyV7nGPnFtfDQY4UNdon0bbEZwRcBsejygvASDek15SjiPYvg@mail.gmail.com> <CAEU6NAcbB+wV=2YMotFQL-E0Jhx-S4MGQ5sgc64gmNo9VJxhMw@mail.gmail.com>
In-Reply-To: <CAEU6NAcbB+wV=2YMotFQL-E0Jhx-S4MGQ5sgc64gmNo9VJxhMw@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Subject: Re: [PHP-DEV] [PROPOSED] password_hash RFC - Implementing simplified
 password hashing functions
From: keisial@gmail.com (=?UTF-8?B?w4FuZ2VsIEdvbnrDoWxleg==?=)

On 31/07/12 22:20, Peter Lind wrote:
> On 31 July 2012 22:02, Anthony Ferrara <ircmaxell@gmail.com> wrote:
>> Peter,
>>
>> On Tue, Jul 31, 2012 at 3:46 PM, Peter Lind <peter.e.lind@gmail.com> wrote:
>>> On 31 July 2012 18:21, Anthony Ferrara <ircmaxell@gmail.com> wrote:
>>>
>>> *snip*
>>>
>>>> Also, be aware that BCrypt only uses the first 72 characters of the
>>>> password field. So if you use a hex encoded sha512 output, a good deal
>>>> of
>>>> entropy would be lost (almost half of it)...
>>>>
>>> Seeing as the hashing function will default (at first, at least) to
>>> bcrypt, would it be possible to add a warning if it's given an input
>>> longer than 72 chars? Preferably make the function context-aware so
>>> you don't get the same warning if using sha512. Otherwise I predict
>>> that someone will do:
>>>
>>> $hash = password_hash($my_128_char_pepper . $password, PASSWORD_DEFAULT);
>>>
>>> Which obviously renders the hashing useless, as you'll be hashing the
>>> same 72 chars over and over again. Which, currently, crypt() let's you
>>> get away with without as much as a hiccup.
>> That's actually a very good idea.
>>
>> I'm curious though. Should we warning? Or should we sha512 hash (to bring
>> down to 64 chars)...  That's something I think would be worth reaching out
>> to the crypt() maintainers for advice...
> I'd be wary of not doing what people actually expect - i.e. hash the
> provided string with the specified algo. Better to educate the users,
> I'd say, through a warning. Anyway, as you said, would be good to get
> other opinions on this.
>
> Regards
> Peter
I'd go with the hashing. I'd would however produce a slightly different
prefix
than with bare bcrypt.
$password is user-provided. The library client shouldn't need to know
the hash
internals and -depending on that- truncate the output.
There may be a $option to disable this additional hashing, though.