public inbox for [email protected]  
help / color / mirror / Atom feed
From: Japin Li <[email protected]>
To: Alvaro Herrera <[email protected]>
Cc: Bernd Helmle <[email protected]>
Cc: PostgreSQL Development <[email protected]>
Subject: Re: Modern SHA2- based password hashes for pgcrypto
Date: Sat, 08 Feb 2025 10:16:40 +0800
Message-ID: <ME0P300MB044591448FAFF397FFC1ED9CB6F02@ME0P300MB0445.AUSP300.PROD.OUTLOOK.COM> (raw)
In-Reply-To: <[email protected]>
References: <[email protected]>

On Fri, 07 Feb 2025 at 10:31, Alvaro Herrera <[email protected]> wrote:
> On 2025-Feb-07, Japin Li wrote:
>
>> Since there is no standard, how do we handle this?  I prefer to use
>> the strict mode like passlib.
>
> I definitely like that passlib have documented their thought process
> thoroughly.
>
> I think using their strict mode is good on principle, but if we're going
> to do that, then the salt string should not be used verbatim, but
> instead base64-decoded first to get the actual salt bytes, like they do.
> Does this break compabitibility with other systems?  Are
> passlib-generated password hashes incompatible with, say, "openssl
> passwd" which you (Bernd) mentioned at the beginning of the thread?
> Maybe if the password hashes are no longer compatible, then we should
> ditch the idea of restricting salts to base64 chars and accept the whole
> range of bytes, like Drepper.

Thinking about compatibility, the Drepper's behavior is a good choice.

Or we can accept the whole range of bytes except the $ character since it is
a separator.  Of course, it is also not compatible with other systems.

>
> But in any case ISTM we should reject, as they suggest, the use of less
> than 4 bytes of salt (and should perhaps settle for a default of 16, as
> passlib suggests).  I suppose this is why passlib returns NULL with
> empty salt.  What we should do in that case IMO is ereport(ERROR).

+1

-- 
Regrads,
Japin Li






view thread (5+ messages)  latest in thread

reply

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Reply to all the recipients using the --to and --cc options:
  reply via email

  To: [email protected]
  Cc: [email protected], [email protected], [email protected]
  Subject: Re: Modern SHA2- based password hashes for pgcrypto
  In-Reply-To: <ME0P300MB044591448FAFF397FFC1ED9CB6F02@ME0P300MB0445.AUSP300.PROD.OUTLOOK.COM>

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox