1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-27 07:50:57 +01:00

Allow hashers to side-grade hashes across cost settings

Summary:
Ref T4443. In addition to performing upgrades from, e.g., md5 -> bcrypt, also allow sidegrades from, e.g., bcrypt(cost=11) to bcrypt(cost=12). This allows us to, for example, bump the cost function every 18 months and stay on par with Moore's law, on average.

I'm also allowing "upgrades" which technically reduce cost, but this seems like the right thing to do (i.e., generally migrate password storage so it's all uniform, on average).

Test Plan:
  - Fiddled the bcrypt cost function and saw appropriate upgrade UI, and upgraded passwords upon password change.
  - Passwords still worked.
  - Around cost=13 or 14 things start getting noticibly slow, so bcrypt does actually work. Such wow.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4443

Differential Revision: https://secure.phabricator.com/D8271
This commit is contained in:
epriestley 2014-02-18 11:52:57 -08:00
parent 580bcd0d2b
commit 5c84aac908
2 changed files with 55 additions and 6 deletions

View file

@ -34,12 +34,8 @@ final class PhabricatorBcryptPasswordHasher
protected function getPasswordHash(PhutilOpaqueEnvelope $envelope) {
$raw_input = $envelope->openEnvelope();
// NOTE: The default cost is "10", but my laptop can do a hash of cost
// "12" in about 300ms. Since server hardware is often virtualized or old,
// just split the difference.
$options = array(
'cost' => 11,
'cost' => $this->getBcryptCost(),
);
$raw_hash = password_hash($raw_input, CRYPT_BLOWFISH, $options);
@ -53,4 +49,27 @@ final class PhabricatorBcryptPasswordHasher
return password_verify($password->openEnvelope(), $hash->openEnvelope());
}
protected function canUpgradeInternalHash(PhutilOpaqueEnvelope $hash) {
$info = password_get_info($hash->openEnvelope());
// NOTE: If the costs don't match -- even if the new cost is lower than
// the old cost -- count this as an upgrade. This allows costs to be
// adjusted down and hashing to be migrated toward the new cost if costs
// are ever configured too high for some reason.
$cost = idx($info['options'], 'cost');
if ($cost != $this->getBcryptCost()) {
return true;
}
return false;
}
private function getBcryptCost() {
// NOTE: The default cost is "10", but my laptop can do a hash of cost
// "12" in about 300ms. Since server hardware is often virtualized or old,
// just split the difference.
return 11;
}
}

View file

@ -130,6 +130,24 @@ abstract class PhabricatorPasswordHasher extends Phobject {
}
/**
* Check if an existing hash created by this algorithm is upgradeable.
*
* The default implementation returns `false`. However, hash algorithms which
* have (for example) an internal cost function may be able to upgrade an
* existing hash to a stronger one with a higher cost.
*
* @param PhutilOpaqueEnvelope Bare hash.
* @return bool True if the hash can be upgraded without
* changing the algorithm (for example, to a
* higher cost).
* @task hasher
*/
protected function canUpgradeInternalHash(PhutilOpaqueEnvelope $hash) {
return false;
}
/* -( Using Hashers )------------------------------------------------------ */
@ -318,7 +336,19 @@ abstract class PhabricatorPasswordHasher extends Phobject {
$current_hasher = self::getHasherForHash($hash);
$best_hasher = self::getBestHasher();
return ($current_hasher->getHashName() != $best_hasher->getHashName());
if ($current_hasher->getHashName() != $best_hasher->getHashName()) {
// If the algorithm isn't the best one, we can upgrade.
return true;
}
$info = self::parseHashFromStorage($hash);
if ($current_hasher->canUpgradeInternalHash($info['hash'])) {
// If the algorithm provides an internal upgrade, we can also upgrade.
return true;
}
// Already on the best algorithm with the best settings.
return false;
}