| From: | Alvaro Herrera <alvherre(at)alvh(dot)no-ip(dot)org> |
|---|---|
| To: | Bernd Helmle <mailings(at)oopsware(dot)de> |
| Cc: | Japin Li <japinli(at)hotmail(dot)com>, PostgreSQL Development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Modern SHA2- based password hashes for pgcrypto |
| Date: | 2025-01-24 18:06:21 |
| Message-ID: | 202501241806.awm2djrgyehi@alvherre.pgsql |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 2025-Jan-24, Bernd Helmle wrote:
> So we behave exactly the same way as px_crypt_md5(): It stops after the
> first '$' after the magic byte preamble. For shacrypt, this could be
> the next '$' after the closing one of the non-mandatory 'rounds'
> option, but with your example this doesn't happen since it gets never
> parsed. The salt length will be set to 0.
IMO silently using no salt or 0 iterations because the input is somewhat
broken is bad security and should be rejected. If we did so in the past
without noticing, that's bad already, but we should not replicate that
behavior any further.
--
Álvaro Herrera PostgreSQL Developer — https://www.EnterpriseDB.com/
"Doing what he did amounts to sticking his fingers under the hood of the
implementation; if he gets his fingers burnt, it's his problem." (Tom Lane)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | David Steele | 2025-01-24 18:43:02 | Re: Return pg_control from pg_backup_stop(). |
| Previous Message | Bernd Helmle | 2025-01-24 17:14:45 | Re: Modern SHA2- based password hashes for pgcrypto |