grahamc/hydra - Change ASPD4MDNLVUI77M2JH2KHQUMIU5B2NRIKI7BXJVSQ3C7OGYEB3YQC

Passwords: check in constant time

The default password comparison logic does not use constant time validation. Switching to constant time offers a meager improvement by removing a timing oracle.

A prepatory step in moving to Argon2id password storage, since we'll need this change anyway after for validating existing passwords.

Co-authored-by: Graham Christensen <graham@grahamc.com>

Created by Graham Christensen on April 15, 2021

ASPD4MDNLVUI77M2JH2KHQUMIU5B2NRIKI7BXJVSQ3C7OGYEB3YQC

Dependencies

In channels

main

upstream

Change contents

Insertion in flake.nix at line 230 [5.1]

[2.2737]

            };
          };
          StringCompareConstantTime = final.buildPerlPackage {
            pname = "String-Compare-ConstantTime";
            version = "0.321";
            src = final.fetchurl {
              url = "mirror://cpan/authors/id/F/FR/FRACTAL/String-Compare-ConstantTime-0.321.tar.gz";
              sha256 = "0b26ba2b121d8004425d4485d1d46f59001c83763aa26624dff6220d7735d7f7";

Insertion in flake.nix at line 240 [5.1]

[2.2752]

            meta = {
              description = "Timing side-channel protected string compare";
              license = with final.lib.licenses; [ artistic1 gpl1Plus ];
            };

Insertion in flake.nix at line 295 [5.1]

[5.2623]

                StringCompareConstantTime

Insertion in src/lib/Hydra/Schema/Users.pm at line 198 [7.3258]
[6.1839]
[6.1839]
```
use Digest::SHA1 qw(sha1_hex);
use String::Compare::ConstantTime;
```

Insertion in src/lib/Hydra/Schema/Users.pm at line 216 [7.3258]

[6.2034]

[7.4016]

sub check_password {
    my ($self, $password) = @_;
    return String::Compare::ConstantTime::equals($self->password, sha1_hex($password));
}

Replacement in src/lib/Hydra.pm at line 37 [8.6954]

B:BD[4.165] → [4.165:255]

                password_type => "hashed",
                password_hash_type => "SHA-1",

[4.165]

[4.255]

                password_type => "self_check",

File addition: Schema (d--x------)
[3.697]

File addition: Users.t (----------)

[0.895]

use strict;
use Setup;
my %ctx = test_init();
require Hydra::Schema;
require Hydra::Model::DB;
use Test2::V0;
my $db = Hydra::Model::DB->new;
hydra_setup($db);
# Catalyst's default password checking is not constant time. To improve
# the security of the system, we replaced the check password routine.
# Verify comparing correct and incorrect passwords work.
# Starting the user with a sha1 password
my $user = $db->resultset('Users')->create({
    "username" => "alice",
    "emailaddress" => 'alice@nixos.org',
    "password" => "8843d7f92416211de9ebb963ff4ce28125932878" # SHA1 of "foobar"
});
isnt($user, undef, "My user was created.");
ok(!$user->check_password("barbaz"), "Checking the password, barbaz, is not right");
ok($user->check_password("foobar"), "Checking the password, foobar, is right");
done_testing;