Commit 74e8e398 authored by Quanah Gibson-Mount's avatar Quanah Gibson-Mount
Browse files
parents d356c16d 899f3c99
SHA-512 OpenLDAP support
------------------------
SHA-2 OpenLDAP support
----------------------
slapd-sha2.c provides support for SHA-512, SHA-384 and SHA-256 hashed passwords in
OpenLDAP. For instance, one could have the LDAP attribute:
slapd-sha2.c provides support for SSHA-512, SSHA-384, SSHA-256,
SHA-512, SHA-384 and SHA-256 hashed passwords in OpenLDAP. For
instance, one could have the LDAP attribute:
userPassword: {SHA512}vSsar3708Jvp9Szi2NWZZ02Bqp1qRCFpbcTZPdBhnWgs5WtNZKnvCXdhztmeD2cmW192CF5bDufKRpayrW/isg==
......@@ -41,13 +42,14 @@ moduleload ...path/to/slapd-sha2.so
Configuring
-----------
The {SHA256}, {SHA384} and {SHA512} password schemes should now be recognised.
The {SSHA256}, {SSHA384}, {SSHA512}, {SSHA256}, {SHA384} and {SHA512}
password schemes should now be recognised.
You can also tell OpenLDAP to use one of these new schemes when processing LDAP
Password Modify Extended Operations, thanks to the password-hash option in
slapd.conf. For example:
password-hash {SHA256}
password-hash {SSHA512}
Testing
......@@ -57,7 +59,7 @@ A quick way to test whether it's working is to customize the rootdn and
rootpw in slapd.conf, eg:
rootdn "cn=admin,dc=example,dc=com"
# This encrypts the string 'secret'
# This encrypts the string 'secret'
rootpw {SHA256}K7gNU3sdo+OL0wNhqoVWhr3g6s1xYv72ol/pe/Unols=
......@@ -74,7 +76,7 @@ $ echo -n "secret" | openssl dgst -sha256 -binary | openssl enc -base64
K7gNU3sdo+OL0wNhqoVWhr3g6s1xYv72ol/pe/Unols=
$ echo -n "secret" | openssl dgst -sha384 -binary | openssl enc -base64
WKd1ukESvjAFrkQHznV9iP2nHUBJe7gCbsrFTU4//HIyzo3jq1rLMK45dg/ufFPt
$ echo -n "secret" | openssl dgst -sha512 -binary | openssl enc -base64
$ echo -n "secret" | openssl dgst -sha512 -binary | openssl enc -base64
vSsar3708Jvp9Szi2NWZZ02Bqp1qRCFpbcTZPdBhnWgs5WtNZKnvCXdhztmeD2cm
W192CF5bDufKRpayrW/isg==
......@@ -83,22 +85,18 @@ W192CF5bDufKRpayrW/isg==
Alternatively we could modify an existing user's password with
ldapmodify, and then test binding as that user:
ldappasswd, and then test binding as that user:
$ ldapmodify -D "cn=admin,dc=example,dc=com" -x -W
Enter LDAP Password:
dn: uid=jturner,ou=People,dc=example,dc=com
changetype: modify
replace: userPassword
userPassword: {SHA512}vSsar3708Jvp9Szi2NWZZ02Bqp1qRCFpbcTZPdBhnWgs5WtNZKnvCXdhztmeD2cmW192CF5bDufKRpayrW/isg==
modifying entry "uid=jturner,ou=People,dc=example,dc=com"
$ ldappasswd -D "cn=admin,dc=example,dc=com" -x -W -S uid=jturner,ou=People,dc=example,dc=com
New password: secret
Re-enter new password: secret
Enter LDAP Password: <cn=admin's password>
$ ldapsearch -b "dc=example,dc=com" -D "uid=jturner,ou=People,dc=example,dc=com" -x -w secret
Debugging
---------
Debugging (SHA-512, SHA-384 and SHA-256 only)
---------------------------------------------
To see what's going on, recompile with SLAPD_SHA2_DEBUG (use the
commented-out CCFLAGS in Makefile), and then run slapd from the console
......@@ -106,19 +104,17 @@ to see stderr:
$ sudo /etc/init.d/slapd stop
Stopping OpenLDAP: slapd.
$ sudo /usr/sbin/slapd -f /etc/ldap/slapd.conf -h ldap://localhost:389 -d 256
$ sudo /usr/sbin/slapd -f /etc/ldap/slapd.conf -h ldap://localhost:389 -d stats
@(#) $OpenLDAP$
buildd@palmer:/build/buildd/openldap2.3-2.4.9/debian/build/servers/slapd
/etc/ldap/slapd.conf: line 123: rootdn is always granted unlimited privileges.
/etc/ldap/slapd.conf: line 140: rootdn is always granted unlimited privileges.
slapd starting
...
Validating password
Password to validate: secret
Hashes to: K7gNU3sdo+OL0wNhqoVWhr3g6s1xYv72ol/pe/Unols=
Stored password scheme: {SHA256}
Stored password value: K7gNU3sdo+OL0wNhqoVWhr3g6s1xYv72ol/pe/Unols=
-> Passwords match
Hash scheme: {SHA256}
Password to validate: secret
Password hash: K7gNU3sdo+OL0wNhqoVWhr3g6s1xYv72ol/pe/Unols=
Stored password hash: K7gNU3sdo+OL0wNhqoVWhr3g6s1xYv72ol/pe/Unols=
Result: match
conn=0 op=0 BIND dn="cn=admin,dc=example,dc=com" mech=SIMPLE ssf=0
conn=0 op=0 RESULT tag=97 err=0 text=
conn=0 op=1 SRCH base="dc=example,dc=com" scope=2 deref=0 filter="(objectClass=*)"
......
......@@ -17,83 +17,53 @@
* in OpenLDAP Software.
*
* Hash methods for passwords generation added by Cédric Delfosse.
*
* SSHA256 / SSHA384 / SSHA512 support added, and chk_sha*() replaced
* with libraries/liblutil/passwd.c:chk_sha1() implementation to
* fix a race by SATOH Fumiyasu @ OSS Technology, Inc.
*/
#include <lber.h>
#include <lber_pvt.h>
#include "portable.h"
#include <ac/string.h>
#include "lber_pvt.h"
#include "lutil.h"
#include <stdint.h>
#include <string.h>
#include <assert.h>
#include "sha2.h"
#ifdef SLAPD_SHA2_DEBUG
#include <stdio.h>
#endif
char * sha256_hex_hash(const char * passwd) {
#define SHA2_SALT_SIZE 8
static int hash_ssha256(
const struct berval *scheme,
const struct berval *passwd,
struct berval *hash,
const char **text )
{
SHA256_CTX ct;
unsigned char hash[SHA256_DIGEST_LENGTH];
static char real_hash[LUTIL_BASE64_ENCODE_LEN(SHA256_DIGEST_LENGTH)+1]; /* extra char for \0 */
SHA256_Init(&ct);
SHA256_Update(&ct, (const uint8_t*)passwd, strlen(passwd));
SHA256_Final(hash, &ct);
/* base64 encode it */
lutil_b64_ntop(
hash,
SHA256_DIGEST_LENGTH,
real_hash,
LUTIL_BASE64_ENCODE_LEN(SHA256_DIGEST_LENGTH)+1
);
return real_hash;
}
char * sha384_hex_hash(const char * passwd) {
SHA384_CTX ct;
unsigned char hash[SHA384_DIGEST_LENGTH];
static char real_hash[LUTIL_BASE64_ENCODE_LEN(SHA384_DIGEST_LENGTH)+1]; /* extra char for \0 */
unsigned char hash256[SHA256_DIGEST_LENGTH];
char saltdata[SHA2_SALT_SIZE];
struct berval digest;
struct berval salt;
SHA384_Init(&ct);
SHA384_Update(&ct, (const uint8_t*)passwd, strlen(passwd));
SHA384_Final(hash, &ct);
/* base64 encode it */
lutil_b64_ntop(
hash,
SHA384_DIGEST_LENGTH,
real_hash,
LUTIL_BASE64_ENCODE_LEN(SHA384_DIGEST_LENGTH)+1
);
return real_hash;
}
digest.bv_val = (char *) hash256;
digest.bv_len = sizeof(hash256);
salt.bv_val = saltdata;
salt.bv_len = sizeof(saltdata);
char * sha512_hex_hash(const char * passwd) {
if (lutil_entropy((unsigned char *)salt.bv_val, salt.bv_len) < 0) {
return LUTIL_PASSWD_ERR;
}
SHA512_CTX ct;
unsigned char hash[SHA512_DIGEST_LENGTH];
static char real_hash[LUTIL_BASE64_ENCODE_LEN(SHA512_DIGEST_LENGTH)+1]; /* extra char for \0 */
SHA256_Init(&ct);
SHA256_Update(&ct, (const uint8_t*)passwd->bv_val, passwd->bv_len);
SHA256_Update(&ct, (const uint8_t*)salt.bv_val, salt.bv_len);
SHA256_Final(hash256, &ct);
SHA512_Init(&ct);
SHA512_Update(&ct, (const uint8_t*)passwd, strlen(passwd));
SHA512_Final(hash, &ct);
/* base64 encode it */
lutil_b64_ntop(
hash,
SHA512_DIGEST_LENGTH,
real_hash,
LUTIL_BASE64_ENCODE_LEN(SHA512_DIGEST_LENGTH)+1
);
return real_hash;
return lutil_passwd_string64(scheme, &digest, hash, &salt);
}
static int hash_sha256(
......@@ -115,6 +85,35 @@ static int hash_sha256(
return lutil_passwd_string64(scheme, &digest, hash, NULL);
}
static int hash_ssha384(
const struct berval *scheme,
const struct berval *passwd,
struct berval *hash,
const char **text )
{
SHA384_CTX ct;
unsigned char hash384[SHA384_DIGEST_LENGTH];
char saltdata[SHA2_SALT_SIZE];
struct berval digest;
struct berval salt;
digest.bv_val = (char *) hash384;
digest.bv_len = sizeof(hash384);
salt.bv_val = saltdata;
salt.bv_len = sizeof(saltdata);
if (lutil_entropy((unsigned char *)salt.bv_val, salt.bv_len) < 0) {
return LUTIL_PASSWD_ERR;
}
SHA384_Init(&ct);
SHA384_Update(&ct, (const uint8_t*)passwd->bv_val, passwd->bv_len);
SHA384_Update(&ct, (const uint8_t*)salt.bv_val, salt.bv_len);
SHA384_Final(hash384, &ct);
return lutil_passwd_string64(scheme, &digest, hash, &salt);
}
static int hash_sha384(
const struct berval *scheme,
const struct berval *passwd,
......@@ -127,9 +126,6 @@ static int hash_sha384(
digest.bv_val = (char *) hash384;
digest.bv_len = sizeof(hash384);
#ifdef SLAPD_SHA2_DEBUG
fprintf(stderr, "hashing password\n");
#endif
SHA384_Init(&ct);
SHA384_Update(&ct, (const uint8_t*)passwd->bv_val, passwd->bv_len);
SHA384_Final(hash384, &ct);
......@@ -137,6 +133,35 @@ static int hash_sha384(
return lutil_passwd_string64(scheme, &digest, hash, NULL);
}
static int hash_ssha512(
const struct berval *scheme,
const struct berval *passwd,
struct berval *hash,
const char **text )
{
SHA512_CTX ct;
unsigned char hash512[SHA512_DIGEST_LENGTH];
char saltdata[SHA2_SALT_SIZE];
struct berval digest;
struct berval salt;
digest.bv_val = (char *) hash512;
digest.bv_len = sizeof(hash512);
salt.bv_val = saltdata;
salt.bv_len = sizeof(saltdata);
if (lutil_entropy((unsigned char *)salt.bv_val, salt.bv_len) < 0) {
return LUTIL_PASSWD_ERR;
}
SHA512_Init(&ct);
SHA512_Update(&ct, (const uint8_t*)passwd->bv_val, passwd->bv_len);
SHA512_Update(&ct, (const uint8_t*)salt.bv_val, salt.bv_len);
SHA512_Final(hash512, &ct);
return lutil_passwd_string64(scheme, &digest, hash, &salt);
}
static int hash_sha512(
const struct berval *scheme,
const struct berval *passwd,
......@@ -156,21 +181,175 @@ static int hash_sha512(
return lutil_passwd_string64(scheme, &digest, hash, NULL);
}
#ifdef SLAPD_SHA2_DEBUG
static void chk_sha_debug(
const struct berval *scheme,
const struct berval *passwd,
const struct berval *cred,
const char *cred_hash,
size_t cred_len,
int cmp_rc)
{
int rc;
struct berval cred_b64;
cred_b64.bv_len = LUTIL_BASE64_ENCODE_LEN(cred_len) + 1;
cred_b64.bv_val = ber_memalloc(cred_b64.bv_len + 1);
if( cred_b64.bv_val == NULL ) {
return;
}
rc = lutil_b64_ntop(
(unsigned char *) cred_hash, cred_len,
cred_b64.bv_val, cred_b64.bv_len );
if( rc < 0 ) {
ber_memfree(cred_b64.bv_val);
return;
}
fprintf(stderr, "Validating password\n");
fprintf(stderr, " Hash scheme:\t\t%s\n", scheme->bv_val);
fprintf(stderr, " Password to validate: %s\n", cred->bv_val);
fprintf(stderr, " Password hash:\t%s\n", cred_b64.bv_val);
fprintf(stderr, " Stored password hash:\t%s\n", passwd->bv_val);
fprintf(stderr, " Result:\t\t%s\n", cmp_rc ? "do not match" : "match");
ber_memfree(cred_b64.bv_val);
}
#endif
static int chk_ssha256(
const struct berval *scheme, /* Scheme of hashed reference password */
const struct berval *passwd, /* Hashed reference password to check against */
const struct berval *cred, /* user-supplied password to check */
const char **text )
{
SHA256_CTX SHAcontext;
unsigned char SHAdigest[SHA256_DIGEST_LENGTH];
int rc;
unsigned char *orig_pass = NULL;
/* safety check */
if (LUTIL_BASE64_DECODE_LEN(passwd->bv_len) <= sizeof(SHAdigest)) {
return LUTIL_PASSWD_ERR;
}
/* base64 un-encode password */
orig_pass = (unsigned char *) ber_memalloc( (size_t) (
LUTIL_BASE64_DECODE_LEN(passwd->bv_len) + 1) );
if( orig_pass == NULL ) return LUTIL_PASSWD_ERR;
rc = lutil_b64_pton(passwd->bv_val, orig_pass, passwd->bv_len);
if( rc <= sizeof(SHAdigest) ) {
ber_memfree(orig_pass);
return LUTIL_PASSWD_ERR;
}
/* hash credentials with salt */
SHA256_Init(&SHAcontext);
SHA256_Update(&SHAcontext,
(const unsigned char *) cred->bv_val, cred->bv_len);
SHA256_Update(&SHAcontext,
(const unsigned char *) &orig_pass[sizeof(SHAdigest)],
rc - sizeof(SHAdigest));
SHA256_Final(SHAdigest, &SHAcontext);
/* compare */
rc = memcmp((char *)orig_pass, (char *)SHAdigest, sizeof(SHAdigest));
ber_memfree(orig_pass);
return rc ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK;
}
static int chk_sha256(
const struct berval *scheme, /* Scheme of hashed reference password */
const struct berval *passwd, /* Hashed reference password to check against */
const struct berval *cred, /* user-supplied password to check */
const char **text )
{
SHA256_CTX SHAcontext;
unsigned char SHAdigest[SHA256_DIGEST_LENGTH];
int rc;
unsigned char *orig_pass = NULL;
/* safety check */
if (LUTIL_BASE64_DECODE_LEN(passwd->bv_len) < sizeof(SHAdigest)) {
return LUTIL_PASSWD_ERR;
}
/* base64 un-encode password */
orig_pass = (unsigned char *) ber_memalloc( (size_t) (
LUTIL_BASE64_DECODE_LEN(passwd->bv_len) + 1) );
if( orig_pass == NULL ) return LUTIL_PASSWD_ERR;
rc = lutil_b64_pton(passwd->bv_val, orig_pass, passwd->bv_len);
if( rc != sizeof(SHAdigest) ) {
ber_memfree(orig_pass);
return LUTIL_PASSWD_ERR;
}
/* hash credentials with salt */
SHA256_Init(&SHAcontext);
SHA256_Update(&SHAcontext,
(const unsigned char *) cred->bv_val, cred->bv_len);
SHA256_Final(SHAdigest, &SHAcontext);
/* compare */
rc = memcmp((char *)orig_pass, (char *)SHAdigest, sizeof(SHAdigest));
#ifdef SLAPD_SHA2_DEBUG
fprintf(stderr, "Validating password\n");
fprintf(stderr, " Password to validate: %s\n", cred->bv_val);
fprintf(stderr, " Hashes to: %s\n", sha256_hex_hash(cred->bv_val));
fprintf(stderr, " Stored password scheme: %s\n", scheme->bv_val);
fprintf(stderr, " Stored password value: %s\n", passwd->bv_val);
fprintf(stderr, " -> Passwords %s\n", strcmp(sha256_hex_hash(cred->bv_val), passwd->bv_val) == 0 ? "match" : "do not match");
chk_sha_debug(scheme, passwd, cred, (char *)SHAdigest, sizeof(SHAdigest), rc);
#endif
return (strcmp(sha256_hex_hash(cred->bv_val), passwd->bv_val));
ber_memfree(orig_pass);
return rc ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK;
}
static int chk_ssha384(
const struct berval *scheme, /* Scheme of hashed reference password */
const struct berval *passwd, /* Hashed reference password to check against */
const struct berval *cred, /* user-supplied password to check */
const char **text )
{
SHA384_CTX SHAcontext;
unsigned char SHAdigest[SHA384_DIGEST_LENGTH];
int rc;
unsigned char *orig_pass = NULL;
/* safety check */
if (LUTIL_BASE64_DECODE_LEN(passwd->bv_len) <= sizeof(SHAdigest)) {
return LUTIL_PASSWD_ERR;
}
/* base64 un-encode password */
orig_pass = (unsigned char *) ber_memalloc( (size_t) (
LUTIL_BASE64_DECODE_LEN(passwd->bv_len) + 1) );
if( orig_pass == NULL ) return LUTIL_PASSWD_ERR;
rc = lutil_b64_pton(passwd->bv_val, orig_pass, passwd->bv_len);
if( rc <= sizeof(SHAdigest) ) {
ber_memfree(orig_pass);
return LUTIL_PASSWD_ERR;
}
/* hash credentials with salt */
SHA384_Init(&SHAcontext);
SHA384_Update(&SHAcontext,
(const unsigned char *) cred->bv_val, cred->bv_len);
SHA384_Update(&SHAcontext,
(const unsigned char *) &orig_pass[sizeof(SHAdigest)],
rc - sizeof(SHAdigest));
SHA384_Final(SHAdigest, &SHAcontext);
/* compare */
rc = memcmp((char *)orig_pass, (char *)SHAdigest, sizeof(SHAdigest));
ber_memfree(orig_pass);
return rc ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK;
}
static int chk_sha384(
......@@ -179,15 +358,86 @@ static int chk_sha384(
const struct berval *cred, /* user-supplied password to check */
const char **text )
{
SHA384_CTX SHAcontext;
unsigned char SHAdigest[SHA384_DIGEST_LENGTH];
int rc;
unsigned char *orig_pass = NULL;
/* safety check */
if (LUTIL_BASE64_DECODE_LEN(passwd->bv_len) < sizeof(SHAdigest)) {
return LUTIL_PASSWD_ERR;
}
/* base64 un-encode password */
orig_pass = (unsigned char *) ber_memalloc( (size_t) (
LUTIL_BASE64_DECODE_LEN(passwd->bv_len) + 1) );
if( orig_pass == NULL ) return LUTIL_PASSWD_ERR;
rc = lutil_b64_pton(passwd->bv_val, orig_pass, passwd->bv_len);
if( rc != sizeof(SHAdigest) ) {
ber_memfree(orig_pass);
return LUTIL_PASSWD_ERR;
}
/* hash credentials with salt */
SHA384_Init(&SHAcontext);
SHA384_Update(&SHAcontext,
(const unsigned char *) cred->bv_val, cred->bv_len);
SHA384_Final(SHAdigest, &SHAcontext);
/* compare */
rc = memcmp((char *)orig_pass, (char *)SHAdigest, sizeof(SHAdigest));
#ifdef SLAPD_SHA2_DEBUG
fprintf(stderr, "Validating password\n");
fprintf(stderr, " Password to validate: %s\n", cred->bv_val);
fprintf(stderr, " Hashes to: %s\n", sha384_hex_hash(cred->bv_val));
fprintf(stderr, " Stored password scheme: %s\n", scheme->bv_val);
fprintf(stderr, " Stored password value: %s\n", passwd->bv_val);
fprintf(stderr, " -> Passwords %s\n", strcmp(sha384_hex_hash(cred->bv_val), passwd->bv_val) == 0 ? "match" : "do not match");
chk_sha_debug(scheme, passwd, cred, (char *)SHAdigest, sizeof(SHAdigest), rc);
#endif
return (strcmp(sha384_hex_hash(cred->bv_val), passwd->bv_val));
ber_memfree(orig_pass);
return rc ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK;
}
static int chk_ssha512(
const struct berval *scheme, /* Scheme of hashed reference password */
const struct berval *passwd, /* Hashed reference password to check against */
const struct berval *cred, /* user-supplied password to check */
const char **text )
{
SHA512_CTX SHAcontext;
unsigned char SHAdigest[SHA512_DIGEST_LENGTH];
int rc;
unsigned char *orig_pass = NULL;
/* safety check */
if (LUTIL_BASE64_DECODE_LEN(passwd->bv_len) <= sizeof(SHAdigest)) {
return LUTIL_PASSWD_ERR;
}
/* base64 un-encode password */
orig_pass = (unsigned char *) ber_memalloc( (size_t) (
LUTIL_BASE64_DECODE_LEN(passwd->bv_len) + 1) );
if( orig_pass == NULL ) return LUTIL_PASSWD_ERR;
rc = lutil_b64_pton(passwd->bv_val, orig_pass, passwd->bv_len);
if( rc <= sizeof(SHAdigest) ) {
ber_memfree(orig_pass);
return LUTIL_PASSWD_ERR;
}
/* hash credentials with salt */
SHA512_Init(&SHAcontext);
SHA512_Update(&SHAcontext,
(const unsigned char *) cred->bv_val, cred->bv_len);
SHA512_Update(&SHAcontext,
(const unsigned char *) &orig_pass[sizeof(SHAdigest)],
rc - sizeof(SHAdigest));
SHA512_Final(SHAdigest, &SHAcontext);
/* compare */
rc = memcmp((char *)orig_pass, (char *)SHAdigest, sizeof(SHAdigest));
ber_memfree(orig_pass);
return rc ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK;
}
static int chk_sha512(
......@@ -196,26 +446,63 @@ static int chk_sha512(
const struct berval *cred, /* user-supplied password to check */
const char **text )
{
SHA512_CTX SHAcontext;
unsigned char SHAdigest[SHA512_DIGEST_LENGTH];
int rc;
unsigned char *orig_pass = NULL;
/* safety check */
if (LUTIL_BASE64_DECODE_LEN(passwd->bv_len) < sizeof(SHAdigest)) {
return LUTIL_PASSWD_ERR;
}
/* base64 un-encode password */
orig_pass = (unsigned char *) ber_memalloc( (size_t) (
LUTIL_BASE64_DECODE_LEN(passwd->bv_len) + 1) );
if( orig_pass == NULL ) return LUTIL_PASSWD_ERR;
rc = lutil_b64_pton(passwd->bv_val, orig_pass, passwd->bv_len);
if( rc != sizeof(SHAdigest) ) {
ber_memfree(orig_pass);
return LUTIL_PASSWD_ERR;
}
/* hash credentials with salt */
SHA512_Init(&SHAcontext);
SHA512_Update(&SHAcontext,
(const unsigned char *) cred->bv_val, cred->bv_len);