> On 4 Dec 2019, at 18:27, Francesc Guasch <frankie@xxxxxxxxxxxxxxx> wrote: > > El 2/12/19 a les 22:42, William Brown ha escrit: >> >> >>> On 2 Dec 2019, at 18:46, Francesc Guasch <frankie@xxxxxxxxxxxxxxx> wrote: >>> >>> Then matching with that: >>> >>> Authen::Passphrase->from_rfc2307($password_ldap)->match($password); >> >> Hmmm you may want to consider using and ldap bind rather than a client side match of the hash content. It's a much more secure and long term supportable way of managing this, and resolves a number of security risks around userPassword attribute disclosure. >> >> https://metacpan.org/pod/Net::LDAP::Examples#BINDING >> > > Absolutely. Thank you for pointing me to the doc. > > We do use binding by default, but we have some use cases > where there is a legacy setup that only works with match. > > I have managed to use pbkdf2 and store the passwords properly > with SHA-256. But I still have something missing. > > Usually the users entries are already there in the LDAP directory > but we provide a small function to add users. My problem is > we have to create a random salt and I don't know how to store it. > > Right now there is a static salt string using PBKDF2::Tiny > > my $pass="{PBKDF2_SHA256}" > .derive_hex( 'SHA-256',$password, 'salt' ); > ^^^^ > > Then I use this to add an entry in the attribute userPassword. > But I don't know how to properly create this string with a > random salt. Because this is salted, you need to provide the same salt to do the match here. Your MD5 was unsalted is why the match works, so you'll need to do much more work now to do the same "match". In other words you need to do (in psuedo code) var hashblob = ldap_search('uid=...', 'userPassword') // hash now contains the PBKDF2_SHA256 value var (salt, rounds, hash) = hashblob.split .... // You'll need to look at https://pagure.io/389-ds-base/blob/master/f/ldap/servers/plugins/pwdstorage/pbkdf2_pwd.c#_28, this "hash" is a base64 encoded blob of data that will require some parsing on your part to setup properly. var user_hash = pbkdf2.hash(sha256, salt, rounds, plaintext) assert(user_hash == hash) It should go without saying, but it's a security risk to have userPassword as a field readable and to do matches like this, so I strongly encourage you to consider updating or modifying the application in question to do binds instead :) Does that help? > > What is the string format to store with PBKDF2 ? > _______________________________________________ > 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx > To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx > Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx — Sincerely, William Brown Senior Software Engineer, 389 Directory Server SUSE Labs _______________________________________________ 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx
