74 lines
1.5 KiB
Plaintext
74 lines
1.5 KiB
Plaintext
== How to fix it in Bcrypt
|
|
|
|
=== Code examples
|
|
|
|
==== Noncompliant code example
|
|
|
|
For password hashing:
|
|
[source,python,diff-id=201,diff-type=noncompliant]
|
|
----
|
|
import bcrypt
|
|
|
|
def hash_password(password):
|
|
return bcrypt.hashpw(password, bcrypt.gensalt(2)) # Noncompliant
|
|
----
|
|
|
|
For key derivation:
|
|
[source,python,diff-id=291,diff-type=noncompliant]
|
|
----
|
|
import bcrypt
|
|
|
|
def kdf(password, salt):
|
|
return bcrypt.kdf(
|
|
password=password,
|
|
salt=salt,
|
|
desired_key_bytes=32,
|
|
rounds=12, # Noncompliant
|
|
ignore_few_rounds=True)
|
|
----
|
|
|
|
==== Compliant solution
|
|
|
|
For password hashing:
|
|
|
|
[source,python,diff-id=201,diff-type=compliant]
|
|
----
|
|
import bcrypt
|
|
|
|
def hash_password(password):
|
|
return bcrypt.hashpw(password, bcrypt.gensalt())
|
|
----
|
|
|
|
For key derivation:
|
|
[source,python,diff-id=291,diff-type=compliant]
|
|
----
|
|
import bcrypt
|
|
|
|
def kdf(password, salt):
|
|
return bcrypt.kdf(
|
|
password=password,
|
|
salt=salt,
|
|
desired_key_bytes=32,
|
|
rounds=4096)
|
|
----
|
|
|
|
=== How does this work?
|
|
|
|
include::../../common/fix/password-hashing.adoc[]
|
|
|
|
include::../../common/fix/bcrypt-parameters.adoc[]
|
|
|
|
In the python bcrypt library, the default number of rounds is 12, which is
|
|
a good default value. +
|
|
For the `bcrypt.kdf` function, at least 50 rounds should be set, and the
|
|
`ignore_few_rounds` parameter should be avoided, as it allows fewer rounds.
|
|
|
|
=== Pitfalls
|
|
|
|
include::../../common/pitfalls/pre-hashing.adoc[]
|
|
|
|
=== Going the extra mile
|
|
|
|
include::../../common/extra-mile/peppering.adoc[]
|
|
|