Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Consider using argon2-cffi directly and dropping passlib #6631

Closed
legoktm opened this issue Oct 14, 2022 · 2 comments · Fixed by #6657
Closed

Consider using argon2-cffi directly and dropping passlib #6631

legoktm opened this issue Oct 14, 2022 · 2 comments · Fixed by #6657
Assignees
@legoktm
Milestone
SecureDrop 2.6.0

Comments

@legoktm
Copy link
Member

legoktm commented Oct 14, 2022

passlib was introduced in #2918, on the basis that it would give us "future proof and easily migrateable password management should we change password hashing algorithms/parameters."

Unfortunately passlib looks unmaintained (no commits in 2 years and the upstream issue tracker has literal spam tickets sitting for weeks). We're also not using any of the migration functionality, we're just invoking argon2 hashing directly:

        self.passphrase_hash = argon2.using(**ARGON2_PARAMS).hash(passphrase)

I don't think the migration functionality is worth the ~20k lines of Python passlib brings in (counted by tokei, minus tests). If we need migration, we'd probably implement it with something like:

if hash.startswith('$argon2'):
    verify_argon2(hash, passphrase)
    self.passprase_hash = hash_passphrase(passphrase)
    self.save()
else:
    verify_modern(hash, passphrase)

So my preference would be to drop passlib and use argon2-cffi directly.
@legoktm legoktm added the needs/discussion queued up for discussion at future team meeting. Use judiciously. label Oct 14, 2022
@legoktm legoktm mentioned this issue Oct 19, 2022
Closed
@legoktm legoktm removed the needs/discussion queued up for discussion at future team meeting. Use judiciously. label Oct 19, 2022
@legoktm legoktm self-assigned this Oct 19, 2022
@legoktm legoktm added this to the 2.6.0 milestone Oct 19, 2022
@legoktm
Copy link
Member Author

legoktm commented Oct 19, 2022

Discussed at yesterday's team meeting and got a 👍🏾 to move forward on this and #6655.

@legoktm
Copy link
Member Author

legoktm commented Oct 19, 2022

argon2-cffi handles migrations pretty well. First it reads the algorithm out of the generated hash, so we don't need any special handling for argon2i vs argon2id. Then it has a check_needs_rehash(hash) function which checks for type and any other parameters (like iterations, etc.) being out of sync and recommending a rehash if so. So going forward, if we want, we can increase the strength of the hashes pretty transparently.

legoktm added a commit that referenced this issue Oct 19, 2022
@legoktm
Use argon2-cffi directly instead of through passlib
77b3e11 
Unfortunately passlib appears unmaintained with no commits in the past 2
years and literal spam tickets in their issue tracker. It brings in ~20k
lines of code (per tokei), but we only need the argon2 functionality
that is in argon2-cffi already.

Using argon2-cffi directly is roughly the same, with just a few renames
(e.g. rounds → time_cost) and different method signatures (verify()
throws an exception instead of returning false).

We explicitly specify a type=argon2i, in the next commit we'll switch
over to argon2id.

Fixes #6631.
@legoktm legoktm mentioned this issue Oct 19, 2022
Merged
7 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@legoktm legoktm

Labels
None yet
Projects
None yet
Milestone
SecureDrop 2.6.0
Development

Successfully merging a pull request may close this issue.

Drop passlib, switch to argon2id hashes freedomofpress/securedrop
1 participant
@legoktm