Issue 18405: crypt.mksalt() result has unnecessarily low entropy - Python tracker

classification

Title:	crypt.mksalt() result has unnecessarily low entropy
Type:	security	Stage:	patch review
Components:	Library (Lib)	Versions:	Python 3.4, Python 3.3

process

Status:	closed	Resolution:	fixed
Dependencies:		Superseder:
Assigned To:	christian.heimes	Nosy List:	christian.heimes, gregory.p.smith, haypo, python-dev
Priority:	critical	Keywords:	patch

Created on 2013-07-08 17:57 by christian.heimes, last changed 2013-08-13 23:45 by haypo. This issue is now closed.

Files
File name	Uploaded	Description	Edit
crypt_salt_choice.patch	haypo, 2013-07-22 19:11		review

Messages (4)
msg192683 - (view)	Author: Christian Heimes (christian.heimes) *	Date: 2013-07-08 17:57
crypt.mksalt() creates a salt with a lower entropy than possible. It uses random.SystemRandom().sample() to generate a salt string from the set of 64 chars (string.ascii_letters + string.digits + './'). SystemRandom() uses a CPRNG (good) but sample() returns n UNIQUE members of the set (very bad). sample() reduces the set possible chars by one for each salt char. Suggested fix: salt = base64.b64encode(os.urandom(salt_chars * 3 // 4), b"./").decode("ascii")
msg193561 - (view)	Author: STINNER Victor (haypo) *	Date: 2013-07-22 19:11
I prefer to avoid conversion to/from base64, and use random.choice() instead: see attached patch.
msg195105 - (view)	Author: Roundup Robot (python-dev)	Date: 2013-08-13 23:40
New changeset e8a314fe248b by Victor Stinner in branch '3.3': Issue #18405: Improve the entropy of crypt.mksalt(). http://hg.python.org/cpython/rev/e8a314fe248b New changeset 122e074c56f7 by Victor Stinner in branch 'default': (Merge 3.3) Issue #18405: Improve the entropy of crypt.mksalt(). http://hg.python.org/cpython/rev/122e074c56f7
msg195106 - (view)	Author: STINNER Victor (haypo) *	Date: 2013-08-13 23:45
With my change, any character can appear more than once. Example: >>> crypt.mksalt() '$6$idm7/asaywTgRf9V' >>> sorted(_[3:]) ['/', '7', '9', 'R', 'T', 'V', 'a', 'a', 'd', 'f', 'g', 'i', 'm', 's', 'w', 'y'] In this case, the 'a' letter occurs twice.

History
Date	User	Action	Args
2013-08-13 23:45:11	haypo	set	messages: + msg195106
2013-08-13 23:41:10	haypo	set	status: open -> closed resolution: fixed versions: - Python 2.7, Python 3.2
2013-08-13 23:40:57	python-dev	set	nosy: + python-dev messages: + msg195105
2013-07-22 19:11:43	haypo	set	files: + crypt_salt_choice.patch nosy: + haypo messages: + msg193561 keywords: + patch
2013-07-08 17:57:20	christian.heimes	create