Follow up to adding password pepper #910

KentShikama · 2016-07-06T08:47:23Z

Ran using config with bcrypt rounds 10 and pepper "hello" with password "random"

(env)kents-air:synapse kent$ python scripts/hash_password -c demo/etc/8080.config
Password: 
Confirm password: 
$2a$10$f3O5aysDic74GSqKjljtsO1dTzVaLmsAXwVW1DjG7N6EHFtT.qzxa

Tested with

import bcrypt

stored_hash = "$2a$10$f3O5aysDic74GSqKjljtsO1dTzVaLmsAXwVW1DjG7N6EHFtT.qzxa"
print(bcrypt.hashpw("randomhello".encode('utf-8'), stored_hash.encode('utf-8')) == stored_hash.encode('utf-8')) # prints True

Ran without passing in config with password "random"

(env)kents-air:synapse kent$ python scripts/hash_password 
Password: 
Confirm password: 
$2a$12$6WzQnYQoglWXtewHCGhEqOxYry7vRgPkUeO7NrHMc9iW.lj39xwGi

Tested with

import bcrypt

stored_hash = "$2a$12$6WzQnYQoglWXtewHCGhEqOxYry7vRgPkUeO7NrHMc9iW.lj39xwGi"
print(bcrypt.hashpw("random".encode('utf-8'), stored_hash.encode('utf-8')) == stored_hash.encode('utf-8')) # prints True

Ran with non-existing config

(env)kents-air:synapse kent$ python scripts/hash_password -c diaspora.config
usage: hash_password [-h] [-p PASSWORD] [-c CONFIG]
hash_password: error: argument -c/--config: can't open 'diaspora.config': [Errno 2] No such file or directory: 'diaspora.config'

Ran with config that didn't contain pepper again with password "random" with bcrypt rounds 10

(env)kents-air:synapse kent$ python scripts/hash_password -c demo/etc/8080.config
Password: 
Confirm password: 
$2a$10$UZFvoKbz2n7LGHag6dC.Su81fGP9SphUTZO4ptde6a8TavBgVhipC

Tested with

import bcrypt

stored_hash = "$2a$10$UZFvoKbz2n7LGHag6dC.Su81fGP9SphUTZO4ptde6a8TavBgVhipC"
print(bcrypt.hashpw("random".encode('utf-8'), stored_hash.encode('utf-8')) == stored_hash.encode('utf-8')) # prints True

Signed-off-by: Kent Shikama <[email protected]>

matrixbot · 2016-07-06T08:47:24Z