Issue 18405: crypt.mksalt() result has unnecessarily low entropy

➜

This issue tracker has been migrated to GitHub , and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

This issue has been migrated to GitHub: https://github.com/python/cpython/issues/62605

classification

Title:	crypt.mksalt() result has unnecessarily low entropy
Type:	security	Stage:	patch review
Components:	Library (Lib)	Versions:	Python 3.3, Python 3.4

process

Dependencies:	Superseder:
Status:	closed	Resolution:	fixed
Assigned To:	christian.heimes	Nosy List:	christian.heimes, gregory.p.smith, python-dev, vstinner
Priority:	critical	Keywords:	patch

Created on 2013年07月08日 17:57 by christian.heimes, last changed 2022年04月11日 14:57 by admin. This issue is now closed.

Files
File name	Uploaded	Description	Edit
crypt_salt_choice.patch	vstinner, 2013年07月22日 19:11	review

Messages (4)
msg192683 - (view)	Author: Christian Heimes (christian.heimes) * (Python committer)	Date: 2013年07月08日 17:57
crypt.mksalt() creates a salt with a lower entropy than possible. It uses random.SystemRandom().sample() to generate a salt string from the set of 64 chars (string.ascii_letters + string.digits + './'). SystemRandom() uses a CPRNG (good) but sample() returns n UNIQUE members of the set (very bad). sample() reduces the set possible chars by one for each salt char. Suggested fix: salt = base64.b64encode(os.urandom(salt_chars * 3 // 4), b"./").decode("ascii")
msg193561 - (view)	Author: STINNER Victor (vstinner) * (Python committer)	Date: 2013年07月22日 19:11
I prefer to avoid conversion to/from base64, and use random.choice() instead: see attached patch.
msg195105 - (view)	Author: Roundup Robot (python-dev) (Python triager)	Date: 2013年08月13日 23:40
New changeset e8a314fe248b by Victor Stinner in branch '3.3': Issue #18405: Improve the entropy of crypt.mksalt(). http://hg.python.org/cpython/rev/e8a314fe248b New changeset 122e074c56f7 by Victor Stinner in branch 'default': (Merge 3.3) Issue #18405: Improve the entropy of crypt.mksalt(). http://hg.python.org/cpython/rev/122e074c56f7
msg195106 - (view)	Author: STINNER Victor (vstinner) * (Python committer)	Date: 2013年08月13日 23:45
With my change, any character can appear more than once. Example: >>> crypt.mksalt() '6ドル$idm7/asaywTgRf9V' >>> sorted(_[3:]) ['/', '7', '9', 'R', 'T', 'V', 'a', 'a', 'd', 'f', 'g', 'i', 'm', 's', 'w', 'y'] In this case, the 'a' letter occurs twice.

History
Date	User	Action	Args
2022年04月11日 14:57:47	admin	set	github: 62605
2013年08月13日 23:45:11	vstinner	set	messages: + msg195106
2013年08月13日 23:41:10	vstinner	set	status: open -> closed resolution: fixed versions: - Python 2.7, Python 3.2
2013年08月13日 23:40:57	python-dev	set	nosy: + python-dev messages: + msg195105
2013年07月22日 19:11:43	vstinner	set	files: + crypt_salt_choice.patch nosy: + vstinner messages: + msg193561 keywords: + patch
2013年07月08日 17:57:20	christian.heimes	create

homepage