mail archive of the barebox mailing list
 help / color / mirror / Atom feed
From: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
To: "Jan Lübbe" <jlu@pengutronix.de>
Cc: barebox@lists.infradead.org
Subject: Re: [PATCH 07/10] password: add pbkdf2 support
Date: Mon, 16 Mar 2015 14:55:57 +0100	[thread overview]
Message-ID: <20150316135557.GM26127@ns203013.ovh.net> (raw)
In-Reply-To: <1426511679.3330.103.camel@pengutronix.de>

On 14:14 Mon 16 Mar     , Jan Lübbe wrote:
> On Mo, 2015-03-16 at 13:10 +0100, Jean-Christophe PLAGNIOL-VILLARD wrote:
> > On 12:58 Mon 16 Mar     , Jan Lübbe wrote:
> > > > > > Personnaly I'll prefer
> > > > > > 
> > > > > > a random 64 bytes | sha256 | take first 32bytes. | pbkdf2 10000 round
> > > > > 
> > > > > Running SHA-256 on random data is useless for security.
> > > > SHA256 is to improve the entrpopy not security
> > > 
> > > Running a deterministic algorithm cannot increase entropy (only reduce
> > > it).
> > 
> > check the kennel algo for PRGN
> 
> PRNG? That is a different use case. The kernel takes sources of entropy
> and uses those to seed an CSPRNG:
> http://www.2uo.de/myths-about-urandom/

I known how work urandom and random but the kernel do use SHA-1 for generating
the Random numbers. I do not want to go to deep in the algo we can look at the
code.
> 
> > and youp will see why I want to use a sha
> 
> Having high entropy and appearing random are different properties. As
> SHA-256 is deterministic it *cannot* increase entropy:
> http://en.wikipedia.org/wiki/Entropy_(information_theory)
I known about it
> 
> > > > > Just get
> > > > > <hash-size> bytes from /dev/urandom on the host. We could generate a
> > > > > file with the compile-time SALT which is then included.
> > > > > 
> > > > > On the running barebox, we could use SHA to hash the old password file
> > > > > together with the current timer value. At least until we have something
> > > > > better.
> > > > > 
> > > > > > result a 64 bytes password file <salt 32 byes><key 32 bytes>
> > > > > 
> > > > > Yes. As we select the algorithm at compile time, we don't the to save it
> > > > > in the file.
> > > > 
> > > > this is for barebox as we may not have any passwd file
> > > 
> > > The same applies also to the default_passwd compiled in variable.
> > > 
> > > Currently we have:
> > > PASSWD_FILE := $(shell cd $(srctree); find $(CONFIG_PASSWORD_DEFAULT) -type f)
> > > cmd_pwd_h = echo -n "static const char default_passwd[] = \"" > $@; \
> > >         cat $< | tr -d '\n' >> $@; \
> > >         echo "\";" >> $@
> > > 
> > > include/generated/passwd.h: $(PASSWD_FILE)
> > >         $(call if_changed,pwd_h)
> > > 
> > > This would need to run the hash/pbkdf2 and store salt+key.
> > 
> > no as the current current code expect you to give the correct file format for
> > the currently use password
> > 
> > so today the output of openssl
> 
> Ah, sorry I misread the code here. I though that the plaintext password
> was in the config. CONFIG_PASSWORD_DEFAULT must be the name of a file in
> the srctree with the format matching the selected hash algo?
> 
> > but yes we may need to do more here
> 
> It seems there is no standard tool to create password hashes which
> supports all the algorithms we want to have.
> 
> So the current way is to use barebox itself to create the default
> password file? Should be have a host tool for that or is barebox sandbox
> enough?

yes sandbox is enough we can create such tool but today it's just the sha of
the password store in base64 so you can easly create it in shell

if we start to play we random salt yes we do need a tool

Best Regards,
J.

_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

  reply	other threads:[~2015-03-16 13:56 UTC|newest]

Thread overview: 23+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-03-16 10:13 [PATCH 00/10 v3] prepare for rsa support Jean-Christophe PLAGNIOL-VILLARD
2015-03-16 10:15 ` [PATCH 01/10] digest: add verify callback Jean-Christophe PLAGNIOL-VILLARD
2015-03-16 10:15   ` [PATCH 02/10] command: rename digest.c to hashsum.c Jean-Christophe PLAGNIOL-VILLARD
2015-03-16 10:15   ` [PATCH 03/10] command: allow runtime usage Jean-Christophe PLAGNIOL-VILLARD
2015-03-16 10:15   ` [PATCH 04/10] command: add generic digest command Jean-Christophe PLAGNIOL-VILLARD
2015-03-16 11:49     ` Jan Lübbe
2015-03-16 14:51       ` Jean-Christophe PLAGNIOL-VILLARD
2015-03-16 10:15   ` [PATCH 05/10] digest: add digest callback Jean-Christophe PLAGNIOL-VILLARD
2015-03-16 10:15   ` [PATCH 06/10] crypto: add pbkdf2 hmac key generator Jean-Christophe PLAGNIOL-VILLARD
2015-03-16 10:15   ` [PATCH 07/10] password: add pbkdf2 support Jean-Christophe PLAGNIOL-VILLARD
2015-03-16 10:49     ` Jan Lübbe
2015-03-16 11:01       ` Jean-Christophe PLAGNIOL-VILLARD
2015-03-16 11:05         ` Jan Lübbe
2015-03-16 11:25           ` Jean-Christophe PLAGNIOL-VILLARD
2015-03-16 11:41             ` Jan Lübbe
2015-03-16 11:52               ` Jean-Christophe PLAGNIOL-VILLARD
2015-03-16 11:58                 ` Jan Lübbe
2015-03-16 12:10                   ` Jean-Christophe PLAGNIOL-VILLARD
2015-03-16 13:14                     ` Jan Lübbe
2015-03-16 13:55                       ` Jean-Christophe PLAGNIOL-VILLARD [this message]
2015-03-16 10:15   ` [PATCH 08/10] digest: allow algo to specify their length at runtime Jean-Christophe PLAGNIOL-VILLARD
2015-03-16 10:15   ` [PATCH 09/10] crypto: hmac: use digest_digest and check the return of every digest_xxx Jean-Christophe PLAGNIOL-VILLARD
2015-03-16 10:15   ` [PATCH 10/10] digest: digest_file_window: check every digest_xxx return Jean-Christophe PLAGNIOL-VILLARD

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20150316135557.GM26127@ns203013.ovh.net \
    --to=plagnioj@jcrosoft.com \
    --cc=barebox@lists.infradead.org \
    --cc=jlu@pengutronix.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox