ConfD User Community

Which salt method is used for iana-crypt-hash

Hi

As per documentation, Confd support annotation ianach:crypt-hash and the method of hash is configurable via confid.conf in path /confdConfig/cryptHash.
However, I can’t find any configuration of the salt method. Actually I would like to know if the salt method follow the description defined in https://ciso-ksp.kpnnet.org/document/detail?id=KSP-RE-485&filters=&offset=0&query=KSP-RE-485

the length of the randomly-generated portion of the salt must be at least 128 bits. The salt must be generated using a known good random bit generator

Thanks for information

Hi,

As you mention, ConfD uses the ianach:crypt-hash type which is an IETF standard - from the iana-crypt-hash YANG module, as defined in RFC 7317:

--------------------
description
"The crypt-hash type is used to store passwords using
a hash function. The algorithms for applying the hash
function and encoding the result are implemented in
various UNIX systems as the function crypt(3).
...
reference
"IEEE Std 1003.1-2008 - crypt() function
--------------------

The specification of the algorithm used for the SHA-256 and SHA-512 cases can be found in https://www.akkadia.org/drepper/SHA-crypt.txt
ConfD uses an independent implementation of that specification.

<salt> cannot be configured, it is generated for each hash string randomly based on https://www.openssl.org/docs/man1.1.1/man3/RAND_bytes.html. As the link you provided points out, using the same salt for all passwords is dangerous because a precomputed table that simply accounts for the salt will render the salt useless. Salt re-use can also cause users with the same password to have the same hash, so that more than one user may be compromised by cracking a single hash.

You can for example use the Linux mkpasswd frontend to the password encryption function crypt(3) to check the password ConfD generated as the salt for example for SHA-512 is the 16 characters (128-bit) between initial “$6$” and “$”.

So if you added <cryptHash><algorithm>sha-512</algorithm></cryptHash> to your confd.conf file, started ConfD, and have added, for example, a user “admin” with password “admin” added to ConfD’s internal authentication:

$ confd_load -Fc -p /aaa/authentication/users/user{admin}/password
aaa authentication users user admin
password $6$OoEJwExxp6U/FRFq$4RkL2lSSGLoKdfGjX4lQLFXo89gc0wtJsKiBxg/BBz6aNwu7C.D3kRUwD7lvJm6rhaCdhSzVh/XfkkAUY2dTu0
!

The randomly generated salt is “OoEJwExxp6U/FRFq” and we can use the mkpasswd frontend to verify the “admin” password:

$ mkpasswd -m sha-512 -S OoEJwExxp6U/FRFq admin
$6$OoEJwExxp6U/FRFq$4RkL2lSSGLoKdfGjX4lQLFXo89gc0wtJsKiBxg/BBz6aNwu7C.D3kRUwD7lvJm6rhaCdhSzVh/XfkkAUY2dTu0
1 Like

Thanks, it is quite clear