Skip to content

#62732 Fix password validation in PasswordHasher`1: add bound check for salt size before array allocation #62734

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
Jul 18, 2025
Merged

#62732 Fix password validation in PasswordHasher`1: add bound check for salt size before array allocation #62734

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
a6489b1
#62732 Fix password validation in PasswordHasher`1: add check for upp…
navferty Jul 15, 2025
04f08b3
Add test cases for password hash verification
navferty Jul 17, 2025
edc2fe3
Change salt extraction from hashed data using AsSpan, add test case f…
navferty Jul 17, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Change salt extraction from hashed data using AsSpan, add test case f… 
…or int.MaxValue
  • Loading branch information
@navferty
navferty committed Jul 17, 2025
commit edc2fe30d3a401335f6cfd22e46f4db920a2cd0a
5 changes: 2 additions & 3 deletions src/Identity/Extensions.Core/src/PasswordHasher.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -260,12 +260,11 @@ private static bool VerifyHashedPasswordV3(byte[] hashedPassword, string passwor
int saltLength = (int)ReadNetworkByteOrder(hashedPassword, 9);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As stated in the issue, this isn't a real problem. However, I do appreciate being cautious as we've been bit by overallocating arrays before.

Having an arbitrary upper limit though isn't super clean. If someone wants to use a massive salt then we shouldn't disallow them unless it's part of the spec.

If we incorporated something like the below, that would be much better as the bounds checking would be more implicit and actually based on the data present.

byte[] salt = hashedPassword.Slice(13, saltLength).ToArray();
byte[] expectedSubkey = hashedPassword.Slice(13 + saltLength).ToArray();

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unfortunately, the ArraySegment and Slice are not fully supported for target frameworks other than .net10, so I just added the hashedPassword.Length - 13 as an upper-bound check for the salt size, which would have same logic as suggested Slice approach.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Use hashedPassword.AsSpan(13, saltLength).ToArray() instead.


// Read the salt: must be >= 128 bits
if (saltLength < 128 / 8 || saltLength + 13 > hashedPassword.Length)
if (saltLength < 128 / 8)
{
return false;
}
byte[] salt = new byte[saltLength];
Buffer.BlockCopy(hashedPassword, 13, salt, 0, salt.Length);
byte[] salt = hashedPassword.AsSpan(13, saltLength).ToArray();

// Read the subkey (the rest of the payload): must be >= 128 bits
int subkeyLength = hashedPassword.Length - 13 - salt.Length;
Expand Down
1 change: 1 addition & 0 deletions src/Identity/test/Identity.Test/PasswordHasherTest.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -113,6 +113,7 @@ public void HashPassword_Version3()
[InlineData("AQAAAAIAAAAyAAAAEOMwvh3+FZxqkdMBz2ekgGhwQ4A=")] // too short
[InlineData("AQAAAAIAAAAyAAAAEOMwvh3+FZxqkdMBz2ekgGhwQ4B6pZWND6zgESBuWiHwAAAAAAAAAAAA")] // extra data at end
[InlineData("AQAAAAIAAYagAP///wABAgMEBQYHCAkKCwwNDg/Q8A0WMKbtHQJQ2DHCdoEeeFBrgNlldq6vH4qX/CGqGQ==")] // salt length greater than data length
[InlineData("AQAAAAEAACcQf////4r8+J3NDEnMWKlHbhJQ6N5oooZ7hUi3cr/qAjd7Lc1Sv6GhorP7Ly0AzCv9PAmKww==")] // salt length is Int32.MaxValue
[InlineData("AQAAAAIAAYagAAAACAABAgMEBQYH4qLSh7iNSI12qySxAkyR0XgpXpvNiwqhBJFNLbJKKFw=")] // salt length (8 bytes) less than minimum allowed
public void VerifyHashedPassword_FailureCases(string hashedPassword)
{
Expand Down
Loading
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy