!boards/nsh: Replace TEA password storage with PBKDF2-HMAC-SHA256 hashing #19209
!boards/nsh: Replace TEA password storage with PBKDF2-HMAC-SHA256 hashing #19209Abhishekmishra2808 wants to merge 3 commits into
Conversation
|
@acassis, Checks are failing because the password is currently empty, and CI expects some passwd value. |
f4a6ce2 to
aeec705
Compare
aeec705 to
084e043
Compare
|
@acassis, @xiaoxiang781216 PTAL ! |
|
@Abhishekmishra2808 why did you disable the Crypto for Dropbear? I think @FelipeMdeO is already fixing this issue. @FelipeMdeO is it ok for you to let disable it? |
|
They caused base64 symbol collisions with libtomcrypt at link time, so I reverted only the CODECS/CRYPTO lines I'd added for Kconfig deps. Dropbear still uses I think I should coordinate with @FelipeMdeO for this. |
Hello @Abhishekmishra2808 , I cannot access my environment now, but more late I will take a look and ping you. |
|
Hello @acassis , @Abhishekmishra2808 , sorry, combining your 2 PR will "crash" dropbear. After build, you will see: So the dropbear was silently disabled. |
|
Hello @Abhishekmishra2808 . Please revert commit a4c807a (your last commit), the base64/ecc collision it worked around is already handled by the symbol renaming in netutils/dropbear/Makefile, so the strip is redundant. When restoring the lines, also add CONFIG_CRYPTO_CRYPTODEV_SOFTWARE_CRYPTO=y (+ CONFIG_CRYPTO_SW_AES=y), or /dev/crypto won't have the swcr_pbkdf2 backend and PBKDF2 login fails at runtime. Look for git diff from your last commit: PS: You changed the password policy, right? I don't have relevant background on this point, could you give your opinion, @acassis , @xiaoxiang781216 , @ThePassionate ? I took some time to get issue when I tested dropbear after your change, the current output for password out of policy is: |
Enable CONFIG_CRYPTO_CRYPTODEV_SOFTWARE_CRYPTO and CONFIG_CRYPTO_SW_AES on dropbear defconfigs so /dev/crypto provides the swcr_pbkdf2 backend required for PBKDF2 login at runtime. Signed-off-by: Abhishek Mishra <mishra.abhishek2808@gmail.com>
5856e38
a4c807a to
5856e38
Compare
|
@FelipeMdeO I restored the dropbear crypto defconfig options (reverting a4c807adcb), added CRYPTO_CRYPTODEV_SOFTWARE_CRYPTO and CRYPTO_SW_AES, and verified sim:dropbear builds with dropbear enabled and PBKDF2 login works. Password policy failures now show a clearer message in nuttx-apps. PTAL when you have a chance. Thanks for giving a detailed review and a fix too :) |
|
@FelipeMdeO, while testing sim:dropbear with nuttx PR #19209 and nuttx-apps PR #3557 (after the defconfig/crypto fixes), I ran into a separate issue that looks unrelated to the PBKDF2/passwd changes. Reporting it here in case it helps. SSH login succeeds and the client shows nsh>, but keyboard input does not work (commands are not accepted). Logs (sim) What seems to be happening NSH is started with PTAL !! When you have a chance. :-) |
|
@acassis, @FelipeMdeO . Both PRs fail CI in isolation: nuttx #19209 uses apps master (no dropbear symbol rename → sim/dropbear link errors), and #3557 uses nuttx master (no PBKDF2/mkpasswd yet). They work together locally. Can we split the dropbear Makefile renames into a small apps PR to merge first? |
Looking it right now, please give me some minutes. |
|
Hello @Abhishekmishra2808 , dropbear is ok now. Don't worry about ECHILD issue, I will open a PR to solve this issue. |
|
Hello @Abhishekmishra2808 , to solve pipeline issue, please open and merge your commit 8630ed7d9 first. |
Summary
Replace reversible TEA password storage in
/etc/passwdwith one-way PBKDF2-HMAC-SHA256 hashing in modular crypt format (MCF):$pbkdf2-sha256$<iterations>$<base64url-salt>$<base64url-hash>BREAKING CHANGE: TEA-encoded /etc/passwd entries no longer verify.
Regenerate with tools/mkpasswd or NSH passwd/useradd after upgrading nuttx-apps.
Changes:
apps/crypto/pbkdf2(PBKDF2-HMAC-SHA256; Mbed TLS backend when available, self-contained SHA-256 fallback otherwise)passwd_encrypt.c/passwd_verify.cto use PBKDF2 andtimingsafe_bcmp()for verificationpasswd_base64.cfor base64url encode/decodetesting/pbkdf2(RFC 6070 vectors + passwd round-trip test)Companion nuttx PR (host
mkpasswdtool and ROMFS build integration): apache/nuttx-apps#3557Impact
Security
/etc/passwd.Compatibility (breaking)
/etc/passwdentries will not verify. Users must regenerate passwords with NSHpasswd/useraddor build-timemkpasswdafter upgrading.Build
CRYPTO_PBKDF2automatically whenFSUTILS_PASSWDis enabled.Runtime
CONFIG_FSUTILS_PASSWD_PBKDF2_ITERATIONS).Testing
Host: WSL2 Linux, x86_64
Sim (
sim:nshor login-enabled config)FSUTILS_PASSWDandTESTING_PBKDF2ESP32-C3 (
esp32c3-devkit:login, local test config, not in this PR)/etc/passwdwith PBKDF2 hash/dev/ttyACM0) succeeds with configured password; wrong password rejectedManual verification
useradd/passwdreject weak passwords (no special char, too short)$pbkdf2-sha256$...hash in/etc/passwd