Restore compatibility with 2.0.0's fix for wraparound bug (#81)

reaperhulk · dstufft · commit 10888813fc8a · 2016-06-30T01:15:42.000-04:00
diff --git a/src/bcrypt/__init__.py b/src/bcrypt/__init__.py
@@ -67,6 +67,14 @@ def hashpw(password, salt):
     if b"\x00" in password:
         raise ValueError("password may not contain NUL bytes")
 
+    # bcrypt originally suffered from a wraparound bug:
+    # http://www.openwall.com/lists/oss-security/2012/01/02/4
+    # This bug was corrected in the OpenBSD source by truncating inputs to 72
+    # bytes on the updated prefix $2b$, but leaving $2a$ unchanged for
+    # compatibility. However, pyca/bcrypt 2.0.0 *did* correctly truncate inputs
+    # on $2a$, so we do it here to preserve compatibility with 2.0.0
+    password = password[:72]
+
     salt = _normalize_prefix(salt)
 
     hashed = _bcrypt.ffi.new("unsigned char[]", 128)
diff --git a/tests/test_bcrypt.py b/tests/test_bcrypt.py
@@ -430,3 +430,9 @@ def test_invalid_params(password, salt, desired_key_bytes, rounds, error):
 def test_bcrypt_assert():
     with pytest.raises(SystemError):
         bcrypt._bcrypt_assert(False)
+
+
+def test_2a_wraparound_bug():
+    assert bcrypt.hashpw(
+        (b"0123456789" * 26)[:255], b"$2a$04$R1lJ2gkNaoPGdafE.H.16."
+    ) == b"$2a$04$R1lJ2gkNaoPGdafE.H.16.1MKHPvmKwryeulRe225LKProWYwt9Oi"
