(couchdb) 01/01: add metrics for fast vs slow password hashing

Wed, 07 Feb 2024 08:05:46 -0800 

This is an automated email from the ASF dual-hosted git repository.

rnewson pushed a commit to branch couch_passwords_metrics
in repository https://gitbox.apache.org/repos/asf/couchdb.git

commit 517f3abcdfafd8d15e26abd0a615574c2b72f80d
Author: Robert Newson <rnew...@apache.org>
AuthorDate: Wed Feb 7 15:31:46 2024 +0000

    add metrics for fast vs slow password hashing
---
 src/couch/priv/stats_descriptions.cfg   | 8 ++++++++
 src/couch/src/couch_passwords.erl       | 1 +
 src/couch/src/couch_passwords_cache.erl | 1 +
 3 files changed, 10 insertions(+)

diff --git a/src/couch/priv/stats_descriptions.cfg 
b/src/couch/priv/stats_descriptions.cfg
index af66ba06e..10c72ac94 100644
--- a/src/couch/priv/stats_descriptions.cfg
+++ b/src/couch/priv/stats_descriptions.cfg
@@ -278,6 +278,14 @@
     {type, counter},
     {desc, <<"number of file descriptors CouchDB has open">>}
 ]}.
+{[couchdb, password_hashing, slow], [
+    {type, counter},
+    {desc, <<"number of slow password hashing operations">>}
+]}.
+{[couchdb, password_hashing, fast], [
+    {type, counter},
+    {desc, <<"number of fast password hashing operations">>}
+]}.
 {[couchdb, request_time], [
     {type, histogram},
     {desc, <<"length of a request inside CouchDB without MochiWeb">>}
diff --git a/src/couch/src/couch_passwords.erl 
b/src/couch/src/couch_passwords.erl
index fbfcc2c1d..19dd79e1f 100644
--- a/src/couch/src/couch_passwords.erl
+++ b/src/couch/src/couch_passwords.erl
@@ -107,6 +107,7 @@ pbkdf2(PRF, Password, Salt, Iterations, KeyLen) when
     Iterations > 0,
     KeyLen > 0
 ->
+    couch_stats:increment_counter([couchdb, password_hashing, slow]),
     DerivedKey = fast_pbkdf2:pbkdf2(PRF, Password, Salt, Iterations, KeyLen),
     couch_util:to_hex_bin(DerivedKey);
 pbkdf2(PRF, Password, Salt, Iterations, KeyLen) when
diff --git a/src/couch/src/couch_passwords_cache.erl 
b/src/couch/src/couch_passwords_cache.erl
index f1d4cc604..39b8dbd58 100644
--- a/src/couch/src/couch_passwords_cache.erl
+++ b/src/couch/src/couch_passwords_cache.erl
@@ -71,4 +71,5 @@ insert(AuthModule, UserName, Password, Salt) when
     end.
 
 hash(Password, Salt) ->
+    couch_stats:increment_counter([couchdb, password_hashing, fast]),
     fast_pbkdf2:pbkdf2(sha256, Password, Salt, ?FAST_ITERATIONS, 
?SHA256_OUTPUT_LEN).

Reply via email to