https://bugzilla.wikimedia.org/show_bug.cgi?id=28419
--- Comment #56 from Daniel Friesen <mediawiki-b...@nadir-seen-fire.com> 2012-07-19 21:41:45 UTC --- (In reply to comment #43) > But why the separation? For any password hashing algorithm, compare(hash, > password) === (hash == crypt(password)), assuming crypt is passed the proper > options. - A hash == crypt(password) ends up comparing parameters (unnecessarily) at a serialized text level. It's much cleaner and consistent to do compare a direct hash of the password. We want format flexibility so using compare() lets the crypt implementation extract the hash instead of the outside code making assumptions about the structure. - While it's true that historically `compare(password, hash) = hash == crypt(password, params)` there's no strict reason why that needs to be the case. It's perfectly reasonable for a password implementation to output something that won't pass strict equality but will be comparable to the internal implementation. (In fact I think I could see someone trying to do that using some form of crypto. - The separation of crypt() and compare() also helps keep implementation clean. - The crypt(password, hash) == hash pattern is also not an intuitive one. Outside code implementing the comparison has to do verbose things it should not need to do. And it's not the kind of thing a programmer expects to do. This style of handling additionally adds extra burden to the crypt() implementation itself that doesn't even need to be there. IIRC overall it was a result of the goal to keep implementation and usage intuitive. If you take a look at the differences in code you'll notice that the actual implementation of Password_TypeA has barely any code in it at all. This keeps actual password implementations directly focused on what they actually NEED to do. Not bogged down with irrelevant trivialities that get in the way of making sure that the password implementation is correct. -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
