feat: add support for sha256 and sha512 htpasswd formats

Fixes issue #3495

We currently support only bcrypt htpasswd hashes, however bcrypt is not
FIPS-140 approved since it uses Blowfish.

This PR adds support for sha256 and sha512 formats and enforces that
bcrypt be disabled when fips140 mode is enabled.

Signed-off-by: Ramkumar Chinchani <[email protected]>

Author: rchincha

go.mod

@@ -4,6 +4,7 @@ go 1.24.4
 
 require (
 	github.com/99designs/gqlgen v0.17.81
+	github.com/GehirnInc/crypt v0.0.0-20230320061759-8cc1b52080c5
 	github.com/Masterminds/semver v1.5.0
 	github.com/alicebob/miniredis/v2 v2.35.0
 	github.com/aquasecurity/trivy v0.65.0
@@ -69,6 +70,7 @@ require (
 	github.com/stretchr/testify v1.11.1
 	github.com/swaggo/http-swagger v1.3.4
 	github.com/swaggo/swag v1.16.6
+	github.com/tg123/go-htpasswd v1.2.4
 	github.com/tiendc/go-deepcopy v1.7.1
 	github.com/vektah/gqlparser/v2 v2.5.30
 	github.com/zitadel/oidc/v3 v3.45.0

go.sum

@@ -689,6 +689,8 @@ github.com/DATA-DOG/go-sqlmock v1.5.2 h1:OcvFkGmslmlZibjAjaHm3L//6LiuBgolP7Oputl
 github.com/DATA-DOG/go-sqlmock v1.5.2/go.mod h1:88MAG/4G7SMwSE3CeA0ZKzrT5CiOU3OJ+JlNzwDqpNU=
 github.com/DataDog/zstd v1.5.5 h1:oWf5W7GtOLgp6bciQYDmhHHjdhYkALu6S/5Ni9ZgSvQ=
 github.com/DataDog/zstd v1.5.5/go.mod h1:g4AWEaM3yOg3HYfnJ3YIawPnVdXJh9QME85blwSAmyw=
+github.com/GehirnInc/crypt v0.0.0-20230320061759-8cc1b52080c5 h1:IEjq88XO4PuBDcvmjQJcQGg+w+UaafSy8G5Kcb5tBhI=
+github.com/GehirnInc/crypt v0.0.0-20230320061759-8cc1b52080c5/go.mod h1:exZ0C/1emQJAw5tHOaUDyY1ycttqBAPcxuzf7QbY6ec=
 github.com/GoogleCloudPlatform/docker-credential-gcr v2.0.5+incompatible h1:juIaKLLVhqzP55d8x4cSVgwyQv76Z55/fRv/UBr2KkQ=
 github.com/GoogleCloudPlatform/docker-credential-gcr v2.0.5+incompatible/go.mod h1:BB1eHdMLYEFuFdBlRMb0N7YGVdM5s6Pt0njxgvfbGGs=
 github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp v1.27.0 h1:ErKg/3iS1AKcTkf3yixlZ54f9U1rljCkQyEXWUnIUxc=
@@ -2055,6 +2057,8 @@ github.com/testcontainers/testcontainers-go/modules/localstack v0.38.0 h1:3ljIy6
 github.com/testcontainers/testcontainers-go/modules/localstack v0.38.0/go.mod h1:BTsbqWC9huPV8Jg8k46Jz4x1oRAA9XGxneuuOOIrtKY=
 github.com/tetratelabs/wazero v1.9.0 h1:IcZ56OuxrtaEz8UYNRHBrUa9bYeX9oVY93KspZZBf/I=
 github.com/tetratelabs/wazero v1.9.0/go.mod h1:TSbcXCfFP0L2FGkRPxHphadXPjo1T6W+CseNNY7EkjM=
+github.com/tg123/go-htpasswd v1.2.4 h1:HgH8KKCjdmo7jjXWN9k1nefPBd7Be3tFCTjc2jPraPU=
+github.com/tg123/go-htpasswd v1.2.4/go.mod h1:EKThQok9xHkun6NBMynNv6Jmu24A33XdZzzl4Q7H1+0=
 github.com/thales-e-security/pool v0.0.2 h1:RAPs4q2EbWsTit6tpzuvTFlgFRJ3S8Evf5gtvVDbmPg=
 github.com/thales-e-security/pool v0.0.2/go.mod h1:qtpMm2+thHtqhLzTwgDBj/OuNnMpupY8mv0Phz0gjhU=
 github.com/theupdateframework/go-tuf v0.7.0 h1:CqbQFrWo1ae3/I0UCblSbczevCCbS31Qvs5LdxRWqRI=

pkg/api/htpasswd.go

@@ -3,6 +3,7 @@ package api
 import (
 	"bufio"
 	"context"
+	"crypto/fips140"
 	"errors"
 	"os"
 	"os/signal"
@@ -11,8 +12,10 @@ import (
 	"syscall"
 
 	"github.com/fsnotify/fsnotify"
+	"github.com/tg123/go-htpasswd"
 	"golang.org/x/crypto/bcrypt"
 
+	zerr "zotregistry.dev/zot/v2/errors"
 	"zotregistry.dev/zot/v2/pkg/log"
 )
 
@@ -87,14 +90,35 @@ func (s *HTPasswd) Authenticate(username, passphrase string) (ok, present bool)
 		return false, false
 	}
 
-	err := bcrypt.CompareHashAndPassword([]byte(passphraseHash), []byte(passphrase))
-	ok = err == nil
+	err := zerr.ErrInvalidCred
+
+	if strings.HasPrefix(passphraseHash, "$2a$") || strings.HasPrefix(passphraseHash, "$2b$") ||
+		strings.HasPrefix(passphraseHash, "$2y$") {
 
-	if err != nil && !errors.Is(err, bcrypt.ErrMismatchedHashAndPassword) {
-		// Log that user's hash has unsupported format. Better than silently return 401.
-		s.log.Warn().Err(err).Str("username", username).Msg("htpasswd bcrypt compare failed")
+		err = bcrypt.CompareHashAndPassword([]byte(passphraseHash), []byte(passphrase))
+
+		if err != nil && !errors.Is(err, bcrypt.ErrMismatchedHashAndPassword) {
+			// Log that user's hash has unsupported format. Better than silently return 401.
+			s.log.Warn().Err(err).Str("username", username).Msg("htpasswd bcrypt compare failed")
+		}
+
+		if fips140.Enabled() {
+			s.log.Warn().Str("username", username).Msg("htpasswd bcrypt failed since fips140 is enabled")
+
+			err = zerr.ErrInvalidCred // bcrypt is not a fips140 approved algo
+		}
+	} else {
+		ep, err := htpasswd.AcceptCryptSha(passphraseHash) // sha256 or sha512
+		if err != nil {
+			// Log that user's hash has unsupported format. Better than silently return 401.
+			s.log.Warn().Err(err).Str("username", username).Msg("htpasswd crypt parsing failed")
+		}
+
+		ok = ep.MatchesPassword(passphrase)
 	}
 
+	ok = err == nil
+
 	return
 }
 

pkg/api/htpasswd_test.go

@@ -19,7 +19,7 @@ func TestHTPasswdWatcherOriginal(t *testing.T) {
 		username, _ := test.GenerateRandomString()
 		password1, _ := test.GenerateRandomString()
 		password2, _ := test.GenerateRandomString()
-		htpasswdPath := test.MakeHtpasswdFileFromString(test.GetCredString(username, password1))
+		htpasswdPath := test.MakeHtpasswdFileFromString(test.GetBcryptCredString(username, password1))
 
 		defer os.Remove(htpasswdPath)
 
@@ -49,7 +49,7 @@ func TestHTPasswdWatcherOriginal(t *testing.T) {
 		So(present, ShouldBeTrue)
 
 		// 2. Change file
-		err = os.WriteFile(htpasswdPath, []byte(test.GetCredString(username, password2)), 0o600)
+		err = os.WriteFile(htpasswdPath, []byte(test.GetBcryptCredString(username, password2)), 0o600)
 		So(err, ShouldBeNil)
 
 		// 3. Give some time for the background task
@@ -98,8 +98,8 @@ func TestHTPasswdWatcher(t *testing.T) {
 			username2, _ := test.GenerateRandomString()
 			password2, _ := test.GenerateRandomString()
 
-			htpasswdPath1 := test.MakeHtpasswdFileFromString(test.GetCredString(username1, password1))
-			htpasswdPath2 := test.MakeHtpasswdFileFromString(test.GetCredString(username2, password2))
+			htpasswdPath1 := test.MakeHtpasswdFileFromString(test.GetBcryptCredString(username1, password1))
+			htpasswdPath2 := test.MakeHtpasswdFileFromString(test.GetBcryptCredString(username2, password2))
 
 			defer os.Remove(htpasswdPath1)
 			defer os.Remove(htpasswdPath2)
@@ -150,15 +150,15 @@ func TestHTPasswdWatcher(t *testing.T) {
 			So(present, ShouldBeTrue)
 
 			// Change file content and verify automatic reload
-			err = os.WriteFile(htpasswdPath1, []byte(test.GetCredString(username1, password2)), 0o600)
+			err = os.WriteFile(htpasswdPath1, []byte(test.GetBcryptCredString(username1, password2)), 0o600)
 			So(err, ShouldBeNil)
 			time.Sleep(100 * time.Millisecond)
 			ok, present = htp.Authenticate(username1, password2)
 			So(ok, ShouldBeTrue)
 			So(present, ShouldBeTrue)
 
 			// Test multiple users
-			multiUserContent := test.GetCredString(username1, password1) + "\n" + test.GetCredString(username2, password2)
+			multiUserContent := test.GetBcryptCredString(username1, password1) + "\n" + test.GetBcryptCredString(username2, password2)
 			err = os.WriteFile(htpasswdPath1, []byte(multiUserContent), 0o600)
 			So(err, ShouldBeNil)
 			time.Sleep(100 * time.Millisecond)
@@ -194,8 +194,8 @@ func TestHTPasswdWatcher(t *testing.T) {
 			username2, _ := test.GenerateRandomString()
 			password2, _ := test.GenerateRandomString()
 
-			htpasswdPath1 := test.MakeHtpasswdFileFromString(test.GetCredString(username1, password1))
-			htpasswdPath2 := test.MakeHtpasswdFileFromString(test.GetCredString(username2, password2))
+			htpasswdPath1 := test.MakeHtpasswdFileFromString(test.GetBcryptCredString(username1, password1))
+			htpasswdPath2 := test.MakeHtpasswdFileFromString(test.GetBcryptCredString(username2, password2))
 
 			defer os.Remove(htpasswdPath1)
 			defer os.Remove(htpasswdPath2)
@@ -236,7 +236,7 @@ func TestHTPasswdWatcher(t *testing.T) {
 			So(present, ShouldBeTrue)
 
 			// Test file rename (should not trigger reload)
-			htpasswdPath3 := test.MakeHtpasswdFileFromString(test.GetCredString(username1, password1))
+			htpasswdPath3 := test.MakeHtpasswdFileFromString(test.GetBcryptCredString(username1, password1))
 			defer os.Remove(htpasswdPath3)
 			err = htw.ChangeFile(htpasswdPath3)
 			So(err, ShouldBeNil)
@@ -302,8 +302,8 @@ func TestHTPasswdWatcher(t *testing.T) {
 			username2, _ := test.GenerateRandomString()
 			password2, _ := test.GenerateRandomString()
 
-			htpasswdPath1 := test.MakeHtpasswdFileFromString(test.GetCredString(username1, password1))
-			htpasswdPath2 := test.MakeHtpasswdFileFromString(test.GetCredString(username2, password2))
+			htpasswdPath1 := test.MakeHtpasswdFileFromString(test.GetBcryptCredString(username1, password1))
+			htpasswdPath2 := test.MakeHtpasswdFileFromString(test.GetBcryptCredString(username2, password2))
 
 			defer os.Remove(htpasswdPath1)
 			defer os.Remove(htpasswdPath2)
@@ -408,7 +408,7 @@ func TestHTPasswdWatcher(t *testing.T) {
 			// Test 2: File watching with fsnotify resources cleanup
 			username, _ := test.GenerateRandomString()
 			password, _ := test.GenerateRandomString()
-			htpasswdPath := test.MakeHtpasswdFileFromString(test.GetCredString(username, password))
+			htpasswdPath := test.MakeHtpasswdFileFromString(test.GetBcryptCredString(username, password))
 
 			defer os.Remove(htpasswdPath)
 
@@ -490,7 +490,7 @@ func TestHTPasswdWatcher(t *testing.T) {
 			So(test.WaitForLogMessages(logBuffer, "htpasswd watcher terminating...", 1, 5*time.Second), ShouldBeTrue)
 
 			// Test file with empty lines and comments
-			content := "\n\n" + test.GetCredString(username, password) + "\n# comment\n"
+			content := "\n\n" + test.GetBcryptCredString(username, password) + "\n# comment\n"
 			commentedPath := test.MakeHtpasswdFileFromString(content)
 
 			defer os.Remove(commentedPath)
@@ -520,7 +520,7 @@ func TestHTPasswdWatcher(t *testing.T) {
 			So(err, ShouldBeNil)
 
 			// Load some initial data
-			htpasswdPath := test.MakeHtpasswdFileFromString(test.GetCredString(username, password))
+			htpasswdPath := test.MakeHtpasswdFileFromString(test.GetBcryptCredString(username, password))
 			defer os.Remove(htpasswdPath)
 
 			// Load initial file (this will populate the store)

pkg/test/common/fs.go

@@ -12,6 +12,7 @@ import (
 	"strings"
 	"time"
 
+	"github.com/GehirnInc/crypt"
 	"golang.org/x/crypto/bcrypt"
 )
 
@@ -213,7 +214,7 @@ func ReadLogFileAndCountStringOccurence(logPath string, stringToMatch string,
 	}
 }
 
-func GetCredString(username, password string) string {
+func GetBcryptCredString(username, password string) string {
 	hash, err := bcrypt.GenerateFromPassword([]byte(password), 10)
 	if err != nil {
 		panic(err)
@@ -224,6 +225,51 @@ func GetCredString(username, password string) string {
 	return usernameAndHash
 }
 
+// Prefixes
+const PrefixCryptSha256 = "$5$"
+const PrefixCryptSha512 = "$6$"
+const Separator = "$"
+
+func shaCrypt(password string, rounds string, salt string, prefix string) string {
+
+	var ret string
+	var sb strings.Builder
+	sb.WriteString(prefix)
+	if len(rounds) > 0 {
+		sb.WriteString(rounds)
+		sb.WriteString(Separator)
+	}
+	sb.WriteString(salt)
+	totalSalt := sb.String()
+
+	if prefix == PrefixCryptSha512 {
+		crypt := crypt.SHA512.New()
+		ret, _ = crypt.Generate([]byte(password), []byte(totalSalt))
+
+	} else if prefix == PrefixCryptSha256 {
+		crypt := crypt.SHA256.New()
+		ret, _ = crypt.Generate([]byte(password), []byte(totalSalt))
+	}
+
+	return ret[len(totalSalt)+1:]
+}
+
+func GetSHA256CredString(username, password string) string {
+	hash := shaCrypt(password, "rounds=5000", "saltstring", PrefixCryptSha256)
+
+	usernameAndHash := fmt.Sprintf("%s:%s\n", username, string(hash))
+
+	return usernameAndHash
+}
+
+func GetSHA512CredString(username, password string) string {
+	hash := shaCrypt(password, "rounds=5000", "saltstring", PrefixCryptSha512)
+
+	usernameAndHash := fmt.Sprintf("%s:%s\n", username, string(hash))
+
+	return usernameAndHash
+}
+
 func MakeHtpasswdFileFromString(fileContent string) string {
 	htpasswdFile, err := os.CreateTemp("", "htpasswd-")
 	if err != nil {

pkg/test/common/fs_test.go

@@ -277,7 +277,7 @@ func TestGetCredString(t *testing.T) {
 			pass[i] = 'Y'
 		}
 
-		f := func() { tcommon.GetCredString("testUser", string(pass)) }
+		f := func() { tcommon.GetBcryptCredString("testUser", string(pass)) }
 		So(f, ShouldPanicWith, bcrypt.ErrPasswordTooLong)
 	})
 }

pkg/test/image-utils/upload_test.go

@@ -178,7 +178,7 @@ func TestUploadImage(t *testing.T) {
 
 		user1 := "test"
 		password1 := "test"
-		testString1 := tcommon.GetCredString(user1, password1)
+		testString1 := tcommon.GetBcryptCredString(user1, password1)
 
 		htpasswdPath := tcommon.MakeHtpasswdFileFromString(testString1)
 		defer os.Remove(htpasswdPath)
@@ -495,7 +495,7 @@ func TestInjectUploadImageWithBasicAuth(t *testing.T) {
 
 		user := "user"
 		password := "password"
-		testString := tcommon.GetCredString(user, password)
+		testString := tcommon.GetBcryptCredString(user, password)
 
 		htpasswdPath := tcommon.MakeHtpasswdFileFromString(testString)
 		defer os.Remove(htpasswdPath)