[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Openstack-security] [Bug 1757300] Re: RandomString may have less entropy than expected


Reviewed:  https://review.openstack.org/555905
Committed: https://git.openstack.org/cgit/openstack/heat/commit/?id=a08893dc865ab5fd39c013fe727f7cbf267583ad
Submitter: Zuul
Branch:    stable/pike

commit a08893dc865ab5fd39c013fe727f7cbf267583ad
Author: Zane Bitter <zbitter at redhat.com>
Date:   Tue Mar 20 20:48:38 2018 -0400

    Fix entropy problems with OS::Random::String
    
    When generating a random string, once we had selected from the various
    required pools, we continued by selecting a pool at random and then
    selecting a character from that pool at random. This did not take into
    account the differing sizes of the available pools, nor the fact that the
    same character could appear in multiple pools, which resulted in a
    non-uniform probability distribution of characters. Since users mostly make
    use of this feature to generate default passwords for services they are
    deploying, this would result in the generated passwords having slightly
    less entropy than expected (and pathological cases were possible).
    
    Rectify this by always selecting non-constrained characters from a single
    combined pool, and by ensuring that each character appears only once in any
    pool we're selecting from.
    
    Since we also want to use this method to generate passwords for OpenStack
    Users, the new implementation is in a separate module in heat.common rather
    than mixed in with the resource's logic. Also, use a StringIO object to
    collect the characters rather than repeatedly appending to a string.
    
    Change-Id: Ia7b63e72c1e3c0649290caf4fea8a32f7f89560b
    Closes-Bug: #1757300
    Related-Bug: #1666129
    Related-Bug: #1444429
    (cherry picked from commit 6e16c051ba9c2fc409c82fda19467d9ee1aaf484)


** Tags added: in-stable-pike

-- 
You received this bug notification because you are a member of OpenStack
Security SIG, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1757300

Title:
  RandomString may have less entropy than expected

Status in OpenStack Heat:
  Fix Released
Status in OpenStack Security Advisory:
  Won't Fix

Bug description:
  When generating a random string, once we have selected from the
  various required pools, we continue by selecting a pool at random and
  then selecting a character from that pool at random. This does not
  take into account the differing sizes of the available pools, nor the
  fact that the same character could appear in multiple pools. This
  results in a non-uniform probability distribution of characters.

  For example, in the following resource:

      type: OS::Heat::RandomString
      properties:
        length: 66
        character_classes:
          - class: lettersdigits
        character_sequences:
          - sequence: "*$"

  one might reasonably expect to find an average of 3 '*' or '$'
  characters in the output, but in fact there would be an average of 33.

  Since users mostly make use of this feature to generate default
  passwords for services they are deploying, this would result in the
  generated passwords having slightly less entropy than expected.
  Pathological cases where the entropy is massively reduced (like the
  one above - where it is only 229.5 bits vs. the expected 391 bits) are
  possible, although it's probably unlikely that users would encounter
  them by accident.

To manage notifications about this bug go to:
https://bugs.launchpad.net/heat/+bug/1757300/+subscriptions