René's URL Explorer Experiment

{"@context":"https://schema.org","@type":"DiscussionForumPosting","headline":"Silent Trimming of Passwords Longer Than 72 Characters","articleBody":"## Description\n\nThe `bcrypt` gem silently trims input strings longer than **72** characters during password hashing, which can lead to unexpected behavior.\nSpecifically, when a string longer than **72** characters is provided, **BCrypt::Password.create** truncates the input to **72** characters without warning, allowing different inputs to produce the same hash. This can potentially enable password verification bypasses if an attacker uses a different string that matches the first **72** characters of the original input. (similar behavior has been posted by **OKTA**: https://trust.okta.com/security-advisories/okta-ad-ldap-delegated-authentication-username/ )\n\n## Steps to Reproduce \n1. Install the bcrypt gem (gem install bcrypt).\n2. Run the following Ruby script:\n```\nrequire 'bcrypt'\n\ncost = 12\nuserid = \"b91fa9b4-69f1-4779-8d45-73f8653057f3\"  # 36 characters\nusername = \"my.very.long.username.with.more.characters@kondukto.io\"  # 47 characters\npassword = \"randomStrongPassword\"  # 20 characters\n\ninput = userid + username + password  # Total: 103 characters\n\nbegin\n  my_password = BCrypt::Password.create(input, cost: cost)\n  puts \"Hashed password: #{my_password}\"\n\n  # Validate the correct password\n  is_valid = BCrypt::Password.new(my_password) == input\n  puts \"Correct password validation: #{is_valid ? 'Success' : 'Failure'}\"\n\n  # Validate with a different password\n  wrong_password = \"AAAAAAAAAAAAAAAAAAAA\"\n  bypass_input = userid + username + wrong_password  # Also 103 characters\n  is_valid = BCrypt::Password.new(my_password) == bypass_input\n  puts \"Bypass password validation: #{is_valid ? 'Success' : 'Failure'}\"\nrescue BCrypt::Errors::InvalidCost, BCrypt::Errors::InvalidSalt =\u003e e\n  puts \"Error creating password: #{e.message}\"\nend\n```\n3. Observe the output:\n```\n└\u003e ruby main.rb\nHashed password 1: $2a$12$nefsa21AluV1BF2EXx6Y4.u6ZV4KT3c1ZWXLIOpWV9KZZ2Y1lGQmO\nPassword validation: Success\nPassword validation: Success\n```\n## Expected Behavior\n- The bcrypt gem should either:\n  - Raise an error when an input string exceeds 72 characters, indicating that the input is too long. \n  - Explicitly document the 72-character limit and warn about truncation in the gem's documentation.\n- The validation of bypass_input (which differs from input after the first 72 characters) should return Failure, as it is a different string.\n\n## Actual Behavior\n- The bcrypt gem silently trims the input string to 72 characters.\n- Both input (103 characters) and bypass_input (103 characters, differing after 72 characters) validate successfully against the same hash, indicating that only the first 72 characters are considered.\n- No warning or error is raised about the truncation.\n\n## Suggested Fix\n- Add a check in BCrypt::Password.create to raise an error (e.g., **BCrypt::Errors::InputTooLong**) if the input exceeds 72 characters. _(this is how other programming languages handles it)_\n- Alternatively, log a warning when truncation occurs to alert developers.\n- Update the gem's documentation to clearly state the 72-character limit and the truncation behavior\n\n## Environment\n- Ruby version: ruby 3.2.3 (2024-01-18 revision 52bb2ac0a6) [x86_64-linux-gnu]\n- bcrypt version: 3.1.13\n- Operating System:  Ubuntu 24.04.2 LTS \n\n## References\n- https://www.usenix.org/legacy/events/usenix99/provos/provos.pdf\n- https://en.wikipedia.org/wiki/Bcrypt\n- https://kondukto.io/blog/okta-vulnerability-bcrypt-auth","author":{"url":"https://github.com/ckalpakoglu","@type":"Person","name":"ckalpakoglu"},"datePublished":"2025-04-29T08:14:38.000Z","interactionStatistic":{"@type":"InteractionCounter","interactionType":"https://schema.org/CommentAction","userInteractionCount":1},"url":"https://github.com/283/bcrypt-ruby/issues/283"}