1 files changed, 20 insertions, 2 deletions

diff --git a/keystone/common/password_hashing.py b/keystone/common/password_hashing.py
index 4e62d9c38..b38d3cba7 100644
--- a/keystone/common/password_hashing.py
+++ b/keystone/common/password_hashing.py
@@ -57,8 +57,26 @@ def _get_hasher_from_ident(hashed):
 
 
 def verify_length_and_trunc_password(password):
-    """Verify and truncate the provided password to the max_password_length."""
-    max_length = CONF.identity.max_password_length
+    """Verify and truncate the provided password to the max_password_length.
+
+    We also need to check that the configured password hashing algorithm does
+    not silently truncate the password.  For example, passlib.hash.bcrypt does
+    this:
+    https://passlib.readthedocs.io/en/stable/lib/passlib.hash.bcrypt.html#security-issues
+
+    """
+    # When using bcrypt, we limit the password length to 54 to ensure all
+    # bytes are fully mixed. See:
+    # https://passlib.readthedocs.io/en/stable/lib/passlib.hash.bcrypt.html#security-issues
+    BCRYPT_MAX_LENGTH = 54
+    if (CONF.identity.password_hash_algorithm == 'bcrypt' and  # nosec: B105
+            CONF.identity.max_password_length > BCRYPT_MAX_LENGTH):
+        msg = "Truncating password to algorithm specific maximum length %d characters."
+        LOG.warning(msg, BCRYPT_MAX_LENGTH)
+        max_length = BCRYPT_MAX_LENGTH
+    else:
+        max_length = CONF.identity.max_password_length
+
     try:
         if len(password) > max_length:
             if CONF.strict_password_check: