password peppers rotation issue

[DAC098]

when a new password is created and there are peppers available the server will provide the hashing function a pepper the use during the process. while this helps (hopefully) with security there is a problem with rotating out old or leaked peppers. there is no way for the server to create a new hash without the password used to create it making automatically rotating them impossible without user assistance.

I have been looking into it off and on and deciding to remove the peppers from the hashing process and use block/stream-ciphers to encrypt/decrypt the hash in the database.

checking passwords will follow:

1. lookup password for user
2. get pepper based on password version (0 is no pepper)
3. decrypt password
4. compare hash's

creating new passwords will follow:

1. get latest pepper and version (if no peppers are available then the version will be 0 with no pepper)
2. create hash of new password
3. encrypt hash
4. store in database

currently planning on chacha20poly1305 for encrypting/decrypting which will require a unique nonce to be generated and stored with the password hash.

[DAC098]

finished this up with little pain. got pepper rotation setup when deleting a pepper I may add in something to rotate peppers to a new version without having to delete the old one but for now this will do. a few other small things also got added but nothing big.