Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 61FC1200C2F for ; Mon, 6 Mar 2017 10:08:37 +0100 (CET) Received: by cust-asf.ponee.io (Postfix) id 6088B160B76; Mon, 6 Mar 2017 09:08:37 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id ABF68160B73 for ; Mon, 6 Mar 2017 10:08:36 +0100 (CET) Received: (qmail 86096 invoked by uid 500); 6 Mar 2017 09:08:35 -0000 Mailing-List: contact dev-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Apache Directory Developers List" Delivered-To: mailing list dev@directory.apache.org Received: (qmail 86086 invoked by uid 99); 6 Mar 2017 09:08:35 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd3-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 06 Mar 2017 09:08:35 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd3-us-west.apache.org (ASF Mail Server at spamd3-us-west.apache.org) with ESMTP id 5795218495F for ; Mon, 6 Mar 2017 09:08:35 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd3-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: -2.347 X-Spam-Level: X-Spam-Status: No, score=-2.347 tagged_above=-999 required=6.31 tests=[RP_MATCHES_RCVD=-2.999, SPF_NEUTRAL=0.652] autolearn=disabled Received: from mx1-lw-eu.apache.org ([10.40.0.8]) by localhost (spamd3-us-west.apache.org [10.40.0.10]) (amavisd-new, port 10024) with ESMTP id MrJeNmXcfEd9 for ; Mon, 6 Mar 2017 09:08:34 +0000 (UTC) Received: from mailrelay1-us-west.apache.org (mailrelay1-us-west.apache.org [209.188.14.139]) by mx1-lw-eu.apache.org (ASF Mail Server at mx1-lw-eu.apache.org) with ESMTP id E327C5F297 for ; Mon, 6 Mar 2017 09:08:33 +0000 (UTC) Received: from jira-lw-us.apache.org (unknown [207.244.88.139]) by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTP id 27EC9E0041 for ; Mon, 6 Mar 2017 09:08:33 +0000 (UTC) Received: from jira-lw-us.apache.org (localhost [127.0.0.1]) by jira-lw-us.apache.org (ASF Mail Server at jira-lw-us.apache.org) with ESMTP id D8E9524168 for ; Mon, 6 Mar 2017 09:08:32 +0000 (UTC) Date: Mon, 6 Mar 2017 09:08:32 +0000 (UTC) From: "Thilo-Alexander Ginkel (JIRA)" To: dev@directory.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Commented] (DIRSERVER-2180) BCrypt password hashing support MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 archived-at: Mon, 06 Mar 2017 09:08:37 -0000 [ https://issues.apache.org/jira/browse/DIRSERVER-2180?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15896934#comment-15896934 ] Thilo-Alexander Ginkel commented on DIRSERVER-2180: --------------------------------------------------- Hi Emmanuel, without adding the CheckStyle exception the build failed with > 1000 checkstyle errors in that class. I think it makes much more sense to use the BCrypt implementation as is instead of adjusting it to the project's code formatting guidelines as integrating possible upstream changes becomes a nightmare otherwise. If I understand correctly the 2a, 2x, 2y version scheme only applies to the OpenBSD BCrypt implementation and is used to version implementation glitches for hashes generated with that very implementation. Any other library I have spotted so far will happily generate 2a hashes in 2017 even though (or because) it probably has never been affected by those glitches / defects. IMHO it is fine to support just 2a as long as one does not need to be bug-compatible with OpenBSD. > BCrypt password hashing support > ------------------------------- > > Key: DIRSERVER-2180 > URL: https://issues.apache.org/jira/browse/DIRSERVER-2180 > Project: Directory ApacheDS > Issue Type: Improvement > Reporter: Thilo-Alexander Ginkel > Priority: Minor > > At the moment, Apache DS does not support the BCrypt password hashing algorithm. > As discussed on the dev mailinglist, I'd like to contribute support for this algorithm and am opening this ticket as requested by [~elecharny]. An incomplete prototype (at least OSGi tests are currently broken) is available at [1]. > [1] https://github.com/tgbyte/directory-shared/tree/feature/bcrypt-hash-support -- This message was sent by Atlassian JIRA (v6.3.15#6346)