ofbiz-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jacques Le Roux (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (OFBIZ-8537) LoginWorker HashCrypt the type of hash for one-way encryption
Date Mon, 05 Dec 2016 11:20:58 GMT

    [ https://issues.apache.org/jira/browse/OFBIZ-8537?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15722016#comment-15722016
] 

Jacques Le Roux commented on OFBIZ-8537:
----------------------------------------

When it comes to security it's better to rely on last improvements than an old RFC from year
2000. There is also an improvement on PBKDF2, but at least PBKDF2 is better than SHA-1. I
also agree with Pierre that we should better discuss this on the dev ML, notably by asking
Grégory (ou security expert) about what he thinks about that. I'll do...

> LoginWorker HashCrypt the type of hash for one-way encryption
> -------------------------------------------------------------
>
>                 Key: OFBIZ-8537
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-8537
>             Project: OFBiz
>          Issue Type: New Feature
>          Components: framework
>    Affects Versions: Trunk
>            Reporter: wangjunyuan
>            Assignee: Shi Jinghai
>            Priority: Minor
>              Labels: HashCrypt, PBKDF2, security.properties
>         Attachments: HashCrypt.patch
>
>
> PBKDF2 (Password-Based Key Derivation Function 2) is part of RSA Laboratories' Public-Key
Cryptography Standards (PKCS) series, specifically PKCS #5 v2.0, also published as Internet
Engineering Task Force's RFC 2898. It replaces an earlier key derivation function, PBKDF1,
which could only produce derived keys up to 160 bits long.Add this function to ofbiz ,this
PBKDF2 has four types in Java:'PBKDF2WithHmacSHA1','PBKDF2WithHmacSHA256','PBKDF2WithHmacSHA384','PBKDF2WithHmacSHA512'



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message