[
https://issues.apache.org/jira/browse/DERBY-4483?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Knut Anders Hatlen updated DERBY-4483:
--------------------------------------
Attachment: toHexByte.diff
Here's a patch that moves toHexByte() from StringUtil to
AuthenticationServiceBase and makes it private. It also removes the offset and
length parameters because all callers operate on the entire string, so they're
not needed, and since the original method also seems to have a couple of bugs
in the handling of offset/length, it's better to remove those parameters to
prevent other code from starting using them.
> Provide a way to change the hash algorithm used by BUILTIN authentication
> -------------------------------------------------------------------------
>
> Key: DERBY-4483
> URL: https://issues.apache.org/jira/browse/DERBY-4483
> Project: Derby
> Issue Type: Improvement
> Components: Services
> Affects Versions: 10.5.3.0
> Reporter: Knut Anders Hatlen
> Assignee: Knut Anders Hatlen
> Priority: Minor
> Fix For: 10.6.0.0
>
> Attachments: comments.diff, derby-4483-1a.diff, derby-4483-1a.stat,
> experiment.diff, toHexByte.diff, upgrade-test.diff
>
>
> The BUILTIN authentication scheme protects the passwords by hashing them with
> the SHA-1 algorithm. It would be nice to have way to specify a different
> algorithm so that users can take advantage of new, stronger algorithms
> provided by their JCE provider if so desired.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
