Patch will be tidied to community standards before submission. The upgrade code is not yet written but should be straightforward.
B. On 6 July 2011 14:50, Filipe David Manana <[email protected]> wrote: > Looks good to me as well. > > Minor nitpick, ideally it would respect our coding standard of not > having lines longer than 80 characters. > > Good work Robert > > On Wed, Jul 6, 2011 at 2:10 PM, Robert Newson <[email protected]> wrote: >> Making it pluggable is probably not much more work but I have to point >> at that "use sha256" is an inadequate description of a secure password >> hashing protocol. >> >> B. >> >> On 6 July 2011 14:05, Benoit Chesneau <[email protected]> wrote: >>> On Wed, Jul 6, 2011 at 2:43 PM, Robert Newson <[email protected]> wrote: >>>> All, >>>> >>>> Our current password hashing scheme is weak. In fact, it's regarded as >>>> weak as plaintext. I'd like to change that. >>>> >>>> Some time ago I wrote some code to implement the PBKDF2 protocol. This >>>> is a cryptographically sound means of deriving a key from a password. >>>> The output is also usable as a password hash. An important part of the >>>> protocol is that the work factor can be increased by increasing the >>>> loop count. Additionally, it is not tied to a specific digest >>>> algorithm. All these points are not true of the sometimes proposed >>>> alternative called 'bcrypt' which I do not recommend. >>>> >>>> I would like this to go into CouchDB 1.2. New passwords, and updated >>>> passwords, from 1.2 onwards would use the new scheme, but 1.2 will, >>>> obviously, be able to verify the current style. This work will take >>>> place within couch_server where hash_admin_passwords currently lives. >>>> >>>> The PKBDF2 code is here: >>>> https://github.com/rnewson/couchdb/tree/pbkdf2. It passes all the test >>>> vectors. >>>> >>>> The ticket for this work is >>>> https://issues.apache.org/jira/browse/COUCHDB-1060 >>>> >>>> B. >>>> >>> That sounds good. I would prefer however a customizable hashing method >>> for passwords so we can change it easily depending the target. Some >>> administrations for example require that you use some methods (like >>> sha256 in europe) and it would be very useful. >>> >>> - benoît >>> >> > > > > -- > Filipe David Manana, > [email protected], [email protected] > > "Reasonable men adapt themselves to the world. > Unreasonable men adapt the world to themselves. > That's why all progress depends on unreasonable men." >
