[
https://issues.apache.org/jira/browse/SHIRO-290?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13713807#comment-13713807
]
Terry Chia commented on SHIRO-290:
----------------------------------
I could perform some tests to verify the outputs of jBCrypt against other
implementations some time this weekend.
I described the approach I'm using in my blog post here:
http://www.infosecstudent.com/2013/07/strong-password-hashing-with-shiro-bcrypt-to-the-rescue/
It's a dirty hack but it gets the job done. If the results of my tests are
acceptable and you are fine with the approach, I could clean up the code a
little and remove the toString() and getCredentials() functions I hacked out of
Shiro and submit a patch.
> Create a BCrypt Hash implementation
> -----------------------------------
>
> Key: SHIRO-290
> URL: https://issues.apache.org/jira/browse/SHIRO-290
> Project: Shiro
> Issue Type: New Feature
> Components: Cryptography & Hashing
> Reporter: Les Hazlewood
> Assignee: Les Hazlewood
> Fix For: 1.3.0
>
>
> Enable BCrypt hashing for those that wish to use it. The following code can
> probably be modified and included (it is a BSD license):
> http://www.mindrot.org/projects/jBCrypt/
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
