On 04/19/12 22:48, Mark Rotteveel wrote: > On 19-4-2012 10:17, Dmitry Yemanov wrote: >> 19.04.2012 12:02, Mark Rotteveel wrote: >> >>> Ok, that sounds relatively easy. What is the hashing algorithm, and where >>> in the Firebird sources can I find its implementation? >> Something derived from DES, AFAIK. See ENC_crypt(), located in /src/jrd/ >> (pre-FB3) or in /src/common/ (trunk). > Is it standard DES, or a modification? > Mark, I'm not absolutely sure what kind of DES is used, and telling true do not care too much. I think you should not worry about implementing ti in Java client - it anyway adds absolutely no security compared with sending clear password over the wire. And I will fix FB3 to accept it.
It's much more useful to decide what to do with SRP. And (taking wider look at it) - will it be possible to load client parts of plugins by Java client? ------------------------------------------------------------------------------ For Developers, A Lot Can Happen In A Second. Boundary is the first to Know...and Tell You. Monitor Your Applications in Ultra-Fine Resolution. Try it FREE! http://p.sf.net/sfu/Boundary-d2dvs2 Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
