[jira] [Comment Edited] (OFBIZ-8537) LoginWorker HashCrypt the type of hash for one-way encryption
[ https://issues.apache.org/jira/browse/OFBIZ-8537?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15721925#comment-15721925 ] Michael Brohl edited comment on OFBIZ-8537 at 12/5/16 10:47 AM: I ask myself if we should introduce PBKDF2 if it is not RFC compliant (which I have not checked) and has known weaknesses and/or better solutions are available? was (Author: mbrohl): I ask myself if we should introduce PBKDF2 if it is not RFC compliant and has known weaknesses and/or better solutions are available? > LoginWorker HashCrypt the type of hash for one-way encryption > - > > Key: OFBIZ-8537 > URL: https://issues.apache.org/jira/browse/OFBIZ-8537 > Project: OFBiz > Issue Type: New Feature > Components: framework >Affects Versions: Trunk >Reporter: wangjunyuan >Assignee: Shi Jinghai >Priority: Minor > Labels: HashCrypt, PBKDF2, security.properties > Attachments: HashCrypt.patch > > > PBKDF2 (Password-Based Key Derivation Function 2) is part of RSA > Laboratories' Public-Key Cryptography Standards (PKCS) series, specifically > PKCS #5 v2.0, also published as Internet Engineering Task Force's RFC 2898. > It replaces an earlier key derivation function, PBKDF1, which could only > produce derived keys up to 160 bits long.Add this function to ofbiz ,this > PBKDF2 has four types in > Java:'PBKDF2WithHmacSHA1','PBKDF2WithHmacSHA256','PBKDF2WithHmacSHA384','PBKDF2WithHmacSHA512' -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Comment Edited] (OFBIZ-8537) LoginWorker HashCrypt the type of hash for one-way encryption
[ https://issues.apache.org/jira/browse/OFBIZ-8537?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15721812#comment-15721812 ] Pierre Smits edited comment on OFBIZ-8537 at 12/5/16 10:00 AM: --- Hi [~wangjunyuan], [~shi.jinghai], I wonder who said that OFBiz trunk could *not* be volatile, and *not* be breaking with the past... I suggest not to change back, but rather remove the flexadmin references everywhere. Preferably in a new JIRA issue. We're talking about demo data was (Author: pfm.smits): Hi [~wangjunyuan], [~shi.jinghai], I wonder who said that OFBiz could *not* be volatile, and *not* be breaking with the past... I suggest not to change back, but rather remove the flexadmin references everywhere. Preferably in a new JIRA issue. We're talking about demo data > LoginWorker HashCrypt the type of hash for one-way encryption > - > > Key: OFBIZ-8537 > URL: https://issues.apache.org/jira/browse/OFBIZ-8537 > Project: OFBiz > Issue Type: New Feature > Components: framework >Affects Versions: Trunk >Reporter: wangjunyuan >Assignee: Shi Jinghai >Priority: Minor > Labels: HashCrypt, PBKDF2, security.properties > Attachments: HashCrypt.patch > > > PBKDF2 (Password-Based Key Derivation Function 2) is part of RSA > Laboratories' Public-Key Cryptography Standards (PKCS) series, specifically > PKCS #5 v2.0, also published as Internet Engineering Task Force's RFC 2898. > It replaces an earlier key derivation function, PBKDF1, which could only > produce derived keys up to 160 bits long.Add this function to ofbiz ,this > PBKDF2 has four types in > Java:'PBKDF2WithHmacSHA1','PBKDF2WithHmacSHA256','PBKDF2WithHmacSHA384','PBKDF2WithHmacSHA512' -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Comment Edited] (OFBIZ-8537) LoginWorker HashCrypt the type of hash for one-way encryption
[ https://issues.apache.org/jira/browse/OFBIZ-8537?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711607#comment-15711607 ] wangjunyuan edited comment on OFBIZ-8537 at 12/1/16 10:48 AM: -- There are three files in this patch. This file that HashCrypt.java has been modified,this modification is reflected in the increase in support for PBDKF2,PBKDF2's iteration option are added in the other file that security.properties,the third file that PasswordSecurityDemoData.xml has been modified, flexadmin's password is admin hashed by PBDKF2_SHA1 was (Author: wangjunyuan): There are three files in this patch.This file that HashCrypt.java has been modified,this modification is reflected in the increase in support for PBDKF2,PBKDF2's iteration option are added in the other file that security.properties,the third file that PasswordSecurityDemoData.xml has been modified at the user of userLoginId is flexadmin > LoginWorker HashCrypt the type of hash for one-way encryption > - > > Key: OFBIZ-8537 > URL: https://issues.apache.org/jira/browse/OFBIZ-8537 > Project: OFBiz > Issue Type: New Feature > Components: framework >Affects Versions: Trunk >Reporter: wangjunyuan >Assignee: Shi Jinghai >Priority: Minor > Labels: HashCrypt, PBKDF2, security.properties > Attachments: HashCrypt.patch > > > PBKDF2 (Password-Based Key Derivation Function 2) is part of RSA > Laboratories' Public-Key Cryptography Standards (PKCS) series, specifically > PKCS #5 v2.0, also published as Internet Engineering Task Force's RFC 2898. > It replaces an earlier key derivation function, PBKDF1, which could only > produce derived keys up to 160 bits long.Add this function to ofbiz ,this > PBKDF2 has four types in > Java:'PBKDF2WithHmacSHA1','PBKDF2WithHmacSHA256','PBKDF2WithHmacSHA384','PBKDF2WithHmacSHA512' -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Comment Edited] (OFBIZ-8537) LoginWorker HashCrypt the type of hash for one-way encryption
[ https://issues.apache.org/jira/browse/OFBIZ-8537?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711607#comment-15711607 ] wangjunyuan edited comment on OFBIZ-8537 at 12/1/16 10:42 AM: -- There are three files in this patch.This file that HashCrypt.java has been modified,this modification is reflected in the increase in support for PBDKF2,PBKDF2's iteration option are added in the other file that security.properties,the third file that PasswordSecurityDemoData.xml has been modified at the user of userLoginId is flexadmin was (Author: wangjunyuan): There have three files in this patch.This file that HashCrypt.java has been modified,this modification is reflected in the increase in support for PBDKF2,PBKDF2's iteration option are added in the other file that security.properties,the third file that PasswordSecurityDemoData.xml has been modified at the user of userLoginId is flexadmin > LoginWorker HashCrypt the type of hash for one-way encryption > - > > Key: OFBIZ-8537 > URL: https://issues.apache.org/jira/browse/OFBIZ-8537 > Project: OFBiz > Issue Type: New Feature > Components: framework >Affects Versions: Trunk >Reporter: wangjunyuan >Assignee: Shi Jinghai >Priority: Minor > Labels: HashCrypt, PBKDF2, security.properties > Attachments: HashCrypt.patch > > > PBKDF2 (Password-Based Key Derivation Function 2) is part of RSA > Laboratories' Public-Key Cryptography Standards (PKCS) series, specifically > PKCS #5 v2.0, also published as Internet Engineering Task Force's RFC 2898. > It replaces an earlier key derivation function, PBKDF1, which could only > produce derived keys up to 160 bits long.Add this function to ofbiz ,this > PBKDF2 has four types in > Java:'PBKDF2WithHmacSHA1','PBKDF2WithHmacSHA256','PBKDF2WithHmacSHA384','PBKDF2WithHmacSHA512' -- This message was sent by Atlassian JIRA (v6.3.4#6332)
