[JBoss JIRA] (ELY-1497) Support Modular Crypt Format (MCF) password in Bcrypt mapper

Tuesday, 28 May 2019

     [
https://issues.jboss.org/browse/ELY-1497?page=com.atlassian.jira.plugin.s...
]

Darran Lofthouse resolved ELY-1497.
-----------------------------------
    Fix Version/s: 1.9.0.Final
         Assignee: Darran Lofthouse
       Resolution: Out of Date

Modular crypt support is added to the JDBC SecurityRealm from WildFly 17 and Elytron
1.9.0.Final.

...
 Support Modular Crypt Format (MCF) password in Bcrypt mapper
 ------------------------------------------------------------

                 Key: ELY-1497
                 URL: https://issues.jboss.org/browse/ELY-1497
             Project: WildFly Elytron
          Issue Type: Enhancement
          Components: Passwords
    Affects Versions: 1.1.7.Final
            Reporter: Tom Stiemerling
            Assignee: Darran Lofthouse
            Priority: Major
             Fix For: 1.9.0.Final

 Currently BCrypt mapper for DB realm does not support MCF format passwords (which does
not require explicit salt or iterations):
 {noformat}
 17:42:28,328 ERROR [org.jboss.as.controller.management-operation] (ServerService Thread
Pool -- 3) WFLYCTL0013: Operation ("add") failed - address: ([
     ("subsystem" => "elytron"),
     ("jdbc-realm" => "DatabaseRealm")
 ]) - failure description: "WFLYCTL0155: 'salt-index' may not be null"
 {noformat}
 Support should be added to support MCF password so only single column needed in DB.
 Logic:
 {code}
 if (password && !salt && !iterations)
    assume MCF format password
 else if (password && salt && iterations)
   assume BCrypt (b64) password, etc
 else
   error
 {code} 

--
This message was sent by Atlassian Jira
(v7.12.1#712002)

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006