On 6/11/2014 11:33 AM, Anil Saldhana wrote:
On 06/11/2014 09:30 AM, David M. Lloyd wrote:
> On 06/04/2014 11:07 AM, David M. Lloyd wrote:
> [...]
>> Example: Encrypting a new password
>> ----------------------------------
>>
>> PasswordFactory pf = PasswordFactory.getInstance("sha1crypt");
>> // API not yet established but will be similar to this possibly:
>> ???? parameters = new
>> ???SHA1CryptPasswordParameterSpec("p4ssw0rd".toCharArray());
>> Password encrypted = pf.generatePassword(parameters);
>> assert encrypted instanceof SHA1CryptPassword;
> I have a concrete specification for this example now:
>
> PasswordFactory pf = PasswordFactory.getInstance("sha-256-crypt");
> // use a 64-byte random salt; most algorithms support flexible sizes
> byte[] salt = new byte[64];
> ThreadLocalRandom.current().getBytes(salt);
> // iteration count is 4096, can generally be more (or less)
> AlgorithmParameterSpec aps =
> new HashedPasswordAlgorithmSpec(4096, salt);
> char[] chars = "p4ssw0rd".toCharArray();
> PasswordSpec spec = new EncryptablePasswordSpec(chars, aps);
> Password pw = pf.generatePassword(spec);
> assert pw.getAlgorithm().equals("sha-256-crypt");
> assert pw instanceof UnixSHACryptPassword;
> assert pf.verifyPassword(pw, chars);
>
- Best is to make the salt and iteration count configurable.
+1
5000 iterations is actually a *huge* performance hit, but unfortunately
way lower than what I've seen recommended. (I've seen as high as
100,000 based on today's hardware).
In Keycloak we store the iteration count along with the password so that
the admin can change the default iteration count in the future. We
recalculate the hash on a successful login if the default count and user
count are different.
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com