[jboss-jira] [JBoss JIRA] (ELY-302) Add SHA-512-256 to list of algorithms for digest passwords and SASL digest
Jan Kalina (JIRA)
issues at jboss.org
Sat Nov 4 05:26:00 EDT 2017
[ https://issues.jboss.org/browse/ELY-302?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13485905#comment-13485905 ]
Jan Kalina commented on ELY-302:
--------------------------------
SHA-512-256 cannot be implemented using SHA-512 - the initialization vector would have to be different, which MessageDigest API does not allow - sun-specific SHA5 class would have to be extended.
There are two possibilities:
* to rely on MessageDigest SHA-512-256 provided by bouncycastle of other library (when not present any SHA-512-256 provider, it would be unsupported)
* to add custom implementation of SHA-512-256 as part of elytron - will try...
> Add SHA-512-256 to list of algorithms for digest passwords and SASL digest
> --------------------------------------------------------------------------
>
> Key: ELY-302
> URL: https://issues.jboss.org/browse/ELY-302
> Project: WildFly Elytron
> Issue Type: Enhancement
> Components: Passwords, SASL
> Reporter: David Lloyd
> Assignee: Jan Kalina
>
> [RFC 7616|http://www.rfc-editor.org/rfc/rfc7616.txt] was released, indicating that SHA-512-256 is a supported algorithm for digest HTTP mechanisms. We need support for that algorithm as a password. We also then should add a corresponding SASL variant to the DIGEST suite.
> There is no MessageDigest for SHA-512-256. This can be accomplished by truncating the output of SHA-512 to 256 bits (32 bytes). A wrapper MessageDigest could be created, or the ability to arbitrarily truncate the digest could be added to the DIGEST mechanism.
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
More information about the jboss-jira
mailing list