[jboss-jira] [JBoss JIRA] (ELY-1435) Elytron BCrypt Mapper Not Working with jBCrypt
David Lloyd (JIRA)
issues at jboss.org
Mon Nov 6 16:46:00 EST 2017
[ https://issues.jboss.org/browse/ELY-1435?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13486513#comment-13486513 ]
David Lloyd commented on ELY-1435:
----------------------------------
Let me state this another way: the JDBC mapper is storing and retrieving binary password components (hash and salt) in standard base 64. This is not the same encoding used by modular crypt. So, if you take those base 64 pieces and concatenate them together with a header, you will not get a valid modular crypt. You'd have to base64 decode each piece to a {{byte[]}}, then construct a password spec, generate a BCrypt password, and then render it as modular crypt to get it in modular crypt format, in order to see the modular crypt version. This isn't a bug; the JDBC realm is simply storing the data in a way that it can recover to a {{byte[]}} again. The bug would be if the byte data loaded from the database did not resolve to a valid BCrypt password, or if the byte data that Elytron generates does not match with the byte data that other tools generate for the same cost, salt, and source password.
> Elytron BCrypt Mapper Not Working with jBCrypt
> ----------------------------------------------
>
> Key: ELY-1435
> URL: https://issues.jboss.org/browse/ELY-1435
> Project: WildFly Elytron
> Issue Type: Bug
> Components: Passwords
> Affects Versions: 1.0.0.Final
> Environment: Wildfly 11.0.0.Final
> Windows Server 2008
> JDK 9.0.1
> Reporter: Paul Carroll
> Priority: Minor
>
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
More information about the jboss-jira
mailing list