Re: Supporting PKCS5S2 Password Hashing
support for PKCS5S2 is now included in the server, see https://issues.apache.org/jira/browse/DIRSERVER-1898 On Fri, Mar 22, 2013 at 8:37 PM, Kiran Ayyagari kayyag...@apache.orgwrote: if you want to implement, then 1. create a subclass of PasswordHashingInterceptor [1] supporting the said hashing mechanism 2. package it as a jar and copy it to lib directory 3. go to the entry ads-interceptorId=passwordHashingInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config 4. change the value of ads-interceptorclassname to your new class's FQCN 5. restart the server If you want to see an example implementation take a look at [2] [1] http://svn.apache.org/repos/asf/directory/apacheds/trunk/interceptors/hash/src/main/java/org/apache/directory/server/core/hash/PasswordHashingInterceptor.java [2] http://svn.apache.org/repos/asf/directory/apacheds/trunk/interceptors/hash/src/main/java/org/apache/directory/server/core/hash/Sha256PasswordHashingInterceptor.java On Fri, Mar 22, 2013 at 8:19 PM, Ashma Shrestha ashres...@crl.edu wrote: Hi, ** ** Are there any plans on implementing PKCS5S2 Password Hashing? If not can anyone provide me some pointers on how this can be implemented. ** ** Thank you. * * *Ashma Shrestha* ** ** ** ** -- Kiran Ayyagari http://keydap.com -- Kiran Ayyagari http://keydap.com
Re: Supporting PKCS5S2 Password Hashing
I'm also preparing its integration in the Password Editor of Apache Directory Studio as well. Regards, Pierre-Arnaud On 17 sept. 2013, at 11:29, Kiran Ayyagari kayyag...@apache.org wrote: support for PKCS5S2 is now included in the server, see https://issues.apache.org/jira/browse/DIRSERVER-1898 On Fri, Mar 22, 2013 at 8:37 PM, Kiran Ayyagari kayyag...@apache.org wrote: if you want to implement, then 1. create a subclass of PasswordHashingInterceptor [1] supporting the said hashing mechanism 2. package it as a jar and copy it to lib directory 3. go to the entry ads-interceptorId=passwordHashingInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config 4. change the value of ads-interceptorclassname to your new class's FQCN 5. restart the server If you want to see an example implementation take a look at [2] [1] http://svn.apache.org/repos/asf/directory/apacheds/trunk/interceptors/hash/src/main/java/org/apache/directory/server/core/hash/PasswordHashingInterceptor.java [2] http://svn.apache.org/repos/asf/directory/apacheds/trunk/interceptors/hash/src/main/java/org/apache/directory/server/core/hash/Sha256PasswordHashingInterceptor.java On Fri, Mar 22, 2013 at 8:19 PM, Ashma Shrestha ashres...@crl.edu wrote: Hi, Are there any plans on implementing PKCS5S2 Password Hashing? If not can anyone provide me some pointers on how this can be implemented. Thank you. Ashma Shrestha -- Kiran Ayyagari http://keydap.com -- Kiran Ayyagari http://keydap.com
Re: Supporting PKCS5S2 Password Hashing
Le 3/22/13 3:49 PM, Ashma Shrestha a écrit : Hi, Are there any plans on implementing PKCS5S2 Password Hashing? No. PKCS5 is a patented algorithm, owned by RSA. It's not available in the JRE. If not can anyone provide me some pointers on how this can be implemented. The only way would be to add BouncyCastle jar, and to modify the authenticator to hash the password using PKCS5. That would require some modifications in the following classes in the api-ldap-model : org.apache.directory.api.ldap.model.constants.LdapSecurityConstants org.apache.directory.api.ldap.model.password.PasswordUtil.encryptPassword() It should not take too long to implement it. -- Regards, Cordialement, Emmanuel Lécharny www.iktek.com
Re: Supporting PKCS5S2 Password Hashing
if you want to implement, then 1. create a subclass of PasswordHashingInterceptor [1] supporting the said hashing mechanism 2. package it as a jar and copy it to lib directory 3. go to the entry ads-interceptorId=passwordHashingInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config 4. change the value of ads-interceptorclassname to your new class's FQCN 5. restart the server If you want to see an example implementation take a look at [2] [1] http://svn.apache.org/repos/asf/directory/apacheds/trunk/interceptors/hash/src/main/java/org/apache/directory/server/core/hash/PasswordHashingInterceptor.java [2] http://svn.apache.org/repos/asf/directory/apacheds/trunk/interceptors/hash/src/main/java/org/apache/directory/server/core/hash/Sha256PasswordHashingInterceptor.java On Fri, Mar 22, 2013 at 8:19 PM, Ashma Shrestha ashres...@crl.edu wrote: Hi, ** ** Are there any plans on implementing PKCS5S2 Password Hashing? If not can anyone provide me some pointers on how this can be implemented. ** ** Thank you. * * *Ashma Shrestha* ** ** ** ** -- Kiran Ayyagari http://keydap.com