-
1. Re: Using the Modular Crypt Format (MCF) with Bcrypt mapper?
If you do not specify a salt-index or iteration-count-index, I believe it will assume the column is in modular crypt format and it should just work.
-
2. Re: Using the Modular Crypt Format (MCF) with Bcrypt mapper?
Seems not:
17:42:28,328 ERROR [org.jboss.as.controller.management-operation] (ServerService Thread Pool -- 3) WFLYCTL0013: Operation ("add") failed - address: ([
("subsystem" => "elytron"),
("jdbc-realm" => "DatabaseRealm")
]) - failure description: "WFLYCTL0155: 'salt-index' may not be null"
Maybe need to use a different kind of password mapper for MCF encoded passwords?
-
3. Re: Using the Modular Crypt Format (MCF) with Bcrypt mapper?
The underlying mapper definitely supports it. However, looking at the resource, it appears that the "salt-index" and "iteration-count-index" both are non-optional and have a minimum value of 1. This seems like a bug to me: the JDBC password mapper definitely allows these fields to be optional. Could you please open an issue here: JBoss Issue Tracker
-
4. Re: Using the Modular Crypt Format (MCF) with Bcrypt mapper?
There was discussion about BCrypt recently [1]. With conclusion bcrypt mapper expects Base64 format to be stored in DB.
So should be JIRA created with this two requirements?:
- make bcrypt mapper work with MCF (not only Base64)
- make bcrypt mapper work just with 1 password column (no need for salt and iteration count columns)
[1] [ELY-1435] Elytron BCrypt Mapper Not Working with jBCrypt - JBoss Issue Tracker
-
5. Re: Using the Modular Crypt Format (MCF) with Bcrypt mapper?
Added new JIRA: [ELY-1497] Support Modular Crypt Format (MCF) password in Bcrypt mapper - JBoss Issue Tracker
Please update as required.