From: | ch(at)lathspell(dot)de |
---|---|
To: | pgsql-bugs(at)postgresql(dot)org |
Subject: | BUG #6434: Wishlist: SHA-512 ("$6$" salt) for crypt() |
Date: | 2012-02-06 12:16:43 |
Message-ID: | E1RuNUx-0000F1-I4@wrigleys.postgresql.org |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-bugs |
The following bug has been logged on the website:
Bug reference: 6434
Logged by: Christian Hammers
Email address: ch(at)lathspell(dot)de
PostgreSQL version: 9.1.2
Operating system: Debian GNU/Linux
Description:
The crypt() function from the pgcrypto extension is great to store and check
passwords in a format that can also be used by Linux PAM and all programming
languages that support the libc crypt() function.
Recent Linux versions started to use a crypt algorithm that is based on
SHA-512 and stores hashes in the form "$6$xxsaltxx$....." but Postgres can
only hash/verify password hashes in the old DES or the "$1$xxsaltxx$..." MD5
based format.
It would be nice if the pgcrypt extension would be extendet to support the
new SHA-256 and SHA-512 algorithms.
Further documentation on the libc implementation can be found on
http://www.akkadia.org/drepper/SHA-crypt.txt but you can probably copy it
from the OpenBSD source like you did with crypt-md5.c.
Testcase in SQL:
SELECT crypt('geheim', '$6$xxxxxxxx$');
Does give "$6C0C9PsKORBQ" but should lead to
"$6$xxxxxxxx$wuSdyeOvQXjj/nNoWnjjo.6OxUWrQFRIj019kh1cDpun6l6cpr3ywSrBprYRYZXcm4Kv9lboCEFI3GzBkdNAz/"
From | Date | Subject | |
---|---|---|---|
Next Message | desarrollo_1 | 2012-02-06 12:51:20 | BUG #6435: Problemas con la instalacion |
Previous Message | ajit.pradnyavant | 2012-02-06 11:57:28 | BUG #6433: Pg Admin Cant open |