Closed Neustradamus closed 6 months ago
Dear @ongres team,
Have you progressed on it?
A lot of projects, softwares use other SCRAM, you can see the list here:
There is a ticket here too from @rrva:
While is technically possible and easy to add the SHA-224
and SHA-384
variants they don't have an RFC published, not even on draft, so they are not going to be added as their use would be limited anyway.
For SHA3-512
, sadly Java doesn't yet have support in SecretKeyFactory for PBKDF2WithHmacSHA3-512
maybe because it follows the algorithms from the RFC 8018, and that RFC still doesn´t have an update with SHA3-*
algorithm family, so it can't be added right now, but it could be considered in the future if there is more demand for this.
jshell> javax.crypto.SecretKeyFactory.getInstance("PBKDF2WithHmacSHA3-512");
| Exception java.security.NoSuchAlgorithmException: PBKDF2WithHmacSHA3-512 SecretKeyFactory not available
| at SecretKeyFactory.<init> (SecretKeyFactory.java:118)
| at SecretKeyFactory.getInstance (SecretKeyFactory.java:164)
| at (#3:1)
SHA-512
will be added in the next major version 3.0
@jorsol: It has been solved?
@jorsol: It has been solved?
SHA3-512 variants are not present as mentioned in an earlier comment.
@jorsol: Good job about 3.0!
Important to specify in the ticket where it has been added.
I will edit the title and create a new ticket for SCRAM-SHA3-512 and SCRAM-SHA3-512-PLUS for the future...
Dear @ongres team,
After:
Can you add supports of :
"When using the SASL SCRAM mechanism, the SCRAM-SHA-256-PLUS variant SHOULD be preferred over the SCRAM-SHA-256 variant, and SHA-256 variants [RFC7677] SHOULD be preferred over SHA-1 variants [RFC5802]".
SCRAM-SHA-1(-PLUS):
SCRAM-SHA-256(-PLUS):
SCRAM-SHA-512(-PLUS):
SCRAM-SHA3-512(-PLUS):
https://xmpp.org/extensions/inbox/hash-recommendations.html
-PLUS variants:
LDAP:
HTTP:
2FA:
IANA:
Linked to: