Uploaded image for project: 'OpenDJ'
  1. OpenDJ
  2. OPENDJ-3966

The Bcrypt storage scheme displays the wrong syntax Range and default for the bcrypt-cost

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 5.5.0, 4.0.0, 3.5.1, 3.5.0
    • Fix Version/s: 5.5.0
    • Component/s: config
    • Support Ticket IDs:
    • Sprint:
      OpenDJ Sprint 104

      Description

      The Bcrypt Storage Schema shows an invalid range and default value for the bcrypt-cost configuration.

      The code states the valid range is from 4 to 30, but dsconfig states the range is from 1 to 30.

          if (log_rounds < 4 || log_rounds > 30) {
            throw new IllegalArgumentException("Bad number of rounds");
          }
      
      >>>> Configuring the "bcrypt-cost" property
      
          The cost parameter specifies a key expansion iteration count as a power of
          two. A default value of 12 (2^12 iterations) is considered in 2016 as a
          reasonable balance between responsiveness and security for regular users.
      
          *Syntax:  1 <= INTEGER <= 30*
      

      dsconfig also states the default is 12, when the code states it is 10.

       * The amount of work increases exponentially (2**log_rounds), so
       * each increment is twice as much work. The default log_rounds is
       * 10, and the valid range is 4 to 30.
      
      >>>> Configuring the "bcrypt-cost" property
      
          The cost parameter specifies a key expansion iteration count as a power of
          two. A default value of *12* (2^12 iterations) is considered in 2016 as a
          reasonable balance between responsiveness and security for regular users.
      
          Syntax:  1 <= INTEGER <= 30
      
      Do you want to modify the "bcrypt-cost" property?
      
          1)  Keep the default value: *12*
          2)  Change the value
      
          ?)  help
          q)  quit
      

        Attachments

          Activity

            People

            • Assignee:
              ludo Ludovic Poitou
              Reporter:
              lee.trujillo Lee Trujillo
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: