0002682: Please add support for CRYPT-SHA256, CRYPT-SHA512 and CRYPT-BLF - SOGo

ID	Project	Category	View Status	Date Submitted	Last Update

0002682	SOGo	with SOGo	public	2014-03-24 23:21	2017-05-30 19:48

Reporter	rejsmont	Assigned To	ludovic
Priority	normal	Severity	feature	Reproducibility	always
Status	resolved	Resolution	fixed
Platform	[Server] Linux	OS	Ubuntu	OS Version	12.04 LTS
Product Version	2.2.2

Summary	0002682: Please add support for CRYPT-SHA256, CRYPT-SHA512 and CRYPT-BLF
Description	Sogo includes support for CRYPT-MD5, but lacks support for more secure variants. These CRYPT variants are supported by the crypt() function that sogo uses to generate md5-crypt passwords - the only difference is the magic string which is $5$ for SHA256 and $6$ for SHA512 and $2a$ for blowfish - the coding should be trivial. I might try to make a pull request for that, but I am not that comfy with objective-C. This feature would allow to nicely integrate SoGo with PAM using secure password storage mechanisms.
Tags	No tags attached.

ludovic 2014-03-25 00:13 administrator ~0006776	Have a quick look at: https://github.com/inverse-inc/sogo/blob/master/SoObjects/SOGo/NSData%2BCrypto.m It's quite easy to add new schemes.

ludovic 2017-05-30 19:48 administrator ~0011884	Implemented all except Blowfish a while ago. No interest in Blowfish.

Date Modified	Username	Field	Change
2014-03-24 23:21	rejsmont	New Issue
2014-03-25 00:13	ludovic	Note Added: 0006776
2017-05-30 19:48	ludovic	Note Added: 0011884
2017-05-30 19:48	ludovic	Status	new => resolved
2017-05-30 19:48	ludovic	Resolution	open => fixed
2017-05-30 19:48	ludovic	Assigned To	=> ludovic