Hi BC Devs,
I've made few constructors and classes public so that I can conveniently use them in my application. I'm asking if you could change their visibility from default to public in the code base so that I don't have to build my own version every time when I upgrade. These changes appear not to affect any functionality. The git diff with the Dec 29 commit 6de1c17dda8ffdb19431ffcadbce1836867a27a9 is:
-- Thanks, Lou
I think that I should have explained why I need to access those functions.
* PGPPublicKeyRing, PGPSecretKeyRing
My application manages PGP key rings in a
database. When a user creates a new key, I need to create a key
ring directly from it.
I add custom signatures to keys and during debugging I need to view this information.
I use it to hash user's password because it does
salted and iterated hashing. I really
think these functions are useful to my application and please
consider making them public.
On 01/07/2018 09:09 PM, Lou Wynn wrote:
I've done the first one set. The second one is done as well but the method is simply called toArray()
I haven't done PGPUtil.makeKeyFromPassPhrase() - to be honest, there are much better ways of doing this (such as scrypt) if you are doing this because you want a to convert user passwords into a meaningful key that doesn't have to be compliant with RFC 4880, I would use something else.
Changes should appear in github shortly.
On 10/01/18 05:11, Lou Wynn wrote:
I'm glad to know that there is a scrypt
implementation in BC. Are there any recommended values for the
CPU/Memory cost parameter, block size, and parallelization
parameter in the generate() function of SCrypt?
On 01/12/2018 08:22 PM, David Hook wrote:
It sort of depends on the situation.
Section 2 of RFC 7914 does suggest a block size of 8 and a parallelization parameter of 1 (it's dated August 2016, so I wouldn't go below). The reality is what you need to choose is probably dependent partly on what your users can cope with as well and as systems normally have a lifetime of 4 to 5 years, you want to pick settings which are just at the top of the comfort zone. Bigger is safer, but on the other hand running someone out of memory will probably not be seen as a feature either. You'll need to find your own balance on that.
On 13/01/18 16:55, Lou Wynn wrote:
|Free forum by Nabble||Edit this page|