[jitsi-users] ENCRYPTED_PASSWORD hash


#1

What encryption algorithm is Jitsi using when it stores the ENCRYPTED_PASSWORD hashes in sip-communicator.properties?

Thank you!


#2

AES256 if available, AES128 otherwise. The key is derived from the master-password with PBKDF2WithHmacSHA1.
If no master-password is set, a space is used as the master-pw instead.

https://github.com/jitsi/jitsi/blob/master/src/net/java/sip/communicator/impl/credentialsstorage/AESCrypto.java

Freundliche Grüsse,
Ingo Bauersachs

-- sent from my mobile

···

Le 14.01.2014 à 06:05, "Aaron Dixon" <aaron.dixon@ssdcservices.com> a écrit :

What encryption algorithm is Jitsi using when it stores the ENCRYPTED_PASSWORD hashes in sip-communicator.properties?

Thank you!
_______________________________________________
users mailing list
users@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/users


#3

Ingo, how does Jitsi determine whether to encrypt the passwords with AES 128 or 256? What do you by “if available”?

Our users are running Windows 7.

Aaron Dixon | IT Specialist | SSDC Services

···

Office: 248-277-9304 | Cell: 248-935-7353 | aaron.dixon@ssdcservices.com<mailto:aaron.dixon@ssdcservices.com>

From: users-bounces@jitsi.org [mailto:users-bounces@jitsi.org] On Behalf Of Ingo Bauersachs
Sent: Tuesday, January 14, 2014 2:13 AM
To: Jitsi Users
Subject: Re: [jitsi-users] ENCRYPTED_PASSWORD hash

AES256 if available, AES128 otherwise. The key is derived from the master-password with PBKDF2WithHmacSHA1.
If no master-password is set, a space is used as the master-pw instead.

https://github.com/jitsi/jitsi/blob/master/src/net/java/sip/communicator/impl/credentialsstorage/AESCrypto.java
Freundliche Grüsse,
Ingo Bauersachs

-- sent from my mobile

Le 14.01.2014 à 06:05, "Aaron Dixon" <aaron.dixon@ssdcservices.com<mailto:aaron.dixon@ssdcservices.com>> a écrit :
What encryption algorithm is Jitsi using when it stores the ENCRYPTED_PASSWORD hashes in sip-communicator.properties?

Thank you!
_______________________________________________
users mailing list
users@jitsi.org<mailto:users@jitsi.org>
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/users


#4

Ingo, how does Jitsi determine whether to encrypt the passwords with AES 128
or 256? What do you by “if available”?

It tries the ciphers available from the JRE it runs on.

Our users are running Windows 7.

As far as I remember JDK7 supports AES256 and therefore this would be used.

Aaron Dixon | IT Specialist | SSDC Services

Ingo