Skip to content
Flag of Europe
Made in the European Union · Independently built · Released under EUPL 1.2
Documentation
Release Notes
00.71.00

00.71.00

Shipped. The credential-security stack described here is available on Maven Central as part of the 00.72.00 release line (the latest published version). Use 00.72.00 coordinates to pull it in. Usage docs: Credential Hardening and Compliance & CWE Coverage.

Released: as part of the 00.72.00 line Previous release: 00.70.00 Maven coordinates: use 00.72.00 (see Quick Start)

A fully new credential-security stack designed against Konzept-V00.71.00.md: a JDK-only PBKDF2 core, an optional BouncyCastle module adding Argon2id / bcrypt / scrypt, a real post-KDF HMAC pepper service with rotation, a persistence-neutral CredentialStore with compare-and-swap updates, an eight-state lifecycle service, atomic password change and a single-use selector/verifier reset flow.

No production API removed. The experimental PasswordHasher / Pbkdf2PasswordHasher / PasswordHash types stay in security-core so existing V00.70 callers keep compiling. The V00.71 surface is additive.

Highlights

  • 16 reactor modules — two new strictly opt-in modules: security-crypto-bc (BouncyCastle Argon2id / bcrypt / scrypt) and security-credentials-hibp (Have I Been Pwned k-anonymity checker, JDK HttpClient only).
  • No new runtime dependency in security-core — BouncyCastle and HIBP live only inside their opt-in modules. Apps that don’t use them pull in neither, and make no outbound HTTP calls.
  • No silent downgrade — requesting the modern profile without security-crypto-bc on the classpath fails fast (CWE-693).
  • Generic perimeter responses — every failure collapses to PublicFailureType.INVALID_CREDENTIALS; the differentiated internal type stays in audit sinks (CWE-203 / CWE-209).
  • Atomic everywhere — rehash, password change, status change and reset-token consumption all run through compare-and-swap (CWE-362).
  • Four new sealed AuditEvent variantsCredentialVerificationSucceeded, CredentialVerificationFailed, CredentialRehashed, CredentialStatusChanged, all wired through AuditQuery, LoggingAuditSink and a failure-swallowing CredentialAuditPublisher (CWE-778).

Phases (1a–5 complete on develop)

PhaseScope
1aJDK-only PBKDF2 core, self-describing $pwh$v=1$… envelope, sealed verification results, dummy-KDF + KDF execution limiter
1bArgon2id / bcrypt / scrypt providers in security-crypto-bc (BouncyCastle 1.78.1 lightweight API, no global JCA mutation)
2SecretValue (AutoCloseable), Unicode-aware input hygiene, real HMAC-SHA-256 pepper with rotation, calibration profiles, four new audit events
3CredentialStore (CAS), CredentialLifecycleService (state machine), PasswordChangeService, TokenDigestService (selector/verifier), PasswordResetService
4AbuseDetectionService (multi-dim sliding window), abuse-pattern monitors (stuffing / spraying / reset), ContextAwarePasswordValidator, optional PasswordHistoryService, CredentialSecurityMetrics SPI
5CompromisedPasswordChecker SPI + security-credentials-hibp; FIPS profile + SBOM / PKCS#11 HSM docs; emergency playbooks + EmergencyPolicyOverride; tenant-aware credential policies; ASVS V2 / NIST SP 800-63B / CWE traceability matrix

See Credential Hardening for the API tour.

Module structure (14 → 16)

New moduleHeadlineThird-party deps
security-crypto-bcArgon2id / bcrypt / scrypt providers, BouncyCastleHashingServices.modern(), ServiceLoader registrationorg.bouncycastle:bcprov-jdk18on:1.78.1
security-credentials-hibpHaveIBeenPwned k-anonymity online checkernone (JDK HttpClient)

security-core stays JDK-only. demo-vaadin and demo-rest are migrated to PasswordHashingService (including verifyAgainstNothing for unknown users and a blocklist pre-flight on user creation).

Standards & CWE coverage

The credential layer maps to OWASP ASVS V2, NIST SP 800-63B and 40 CWE weakness classes — see the full Compliance & CWE Coverage matrix. The three highest-coverage classes are CWE-522 (Insufficiently Protected Credentials, 50 features), CWE-327 (Broken / Risky Crypto, 35) and CWE-287 (Improper Authentication, 25).

Mutation coverage (V00.71)

ModuleLineMutationTest strengthMutations
security-core92 %87 %91 %1901/2196
security-vaadin87 %79 %92 %242/305
security-rest94 %95 %95 %86/91
security-standalone94 %97 %97 %33/34
security-processor100 %82 %82 %23/28
security-persistence-eclipsestore92 %70 %72 %231/328
security-crypto-bc (new)86 %61 %68 %110/181
security-credentials-hibp (new)67 %53 %68 %39/74

security-core rose from 86 % (1191/1381) to 87 % (1901/2196) — the V00.71 prompts added 813 mutations, of which the new test work kills ~710. The two new modules ship at a first-PIT profile (61 % / 53 %); targeted uplift is tracked for V00.72.

Migration from 00.70.00

Additive — no required change. To adopt the stack: switch creation to PasswordHashingServices.defaults() (or BouncyCastleHashingServices.modern()), verify via PasswordHashingService.verify(...) and pattern-match the sealed CredentialVerificationResult, call verifyAgainstNothing(...) for unknown users, and feed RehashDecision.Required back through CredentialStore.updateHashIfCurrent(...). The experimental pbkdf2$… wire format is not migrated (it never reached a stable consumer).

Known limitations

  • Prompt 036 (optional foreign-hash import for brownfield adoption) is deliberately deferred — not part of the V00.71 production surface.
  • demo-vaadin’s InMemoryDemoUserDirectory stays on the experimental PasswordHasher for parity with the legacy remember-me / account-lifecycle callers; a unified migration of all four lands in a follow-up.
  • The two new modules’ mutation coverage (61 % / 53 %) is first-PIT and scheduled for uplift alongside V00.72.

Build

  • Java 26+, Maven 4 via ./mvnw
  • security-crypto-bc is the only new third-party-dependency module (org.bouncycastle:bcprov-jdk18on:1.78.1)
  • ./mvnw clean install builds all 16 modules
00.70.0000.72.00