From: "Adam Heath" <doo...@brainfood.com>
On 04/19/2012 04:49 PM, Adam Heath wrote:
On 04/19/2012 04:28 PM, Jacques Le Roux wrote:
Looking forward for
https://issues.apache.org/jira/browse/OFBIZ-1151
https://issues.apache.org/jira/browse/OFBIZ-2729
https://issues.apache.org/jira/browse/OFBIZ-3006
2729 doesn't apply for what I am doing. Here's the list of things
that this solves:
1: salt-based UserLogin.currentPassword
(done, I have a fix for the recent issue locally)
2: salt-based CreditCard.cardNumber encrypted value
(s/b done tonight)
3: salt-based EntityKeyStore.keyText
(s/b done tonight)
4: key-encrypting-key for EntityKeyStore.keyText. The
key-encrypting-key will be available somewhere in ${ofbiz.home.dir}.
(need to read java security doco)
Also, no longer using hex-encoding for the values, but base64, as it
produces a smaller encoded value. The new salt-based password stuff
I've committed already does that.
Sounds good, long awaited "feature"...
Jacques
