On 05/02/2012 04:48 PM, Jacques Le Roux wrote: > This is really great news Adam, thanks for the effort!
I still have a ton of testing to do; I need to clone some oldish-type ofbiz installs that have credit cards, apply my patch(s), then see what happens. > How did you finally handle the length of the salt (if it's > related/integrated in those changes)? That's separate; I'm aware of the discussions. I've got some major tweaking to HashCrypt, deprecating some stuff, and fixing all cases in the codebase. I'll be committing those separately before the kek stuff; that'll include an increase to the default salt length, and probably a way to specify min/max salt length in security.properties.
