Re: Encryptor + AES + key size
On 17/07/2017 16:38, Colm O hEigeartaigh wrote: Yes why not. I will take care of it. What do you think about imposing a size constraint on the secret key length as well? I don't have any strong opinion WRT this, I'll trust your experience, then :-) Regards. On Mon, Jul 17, 2017 at 3:34 PM, Francesco Chicchiriccòwrote: On 17/07/2017 16:32, Colm O hEigeartaigh wrote: Hi all, When AES is used as the cipher algorithm, and if the supplied secret key length is < 16, Encryptor prints the debug message: "actualKey too short, adding some random characters" However the random characters are just 0s. I think instead we should be using some random bytes instead! Optionally we could also impose a minimum acceptable size on the secret key length, and throw an exception if it does not match this. WDYT? +1 Shall we fix this also on 1_2_X (besides 2_0_X and master)? Regards. -- Francesco Chicchiriccò Tirasa - Open Source Excellence http://www.tirasa.net/ Member at The Apache Software Foundation Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail http://home.apache.org/~ilgrosso/
Re: Encryptor + AES + key size
On 17/07/2017 16:32, Colm O hEigeartaigh wrote: Hi all, When AES is used as the cipher algorithm, and if the supplied secret key length is < 16, Encryptor prints the debug message: "actualKey too short, adding some random characters" However the random characters are just 0s. I think instead we should be using some random bytes instead! Optionally we could also impose a minimum acceptable size on the secret key length, and throw an exception if it does not match this. WDYT? +1 Shall we fix this also on 1_2_X (besides 2_0_X and master)? Regards. -- Francesco Chicchiriccò Tirasa - Open Source Excellence http://www.tirasa.net/ Member at The Apache Software Foundation Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail http://home.apache.org/~ilgrosso/
Encryptor + AES + key size
Hi all, When AES is used as the cipher algorithm, and if the supplied secret key length is < 16, Encryptor prints the debug message: "actualKey too short, adding some random characters" However the random characters are just 0s. I think instead we should be using some random bytes instead! Optionally we could also impose a minimum acceptable size on the secret key length, and throw an exception if it does not match this. WDYT? Colm. -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
[jira] [Closed] (SYNCOPE-1160) When defining the provisioning rules of a resource disable the first Previous button
[ https://issues.apache.org/jira/browse/SYNCOPE-1160?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Francesco Chicchiriccò closed SYNCOPE-1160. --- Resolution: Won't Fix Without such first Previous button, it won't be possible to change the ObjectClass to provision. Hence, the button is needed and things should stay as they are. > When defining the provisioning rules of a resource disable the first Previous > button > > > Key: SYNCOPE-1160 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1160 > Project: Syncope > Issue Type: Bug > Components: console >Affects Versions: 2.0.4 >Reporter: Filipe Silva >Priority: Minor > > When defining the provisioning rules of a resource disable the first > Previous button: > it will go to the "Specify the type of the provisioning object" that should > not be editable at that time -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (SYNCOPE-1160) When defining the provisioning rules of a resource disable the first Previous button
[ https://issues.apache.org/jira/browse/SYNCOPE-1160?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Francesco Chicchiriccò updated SYNCOPE-1160: Fix Version/s: (was: 2.0.5) (was: 2.1.0) > When defining the provisioning rules of a resource disable the first Previous > button > > > Key: SYNCOPE-1160 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1160 > Project: Syncope > Issue Type: Bug > Components: console >Affects Versions: 2.0.4 >Reporter: Filipe Silva >Priority: Minor > > When defining the provisioning rules of a resource disable the first > Previous button: > it will go to the "Specify the type of the provisioning object" that should > not be editable at that time -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Created] (SYNCOPE-1166) No propagation task is created for resources where the password is not propagated
Marco Di Sabatino Di Diodoro created SYNCOPE-1166: - Summary: No propagation task is created for resources where the password is not propagated Key: SYNCOPE-1166 URL: https://issues.apache.org/jira/browse/SYNCOPE-1166 Project: Syncope Issue Type: Bug Components: core Affects Versions: 2.0.4 Reporter: Marco Di Sabatino Di Diodoro Assignee: Marco Di Sabatino Di Diodoro Fix For: 2.0.5, 2.1.0 During a propagation, if one of the resources assigned to the user doesn't need to propagate the password but other fields, Syncope doesn't generate the task for that resource. -- This message was sent by Atlassian JIRA (v6.4.14#64029)