On 04/19/2012 04:49 PM, Adam Heath wrote: > On 04/19/2012 04:28 PM, Jacques Le Roux wrote: >> Looking forward for >> https://issues.apache.org/jira/browse/OFBIZ-1151 >> https://issues.apache.org/jira/browse/OFBIZ-2729 >> https://issues.apache.org/jira/browse/OFBIZ-3006 > > 2729 doesn't apply for what I am doing. Here's the list of things > that this solves: > > 1: salt-based UserLogin.currentPassword > (done, I have a fix for the recent issue locally) > 2: salt-based CreditCard.cardNumber encrypted value > (s/b done tonight) > 3: salt-based EntityKeyStore.keyText > (s/b done tonight) > 4: key-encrypting-key for EntityKeyStore.keyText. The > key-encrypting-key will be available somewhere in ${ofbiz.home.dir}. > (need to read java security doco)
Also, no longer using hex-encoding for the values, but base64, as it produces a smaller encoded value. The new salt-based password stuff I've committed already does that.