Uploaded image for project: 'OFBiz'
  1. OFBiz
  2. OFBIZ-6494

New implementation of the two-way cryptographic services of OFBiz based on Apache Shiro

    XMLWordPrintableJSON

Details

    • New Feature
    • Status: Closed
    • Major
    • Resolution: Fixed
    • None
    • 16.11.01
    • framework
    • None

    Description

      New implementation of the two-way cryptographic services of OFBiz based on Apache Shiro:

      • two-way encryption is now delegated to Apache Shiro, with stronger initialization vectors
      • the mechanism is backward compatible
      • new tools to update the encryption of private keys, useful to upgrade older versions of OFBiz and most of all to replace old keys with new ones (this is critical to implement stronger security practices as requested by PCI)
      • unit tests

      Attachments

        Activity

          People

            jacopoc Jacopo Cappellato
            jacopoc Jacopo Cappellato
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: