7
Changes from 1.6 to 1.7
9
* Fixed Hibernate 3.6 compatibility.
11
* Removed dependencies on commons-lang and commons-codec. Jasypt can now operate
12
without depedencies on JDK version >= 6.
14
* Added pool-based implementations of Standard digesters and PBE encryptors to improve
15
performance in multiprocessor systems.
17
* Created "lite" .jar package including only standard String and Byte digest and
18
encryption: no BigDecimal or BigInteger encryption, no "util" package,
19
no Spring/Hibernate/Wicket integrations, no Web PBE configuration, no CLI utils,
20
no properties encryption, no Zero salt generator.
22
* Added class org.jasypt.registry.AlgorithmRegistry with utility methods for
23
obtaining the names of all the available digest/PBE algorithms.
25
* Added "prefix" and "suffix" configuration parameters to String digesters, in order
26
to add a prefix and/or suffix to all digest results (and also expect these prefixes or
27
suffixes when matching existing digests).
29
* Added method "getInvertPositionOfSaltInMessageBeforeDigesting()" to DigesterConfig
30
and "setInvertPositionOfSaltInMessageBeforeDigesting(...)" to StandardByteDigester
31
and StandardStringDigester in order to being able to append the salt after the message
32
before digesting instead of the default behaviour (insert it before the message).
33
This is useful for enhancing compatibility with some common LDAP password encryption
36
* Added method "getInvertPositionOfPlainSaltInEncryptionResults()" to DigesterConfig
37
and "setInvertPositionOfPlainSaltInEncryptionResults(...)" to StandardByteDigester
38
and StandardStringDigester in order to being able to append the plain (unhashed)
39
salt after the digest instead of the default behaviour (insert it before the digest).
40
This is useful for enhancing compatibility with some common LDAP password encryption
43
* Added method "getUseLenientSaltSizeCheck()" to DigesterConfig and
44
"setUseLenientSaltSizeCheck(...)" to StandardByteDigester
45
and StandardStringDigester in order to allow digesters to check digests created
46
with any size of salt (not equal to the value set for the "saltSizeBytes" property).
48
* Added an "org.jasypt.util.password.rfc2307" package containing utility classes for
49
password encryption operations according to common LDAP schemes like {MD5},
50
{SHA}, {SMD5} and {SSHA}.
52
* Rebuilt CLI scripts: now both Windows and Linux versions can be run from outside
53
the "bin" folder. New configuration parameters added.
55
* Added "listAlgorithms" CLI command that lists all digest and PBE algorithms
56
present in the Java Virtual Machine.
58
* Rebuilt zip distribution package: remove unneeded "cli-bundle" and added icu4j
61
* Added org.jasypt.spring.properties.EncryptableServletContextPropertyPlaceholderConfigurer
62
as a sublass of org.springframework.web.context.support.ServletContextPropertyPlaceholderConfigurer,
63
for transparent decryption of servlet context parameters (like the ones in web.xml).
65
* Added org.jasypt.spring.properties.EncryptablePreferencesPlaceholderConfigurer
66
as a subclass of org.springframework.beans.factory.config.PreferencesPlaceholderConfigurer,
67
for transparent decryption of preferences set with JDK 1.4's Preferences API.
69
* Added Spring Security 3 -compatible TokenBasedRememberMeServices implementation
70
using a Jasypt StandardStringDigester for digesting the data signature.
74
Changes from 1.5 to 1.6
76
* Modified Class.forName calls to use current thread's context classloader.
78
* Fixed JavaDoc for Spring Security -related classes.
80
* Added missing registerPBE*Encryptor methods in HibernatePBEEncryptorRegistry
82
* Added compatibility with Spring Framework 3.0.x and Spring Security 3.0.x
84
* Tested compatibility with Apache Wicket 1.4.x and Hibernate 3.2.x
87
Changes from 1.4.1 to 1.5
89
* Dependency on ICU4j made optional in Java 6 environments.
91
* Created new versions of old ACEGI's PasswordEncoder and PBEPasswordEncoder
92
for Spring Security 2.x in package org.jasypt.spring.security2.
94
* Random number generation algorithm can now be specified in RandomSaltGenerator.
96
* Fixed bug in .sh files in the bin folder. $@ did not work with inputs that
97
contained spaces and had to be substituted by "$@".
100
Changes from 1.4 to 1.4.1
102
* Fixed bug in <<<EncryptedPasswordC3P0ConnectionProvider>>> which made decryption
103
of datasource configuration not to work properly.
106
Changes from 1.3.1 to 1.4
108
* Added methods to Simple* and Environment* config classes for both Digesters
109
and PBEEncryptors to allow them to be configured entirely with Strings.
111
* Added to org.jasypt.encryption.pbe.StandardPBEByteEncryptor a workaround
112
for Sun JCE's bug 4953555 (http://bugs.sun.com/view_bug.do?bug_id=4953555).
114
* Added org.jasypt.properties.EncryptableProperties as a java.util.Properties
115
which allows transparent decryption of encrypted property values.
117
* Moved org.jasypt.hibernate.ParameterNaming to
118
org.jasypt.hibernate.type.ParameterNaming.
120
* Added org.jasypt.hibernate.connectionprovider.EncryptedPasswordDriverManagerConnectionProvider
121
and org.jasypt.hibernate.connectionprovider.EncryptedPasswordC3P0ConnectionProvider
122
for allowing encrypted datasource parameters in hibernate.cfg.xml
125
* Added org.jasypt.spring.properties.EncryptablePropertyPlaceholderConfigurer
126
and org.jasypt.spring.properties.EncryptablePropertyOverrideConfigurer
127
to allow use of encrypted .properties files from within Spring applications
128
in a transparent manner.
130
* Package org.jasypt.springsecurity renamed as org.jasypt.spring.security, and
131
deprecated classes in the old package (will be removed in 1.5).
133
* Added org.jasypt.salt.ZeroSaltGenerator for creating salts filled with
136
* Added org.jasypt.intf.service.JasyptStatelessService for supporting CLI
137
operation and development of stateless services (like web services) for
140
* Added org.jasypt.intf.cli.JasyptStringDigestCLI,
141
org.jasypt.intf.cli.JasyptPBEStringEncryptionCLI and
142
org.jasypt.intf.cli.JasyptPBEStringDecryptionCLI to allow the execution of
143
digest, encryption and decryption commands from the command line, useful
144
for knowing which value to write in an encrypted .properties file.
146
* Created new zip distribution containing convenience .sh and .bat files for
150
Changes from 1.3 to 1.3.1
152
* Solved configuration bug in "StandardPBEByteEncryptor.initialize()" for
153
algorithms coming from *Config objects.
156
Changes from 1.2 to 1.3
158
* A new open provider
159
API which will allow the use of non-default JCE providers like
160
{{{http://www.bouncycastle.org}Bouncy Castle}}. With this, any
161
PBE or digest algorithm you can get from any JCE provider is available
162
for you to use with Jasypt.
164
* A new web PBE configuration system for avoiding storing encryption
165
passwords in files in web applications, and instead asking the
166
authorised admin for these passwords through a web form each time
167
the application is deployed.
169
* Ability to output Strings encoded in hexadecimal besides BASE64.
171
Changes from 1.1 to 1.2
173
* <<Merged jasypt-hibernate and jasypt-spring-security into main jasypt trunk>>.
175
* Numeric encryption functionalities:
177
* New <<<StandardPBEBigIntegerEncryptor>>> and
178
<<<StandardPBEBigDecimalEncryptor>>> in the
179
<<<org.jasypt.encryption.pbe>>> package.
181
* Salt generation functionalities:
183
* Created new salt generation infrastructure, making different
184
implementations of salt generation possible (including fixed salt).
185
Jasypt now provides three implementations: secure random salt, fixed
186
byte[]-based salt and fixed String-based salt.
190
* Refactored util package (<<<org.jasypt.util>>>) into
191
several subpackages: <<<binary>>>, <<<digest>>>, <<<numeric>>>,
192
<<<password>>> and <<<text>>>.
194
* Created <<<PasswordEncryptor>>> and <<<TextEncryptor>>> interfaces,
195
to unify both basic- and strong-encryption implementations.
196
<NOTE: the old org.jasypt.util classes have been DEPRECATED, and will be
197
removed in jasypt 1.3.>
199
* Added <<<org.jasypt.util.password.ConfigurablePasswordEncryptor>>> for a more
200
configurable way of using the "easy" password encryptor.
202
* Added binary utils (<<<org.jasypt.util.binary>>>) for easy encryption of
205
* Added new <<<org.jasypt.util.numeric>>> package with easy utils for numeric
208
* Hibernate integration:
210
* Refactored <<<org.jasypt.hibernate>>> package into new <<<encryptor>>> and
211
<<<type>>> subpackages.
212
<NOTE: the old org.jasypt.hibernate classes have been DEPRECATED, and will be
213
removed in jasypt 1.3.>
215
* Added <<<HibernatePBEEncryptorRegistry>>> support for <<<BigInteger>>>,
216
<<<BigDecimal>>> and <<<Byte>>> encryptors.
218
* Added creation of standard encryptor in Hibernate encryptor objects
219
so that <<<setEncryptor()>>> method becomes optional and hibernate encryptors
220
can be directly configured via <<<setPassword()>>>, <<<setAlgorithm()>>>, etc.
222
* Added Hibernate type for encryption of binaries (byte[]) into SQL BLOBs.
224
* Added Hibernate type for encryption of BigIntegers into SQL NUMERICs.
226
* Added Hibernate type for encryption of BigDecimals into SQL NUMERICs.
228
* Added Hibernate type for encryption of Bytes into SQL VARCHARs.
230
* Added Hibernate type for encryption of Shorts into SQL VARCHARs.
232
* Added Hibernate type for encryption of Integers into SQL VARCHARs.
234
* Added Hibernate type for encryption of Longs into SQL VARCHARs.
236
* Added Hibernate type for encryption of Floats into SQL VARCHARs.
238
* Added Hibernate type for encryption of Doubles into SQL VARCHARs.
240
* Added Hibernate type for encryption of Booleans into SQL VARCHARs.
242
* Added Hibernate type for encryption of Dates into SQL VARCHARs.
244
* Added Hibernate type for encryption of Calendars into SQL VARCHARs.
246
* Spring Security (ACEGI) integration:
248
* Refactored <<<org.jasypt.springsecurity>>> package: created new
249
<<<PasswordEncoder>>> class for use with both
250
<<<org.jasypt.util.password.PasswordEncryptor>>>
251
or <<<org.jasypt.digest.StringDigester>>> implementations.
252
<NOTE: the old org.jasypt.springsecurity classes have been DEPRECATED, and will be
253
removed in jasypt 1.3.>
255
* Created new <<<org.jasypt.springsecurity.PBEPasswordEncoder>>> for using
256
<<<org.jasypt.util.text.TextEncryptor>>> or
257
<<<org.jasypt.pbe.encryptor.PBEStringEncryptor>>> from ACEGI Security
258
(bi-directional encryption of passwords).
262
Changes from 1.0 to 1.1
264
* [jasypt-spring-security] Added the {{{http://www.acegisecurity.org}Spring Security (Acegi Security)}} integration module.
266
* [jasypt] Added <<<org.jasypt.util.StrongPasswordEncryptor>>> as a <util> class for
267
easy password encryption using a stronger algorithm.
269
* [jasypt] Added <<<org.jasypt.util.MessageDigester>>> as a <util> class for
270
creating simple binary message digests.
272
* [jasypt] Added <<<org.jasypt.digest.config.EnvironmentDigesterConfig>>> and
273
<<<org.jasypt.encryption.pbe.config.EnvironmentPBEConfig>>> for configuration
274
of encryptors and digesters using environment variables and system properties.
276
* [jasypt] Objects of class <<<org.jasypt.util.PasswordEncryptor>>> now initialize their
277
internal <<<StandardStringDigester>>> at instance creation.
279
* [jasypt] Made <<<org.jasypt.digest.config.DigesterConfig>>> and
280
<<<org.jasypt.encryption.pbe.config.PBEConfig>>> extend <<<java.io.Serializable>>>
b'\\ No newline at end of file'