Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.

Bug 329442

Summary: Update JCEEcnryptor to use AES instead of DES
Product: z_Archived Reporter: Guy Pelletier <guy.pelletier>
Component: EclipselinkAssignee: Guy Pelletier <guy.pelletier>
Status: RESOLVED FIXED QA Contact:
Severity: normal    
Priority: P3 CC: eclipselink.foundation-inbox
Version: unspecified   
Target Milestone: ---   
Hardware: PC   
OS: Windows XP   
Whiteboard:
Attachments:
Description Flags
Proposed changes none

Description Guy Pelletier CLA 2010-11-04 11:02:24 EDT 
To provide better security out of the box, our current JCE encryption should be upgraded to use to the newer and more secure AES algorithm rather than the older DES algorithm currently being used.
Comment 1 Guy Pelletier CLA 2010-11-04 11:40:49 EDT 
Created attachment 182387 [details]
Proposed changes
Comment 2 Guy Pelletier CLA 2010-11-04 12:00:49 EDT 
Changes have been submitted.

Reviewed by: David Minsky

Tests: existing session.xml tests that read and write passwords continue to pass, along with the core SRG and JPA full regression and extended tests.
Comment 3 Eclipse Webmaster CLA 2022-06-09 10:04:58 EDT 
The Eclipselink project has moved to Github: https://github.com/eclipse-ee4j/eclipselink