[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
|
Re: [dsdp-mtj-dev] RC4Engine issue
|
See below...
On May 5, 2008, at 4:32 PM, Raniere Hugo-wha006 wrote:
Hi Craig,
I'll work to enable this feature again. Assuming that we don't want to
keep compatibility to EclipseME metadata, we don't need to mimic the
same behavior we had with Bounce Castle, we can implement this feature
using any cipher available in JavaSE.
In fact, my first thought is to reuse the same encrypt/decrypt
mechanism
used by eclipse to save in system keyring. I'll evaluate if we can do
that, and if not, I will take a look at other options to encrypt the
password in project metadata file.
The bad side is that any migration wizard from eclipseME to MTJ
projects
that we can come with, will not be able to migrate the passwords, as
we've removed BC and could not mimic its behavior.
That all depends on who writes/hosts the migration functionality. If
I write it and host it, I can continue to use BouncyCastle to access
the original keystore and if you give me a good API on the MTJ side, I
can write it back out through you. I'm not yet sure this is worth it,
as it is not horribly difficult to require the password be reentered.
I would suggest that the logic gracefully handle the situation for now
and we will go from there.
Craig
