
1.9.2
=====
- Replaced Arrays.equals() call in StandardByteDigester with a time-constant function in order
  to enhance protection against timing attacks in unintended scenarios where parts of jasypt are
  used for matching message-authentication hashes. Note: password matching and general 
  hash matching scenarios using jasypt were NOT affected by vulnerabilities to timing attacks. 
- Modified how the EncryptableProperties objects deal with serialization, so that now they only 
  make use of the singleton encryptor registry when they are actually serialized (if they are). 
  This allows the removal of the "finalize()" method in this objects, which was causing trouble in
  some specific Java VM setups.
- Created new interface org.jasypt.salt.FixedSaltGenerator and two new implementations for it,
  org.jasypt.salt.StringFixedSaltGenerator and org.jasypt.salt.ByteArrayFixedSaltGenerator,
  deprecating old equivalents "FixedStringSaltGenerator" and "FixedByteArraySaltGenerator". This 
  new interface allows applying important performance optimizations to encryption operations when
  using fixed salt. 
- Modified UTF-8 normalization infrastructure in order to make code compile in Java 1.4.
- Updated testing-scope dependencies.


1.9.1
=====
- Fixed insufficient entropy in RandomSaltGenerator due to seeding mechanism.
- Fixed CLI scripts for Windows and CYGWIN environments. 


1.9.0
=====
- Divided old "jasypt" artifact into several modules:
  * jasypt (core)
  * jasypt-hibernate3
  * jasypt-hibernate4
  * jasypt-spring2
  * jasypt-spring3
  * jasypt-acegisecurity
  * jasypt-springsecurity2
  * jasypt-springsecurity3
  * jasypt-wicket13
  * jasypt-wicket15
- Fixed error in CLI .bat files resulting in bad processing of CLI commands
  which involved passwords containing exclamation mark symbols.
- Fixed bug in PooledPBEStringEncryptor which caused first encryptor in pool not
  use hexadecimal output type.
- Added implementation of Hashtable's "get(Object)" method to 
  org.jasypt.properties.EncryptableProperties, so that this method now performs
  decryption instead of it only being performed at "getProperty(key)".
  

1.8
===
- Small bugfixing for large BigInteger number decryption.
- Modified in-memory storage of PBE passwords to avoid having Strings in memory that contain
  the password being used. Now PBE passwords are stored as char[] objects that are zeroed as
  soon as they are used. New "setPasswordCharArray(char[] password)" methods allow users to
  specify passwords as char[] also, so that there is no need to create String passwords.
- Modified the order in which Normalizer implementations are used: now icu4j is used if it is
  in the classpath (even if Java >= 6 is being used). If icu4j is not present, java.text.Normalizer
  is used (if Java >= 6).
- Fixed CLI scripts: *.jar in "find" command was matching jar files in the current folder 
  instead of those in the lib folder. Fixed by surrounding "*.jar" by simple inverted commas.
- Added to EncryptablePropertyPlaceholderConfigurer the ability to decrypt system properties.


1.7.1
=====
- Fixed EncryptableServletContextPropertyPlaceholderConfigurer 


1.7
===
- Fixed Hibernate 3.6 compatibility.
- Removed dependencies on commons-lang and commons-codec. Jasypt can now operate
  without depedencies on JDK version >= 6.
- Added pool-based implementations of Standard digesters and PBE encryptors to improve
  performance in multiprocessor systems.  
- Created "lite" .jar package including only standard String and Byte digest and 
  encryption: no BigDecimal or BigInteger encryption, no "util" package, 
  no Spring/Hibernate/Wicket integrations, no Web PBE configuration, no CLI utils, 
  no properties encryption, no Zero salt generator.
- Added class org.jasypt.registry.AlgorithmRegistry with utility methods for 
  obtaining the names of all the available digest/PBE algorithms.
- Added "prefix" and "suffix" configuration parameters to String digesters, in order
  to add a prefix and/or suffix to all digest results (and also expect these prefixes or
  suffixes when matching existing digests).
- Added method "getInvertPositionOfSaltInMessageBeforeDigesting()" to DigesterConfig
  and "setInvertPositionOfSaltInMessageBeforeDigesting(...)" to StandardByteDigester 
  and StandardStringDigester in order to being able to append the salt after the message
  before digesting instead of the default behaviour (insert it before the message).
  This is useful for enhancing compatibility with some common LDAP password encryption
  schemes like {SSHA}.
- Added method "getInvertPositionOfPlainSaltInEncryptionResults()" to DigesterConfig
  and "setInvertPositionOfPlainSaltInEncryptionResults(...)" to StandardByteDigester 
  and StandardStringDigester in order to being able to append the plain (unhashed) 
  salt after the digest instead of the default behaviour (insert it before the digest).
  This is useful for enhancing compatibility with some common LDAP password encryption
  schemes like {SSHA}.
- Added method "getUseLenientSaltSizeCheck()" to DigesterConfig and 
  "setUseLenientSaltSizeCheck(...)" to StandardByteDigester 
  and StandardStringDigester in order to allow digesters to check digests created
  with any size of salt (not equal to the value set for the "saltSizeBytes" property).
- Added an "org.jasypt.util.password.rfc2307" package containing utility classes for
  password encryption operations according to common LDAP schemes like {MD5},
  {SHA}, {SMD5} and {SSHA}.
- Rebuilt CLI scripts: now both Windows and Linux versions can be run from outside
  the "bin" folder. New configuration parameters added.
- Added "listAlgorithms" CLI command that lists all digest and PBE algorithms
  present in the Java Virtual Machine.
- Rebuilt zip distribution package: remove unneeded "cli-bundle" and added icu4j 
  to libs.
- Added org.jasypt.spring.properties.EncryptableServletContextPropertyPlaceholderConfigurer
  as a sublass of org.springframework.web.context.support.ServletContextPropertyPlaceholderConfigurer,
  for transparent decryption of servlet context parameters (like the ones in web.xml).
- Added org.jasypt.spring.properties.EncryptablePreferencesPlaceholderConfigurer
  as a subclass of org.springframework.beans.factory.config.PreferencesPlaceholderConfigurer,
  for transparent decryption of preferences set with JDK 1.4's Preferences API.
- Added Spring Security 3 -compatible TokenBasedRememberMeServices implementation
  using a Jasypt StandardStringDigester for digesting the data signature.
  

1.6
===
- Modified Class.forName calls to use current thread's context classloader.
- Fixed JavaDoc for Spring Security -related classes.
- Added missing registerPBE*Encryptor methods in HibernatePBEEncryptorRegistry
- Added compatibility with Spring Framework 3.0.x and Spring Security 3.0.x
- Tested compatibility with Apache Wicket 1.4.x and Hibernate 3.2.x

1.5
===
- Dependency on ICU4j made optional in Java 6 environments.
- Created new versions of old ACEGI's PasswordEncoder and PBEPasswordEncoder
  for Spring Security 2.x in package org.jasypt.spring.security2.
- Random number generation algorithm can now be specified in RandomSaltGenerator.
- Fixed bug in .sh files in the bin folder. $@ did not work with inputs that
  contained spaces and had to be substituted by "$@".

1.4.1
=======
- Fixed bug in EncryptedPasswordC3P0ConnectionProvider which made decryption
  of datasource configuration not to work properly.

1.4
=======
- Added methods to Simple* and Environment* config classes for both Digesters 
  and PBEEncryptors to allow them to be configured entirely with Strings.
- Added to org.jasypt.encryption.pbe.StandardPBEByteEncryptor a workaround
  for Sun JCE's bug 4953555 (http://bugs.sun.com/view_bug.do?bug_id=4953555)   
- Added org.jasypt.properties.EncryptableProperties as a java.util.Properties
  which allows transparent decryption of encrypted property values.
- Moved org.jasypt.hibernate.ParameterNaming to 
  org.jasypt.hibernate.type.ParameterNaming.
- Added org.jasypt.hibernate.connectionprovider.EncryptedPasswordDriverManagerConnectionProvider
  and org.jasypt.hibernate.connectionprovider.EncryptedPasswordC3P0ConnectionProvider
  for allowing encrypted datasource parameters in hibernate.cfg.xml 
  files.
- Added org.jasypt.spring.properties.EncryptablePropertyPlaceholderConfigurer
  and org.jasypt.spring.properties.EncryptablePropertyOverrideConfigurer
  to allow use of encrypted .properties files from within Spring applications
  in a transparent manner.
- Package org.jasypt.springsecurity renamed as org.jasypt.spring.security, and
  deprecated classes in the old package (will be removed in 1.5).
- Added org.jasypt.salt.ZeroSaltGenerator for creating salts filled with
  "zero" bytes.
- Added org.jasypt.intf.service.JasyptStatelessService for supporting CLI
  operation and development of stateless services (like web services) for
  Jasypt.
- Added org.jasypt.intf.cli.JasyptStringDigestCLI, 
  org.jasypt.intf.cli.JasyptPBEStringEncryptionCLI and 
  org.jasypt.intf.cli.JasyptPBEStringDecryptionCLI to allow the execution of
  digest, encryption and decryption commands from the command line, useful
  for knowing which value to write in an encrypted .properties file.
- Created new zip distribution containing convenience .sh and .bat files for 
  executing CLI tools.


1.3.1
=======
- Solved configuration bug in "StandardPBEByteEncryptor.initialize()" for 
  algorithms coming from *Config objects.


1.3
=======

- DigesterConfig and PBEConfig are not Serializable anymore.
- Added provider and providerName properties to DigesterConfig and
  SimpleDigesterConfig classes.
- Added providerClassName, providerName and saltGeneratorClassName
  configuration at EnvironmentDigesterConfig.
- StandardByteDigester, StandardStringDigester, Digester, 
  and ConfigurablePasswordEncryptor can now specify the JCE security provider
  (<tt>java.security.Provider</tt> implementation) which will be asked
  for the digest algorithm.
- Added provider and providerName properties to PBEConfig and
  SimplePBEConfig classes.
- Added providerClassName, providerName and saltGeneratorClassName
  configuration at EnvironmentPBEConfig.
- StandardPBEByteEncryptor, StandardPBEStringEncryptor, 
  StandardPBEBigIntegerEncryptor and StandardPBEBigDecimalEncryptor can now 
  specify the JCE security provider (<tt>java.security.Provider</tt> 
  implementation) which will be asked for the digest algorithm.
- Created new StringDigesterConfig configuration interface for digesters,
  which extends DigesterConfig and adds parameters "unicodeNormalizationIgnored"
  and "stringOutputType". Also created new implementations 
  SimpleStringDigesterConfig and EnvironmentStringDigesterConfig.
- Added Unicode Normalization step to StandardStringDigester, and also
  capabilities to return hexadecimal-encoded digest Strings instead of only
  BASE64 ones.
- Created new StringPBEConfig configuration interface for encryptors,
  which extends PBEConfig and adds parameter "stringOutputType". Also
  created new implementations SimpleStringPBEConfig and
  EnvironmentStringPBEConfig.
- Added capabilities to return hexadecimal-endoded Strings to 
  StandardPBEStringEncryptor.
- Added capabilities to return hexadecimal-endoded Strings to 
  ConfigurablePasswordEncryptor.
- Added to HibernatePBEStringEncryptor the possibility to set the providerName,
  provider and stringOutputType parameters.
- Added providerName and stringOutputType parameters to all the String-related
  Hibernate types.
- Added package org.jasypt.web.pbeconfig for configuration of PBE encryption
  keys from webapps. Includes servlet, filter and contextlistener.
- Added WebPBEConfig and WebStringPBEConfig for configuration through the new
  web PBE config infrastructure.



1.2
=======

- Merged jasypt-hibernate and jasypt-spring-security into main jasypt trunk.
- Package org.jasypt.util refactored. 
- Created PasswordEncryptor and TextEncryptor interfaces,
  to unify both basic- and strong-encryption implementations.
  NOTE: the old org.jasypt.util classes have been DEPRECATED, and will be
  removed in jasypt 1.3.
- Added org.jasypt.util.password.ConfigurablePasswordEncryptor for a more
  configurable way of using the "easy" password encryptor.
- Added binary utils (org.jasypt.util.binary) for easy encryption of binaries.
- Added numeric encryption functionalities: new 
  StandardPBEBigIntegerEncryptor and StandardPBEBigDecimalEncryptor in the 
  org.jasypt.encryption.pbe package
- Added new org.jasypt.util.numeric package with easy utils for numeric 
  encryption.
- Refactored org.jasypt.hibernate classes into new "encryptor" and "type" 
  subpackages.
- Added HibernatePBEEncryptorRegistry support for BigInteger, BigDecimal and
  Byte encryptors
- Added Hibernate type for encryption of binaries (byte[]) into SQL BLOBs
- Added Hibernate type for encryption of BigIntegers into SQL NUMERICs.
- Added Hibernate type for encryption of BigDecimals into SQL NUMERICs.
- Added Hibernate type for encryption of Bytes into SQL VARCHARs.
- Added Hibernate type for encryption of Shorts into SQL VARCHARs.
- Added Hibernate type for encryption of Integers into SQL VARCHARs.
- Added Hibernate type for encryption of Longs into SQL VARCHARs.
- Added Hibernate type for encryption of Floats into SQL VARCHARs.
- Added Hibernate type for encryption of Doubles into SQL VARCHARs.
- Added Hibernate type for encryption of Booleans into SQL VARCHARs.
- Added Hibernate type for encryption of Dates into SQL VARCHARs.
- Added Hibernate type for encryption of Calendars into SQL VARCHARs.
- Added creation of standard encryptor in Hibernate encryptor objects
  so that setEncryptor() method becomes optional and hibernate encryptors
  can be directly configured via setPassword, setAlgorithm, etc.
- Refactored org.jasypt.springsecurity package: created new PasswordEncoder
  for use with both org.jasypt.util.password.PasswordEncryptor
  or org.jasypt.digest.StringDigester implementations.
- Created new org.jasypt.springsecurity.PBEPasswordEncoder for using
  org.jasypt.util.text.TextEncryptor or 
  org.jasypt.pbe.encryptor.PBEStringEncryptor from ACEGI Security.
- Created new salt generation infrastructure, making different implementations
  of salt generation possible (including fixed salt).
  

1.1
=======

- Added the ACEGI (Spring Security) integration add-on 
  (org.jasypt.springsecurity)
- Added org.jasypt.util.StrongPasswordEncryptor as a util class for
  easy password encryption using a stronger algorithm.
- Added org.jasypt.util.MessageDigester as a util class for
  creating simple binary message digests.
- Added org.jasypt.digest.config.EnvironmentDigesterConfig and
  org.jasypt.encryption.pbe.config.EnvironmentPBEConfig for configuration
  of encryptors and digesters using environment variables and system properties.
- Objects of class org.jasypt.util.PasswordEncryptor now initialize their
  internal StandardStringDigester at instance creation.
- Made org.jasypt.digest.config.DigesterConfig and 
  org.jasypt.encryption.pbe.config.PBEConfig extend java.io.Serializable

1.0
=======
- First release of jasypt
