I'm not sure that it's a good idea to allow deployers to define by
themselves the key size for AES encryption. It can lead to CAS users
choosing bad settings in terms of security.
CAS has been very successful with providing sensible defaults while
allowing deployers to modify relevant settings as needed. I think
security policy generally is an area where configuration is warranted.
What if some deployer requires 512-bit AES? Of course deployers could
shoot themselves in the foot, but that's a worthwhile if not requisite risk.
Which use cases do you have in mind ?
The case where the deployer doesn't want to use PBE to derive the key
from a passphrase. We've gone out of our way to create a deployment
environment where password-based credentials are avoided. In that view
it would be preferable to generate a key file with a high-quality random
device and reference it on the filesystem via Spring's resource abstraction.
In any case, I believe it's sufficient for the short term to simply
default to 128-bit AES and work out the details of ClearPass
configuration at a later date.
https://github.com/Jasig/cas/commit/8e2329bc01cc1b134ccb05f8c2e2874f20077904
resolves the original issue you reported.
M
--
You are currently subscribed to cas-dev@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-dev
