[
https://issues.apache.org/jira/browse/NIFI-1255?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15122797#comment-15122797
]
Andy LoPresto commented on NIFI-1255:
-------------------------------------
I marked this as Major instead of Blocker and moved to 0.6.0. I have had
ongoing conversations on Information Security Stack Exchange [1] and the Bouncy
Castle developer mailing lists [2] and neither has been able to satisfactorily
explain why this should not be considered an issue, but it is definitely
outside of the scope of NiFi.
[1]
http://security.stackexchange.com/questions/107321/why-does-java-allow-aes-256-bit-encryption-on-systems-without-jce-unlimited-stre
[2] http://www.bouncycastle.org/devmailarchive/msg14505.html
> Evaluate JCE cryptography with PBE and limited strength cryptography
> --------------------------------------------------------------------
>
> Key: NIFI-1255
> URL: https://issues.apache.org/jira/browse/NIFI-1255
> Project: Apache NiFi
> Issue Type: Bug
> Components: Core Framework
> Affects Versions: 0.4.0
> Reporter: Andy LoPresto
> Assignee: Andy LoPresto
> Labels: encryption, security
> Fix For: 0.6.0
>
>
> As documented in NIFI-1242 and PR-140, there is an issue with the way we are
> providing encryption algorithms. Currently, NiFi allows the use of many AES
> ciphers with 128, 192, or 256 bit key size, regardless of the JCE Unlimited
> Strength Cryptography Policies (required for the use of AES with a key above
> 128 bits) installed.
> Java does enforce a key check, but it does this during cipher.init(), before
> the actual encryption key has been derived from the password. Instead, it
> validates the length of the **raw password**. It then derives a key of the
> correct length, regardless of the policies in place. This has been verified
> on systems without the JCE USC policies installed using OpenSSL AES-256-CBC.
> Default JRE:
> Cipher | Password length | Should Work | Does Work
> --------|-----------------|-------------|-----------
> AES-128 | <= 16 chars | YES | YES
> AES-128 | > 16 chars | YES | NO
> AES-192 | <= 16 chars | NO | YES
> AES-192 | > 16 chars | NO | NO
> AES-256 | <= 16 chars | NO | YES
> AES-256 | > 16 chars | NO | NO
> Currently (0.4.0) [~aldrin] and I created a patch which allows custom
> validation to determine if the combination of key size and password length
> will be successful if the system has limited strength cryptography. However,
> we should re-evaluate how we do password-based encryption (not to mention
> adding stronger algorithms, key-based encryption, authenticated encryption,
> etc.)
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
