[jira] [Created] (NIFI-1476) Enforce TripleDES Keying Option validation on TDES algorithms

Andy LoPresto (JIRA) Wed, 03 Feb 2016 18:33:00 -0800

Andy LoPresto created NIFI-1476:
-----------------------------------

             Summary: Enforce TripleDES Keying Option validation on TDES 
algorithms
                 Key: NIFI-1476
                 URL: https://issues.apache.org/jira/browse/NIFI-1476
             Project: Apache NiFi
          Issue Type: Improvement
          Components: Core Framework
    Affects Versions: 0.5.0
            Reporter: Andy LoPresto
            Assignee: Andy LoPresto
            Priority: Minor
             Fix For: 0.6.0



The {{public static List<Integer> getValidKeyLengthsForAlgorithm(String 
algorithm)}} method in {{CipherUtility}} returns a constant list of {{[56, 64, 
112, 128, 168, 192]}} for all {{TRIPLEDES}} algorithms. However, some 
algorithms, such as  {{PBEWITHSHAAND2-KEYTRIPLEDES-CBC}} and 
{{PBEWITHSHAAND3-KEYTRIPLEDES-CBC}} specify the _keying option_ used in the 
algorithm, and this indicates a more restrictive key length ({{112/128}} for 
_Keying Option 2_ and {{168/192}} for _Keying Option 1_ respectively). 

Enforce this validation and add unit tests. 

[https://en.wikipedia.org/wiki/Triple_DES#Keying_options|Wikipedia - TripleDES 
Keying Options]



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Created] (NIFI-1476) Enforce TripleDES Keying Option validation on TDES algorithms

Reply via email to