[
https://issues.apache.org/jira/browse/NIFI-1255?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Andy LoPresto resolved NIFI-1255.
---------------------------------
Resolution: Resolved
Fix Version/s: (was: 0.6.0)
0.5.0
The issue is with the underlying BouncyCastle library. This has been mitigated
by placing custom validation controls on the `EncryptContent` processor
properties to alert the user when weak crypto combinations are selected that
would result in a vulnerable encryption process.
The underlying issue did not receive an adequate response from a posting on
Information Security Stack Exchange, the BouncyCastle mailing list, or contact
with independent cryptographers & security software engineers.
> Evaluate JCE cryptography with PBE and limited strength cryptography
> --------------------------------------------------------------------
>
> Key: NIFI-1255
> URL: https://issues.apache.org/jira/browse/NIFI-1255
> Project: Apache NiFi
> Issue Type: Bug
> Components: Core Framework
> Affects Versions: 0.4.0
> Reporter: Andy LoPresto
> Assignee: Andy LoPresto
> Labels: encryption, security
> Fix For: 0.5.0
>
> Attachments: PBE_cipher_max_password_lengths.txt
>
>
> As documented in NIFI-1242 and PR-140, there is an issue with the way we are
> providing encryption algorithms. Currently, NiFi allows the use of many AES
> ciphers with 128, 192, or 256 bit key size, regardless of the JCE Unlimited
> Strength Cryptography Policies (required for the use of AES with a key above
> 128 bits) installed.
> Java does enforce a key check, but it does this during cipher.init(), before
> the actual encryption key has been derived from the password. Instead, it
> validates the length of the **raw password**. It then derives a key of the
> correct length, regardless of the policies in place. This has been verified
> on systems without the JCE USC policies installed using OpenSSL AES-256-CBC.
> Default JRE:
> Cipher | Password length | Should Work | Does Work
> --------|-----------------|-------------|-----------
> AES-128 | <= 16 chars | YES | YES
> AES-128 | > 16 chars | YES | NO
> AES-192 | <= 16 chars | NO | YES
> AES-192 | > 16 chars | NO | NO
> AES-256 | <= 16 chars | NO | YES
> AES-256 | > 16 chars | NO | NO
> Currently (0.4.0) [~aldrin] and I created a patch which allows custom
> validation to determine if the combination of key size and password length
> will be successful if the system has limited strength cryptography. However,
> we should re-evaluate how we do password-based encryption (not to mention
> adding stronger algorithms, key-based encryption, authenticated encryption,
> etc.)
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
