[jira] [Updated] (NIFI-1476) Enforce TripleDES Keying Option validation on TDES algorithms

Andy LoPresto (JIRA) Mon, 07 Mar 2016 09:59:14 -0800

     [ 
https://issues.apache.org/jira/browse/NIFI-1476?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Andy LoPresto updated NIFI-1476:
--------------------------------
    Fix Version/s:     (was: 0.6.0)

> Enforce TripleDES Keying Option validation on TDES algorithms
> -------------------------------------------------------------
>
>                 Key: NIFI-1476
>                 URL: https://issues.apache.org/jira/browse/NIFI-1476
>             Project: Apache NiFi
>          Issue Type: Improvement
>          Components: Core Framework
>    Affects Versions: 0.5.0
>            Reporter: Andy LoPresto
>            Assignee: Andy LoPresto
>            Priority: Minor
>              Labels: encryption, security
>   Original Estimate: 24h
>  Remaining Estimate: 24h
>
> The {{public static List<Integer> getValidKeyLengthsForAlgorithm(String 
> algorithm)}} method in {{CipherUtility}} returns a constant list of {{[56, 
> 64, 112, 128, 168, 192]}} for all {{TRIPLEDES}} algorithms. However, some 
> algorithms, such as  {{PBEWITHSHAAND2-KEYTRIPLEDES-CBC}} and 
> {{PBEWITHSHAAND3-KEYTRIPLEDES-CBC}} specify the _keying option_ used in the 
> algorithm, and this indicates a more restrictive key length ({{112/128}} for 
> _Keying Option 2_ and {{168/192}} for _Keying Option 1_ respectively). 
> Enforce this validation and add unit tests. 
> [https://en.wikipedia.org/wiki/Triple_DES#Keying_options|Wikipedia - 
> TripleDES Keying Options]



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (NIFI-1476) Enforce TripleDES Keying Option validation on TDES algorithms

Reply via email to