Alexey, Igor, thank you for your replies. I've found one more usage at Java side: It is Amazon AWS S3 Client-side encryption: https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingClientSideEncryption.html
See code at: https://github.com/apache/ignite/blob/master/modules/aws/src/main/java/org/apache/ignite/spi/discovery/tcp/ipfinder/s3/encrypt/package-info.java It was contributed under https://issues.apache.org/jira/browse/IGNITE-7054 Sincerely, Dmitriy Pavlov сб, 15 июн. 2019 г. в 00:57, Denis Magda <[email protected]>: > Alex, Igor, thanks for the details. Looks good. > > *Pavel Tupitsyn, Aleksandr Shapkin,* could you please help with .NET? > > - > Denis > > > On Thu, Jun 13, 2019 at 2:08 AM Igor Sapego <[email protected]> wrote: > > > Denis, > > > > C++ thin client and ODBC use OpenSSL to establish secure connection with > > the cluster and do not contain any crypto algorithms in their own code. > > > > Best Regards, > > Igor > > > > > > On Thu, Jun 13, 2019 at 12:56 AM Alexey Kosenchuk < > > [email protected]> wrote: > > > >> Hi Denis, > >> > >> Info about Python, PHP, Node.JS thin clients: > >> > >> The clients itself do not contain any cryptographic code but use the > >> features provided by the underlying platforms. > >> > >> Python client uses Python's SSL lib [1] which is a wrapper over OpenSSL > >> [2]. > >> Python 2.7 and Python 3.4 require OpenSSL 1.0, Python 3.5 and higher > >> require OpenSSL 1.1. > >> > >> NodeJS client uses NodeJS's tls module [3] which is a wrapper over > >> OpenSSL [2]. > >> NodeJS 8.x requires OpenSSL 1.0, NodeJS 10.x and higher require OpenSSL > >> 1.1. > >> > >> PHP client uses PHP OpenSSL extension [4]. > >> PHP 7.2 and higher require OpenSSL 1.0. > >> > >> [1] https://docs.python.org/3/library/ssl.html > >> [2] https://www.openssl.org/ > >> [3] https://nodejs.org/api/tls.html > >> [4] https://www.php.net/manual/en/book.openssl.php > >> > >> Regards, > >> -Alexey > >> > >> > Igniters, > >> > > >> > Regardless of the fact that Ignite is an open source software, ASF as > >> an > >> > entity based in the U.S. has to comply with certain exporting > >> > regulations [1]. > >> > > >> > Dmitry Pavlov and I are working on adding Ignite to the table [2] of > >> > projects allowed for export and might need the assistance of some of > >> you. > >> > > >> > Here is a list of cryptographic functions used by Ignite (and provided > >> > by a 3rd party vendor): > >> > > >> > 1. JDK SSL/TLS libraries if a user wishes to enable secured > >> > connectivity between cluster nodes. Manufacturer - Oracle/OpenJDK > >> > (https://apacheignite.readme.io/docs/ssltls) > >> > 2. JDK AES/CBC/PKCS5Padding encryption from the Java libraries for > >> > transparent data encryption of data on disk > >> > (https://apacheignite.readme.io/docs/transparent-data-encryption) > >> > 3. Libraries/vendors for .NET nodes security?*Pavel Tupitsyn*, could > >> > you check? > >> > 4. Libraries/vendors for C++ clients security (SSL, TLS, anything > >> > else?). *Igor Sapego*, could you please check? > >> > 5. Libraries/vendors for Python, PHP, Node.JS SSL/TLS? *Dear thin > >> > client contributors*, please facilitate. > >> > 6. Anything else missing from the list? We don't have any custom > crypto > >> > features, right? > >> > > >> > All of these usages/integrations have to comply with the following > >> > checklist [3] before I, as a PMC Chair, submit a notice to Export > >> > Administration Regulations of the U.S.A. > >> > > >> > [1] http://www.apache.org/licenses/exports/ > >> > [2] http://www.apache.org/licenses/exports/#matrix > >> > [3] https://www.apache.org/dev/crypto.html#classify > >> > > >> > > >> > - > >> > Denis > >> > > >
