You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@nifi.apache.org by "Andy LoPresto (JIRA)" <ji...@apache.org> on 2016/02/04 03:32:40 UTC
[jira] [Created] (NIFI-1476) Enforce TripleDES Keying Option
validation on TDES algorithms
Andy LoPresto created NIFI-1476:
-----------------------------------
Summary: Enforce TripleDES Keying Option validation on TDES algorithms
Key: NIFI-1476
URL: https://issues.apache.org/jira/browse/NIFI-1476
Project: Apache NiFi
Issue Type: Improvement
Components: Core Framework
Affects Versions: 0.5.0
Reporter: Andy LoPresto
Assignee: Andy LoPresto
Priority: Minor
Fix For: 0.6.0
The {{public static List<Integer> getValidKeyLengthsForAlgorithm(String algorithm)}} method in {{CipherUtility}} returns a constant list of {{[56, 64, 112, 128, 168, 192]}} for all {{TRIPLEDES}} algorithms. However, some algorithms, such as {{PBEWITHSHAAND2-KEYTRIPLEDES-CBC}} and {{PBEWITHSHAAND3-KEYTRIPLEDES-CBC}} specify the _keying option_ used in the algorithm, and this indicates a more restrictive key length ({{112/128}} for _Keying Option 2_ and {{168/192}} for _Keying Option 1_ respectively).
Enforce this validation and add unit tests.
[https://en.wikipedia.org/wiki/Triple_DES#Keying_options|Wikipedia - TripleDES Keying Options]
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)