[jboss-jira] [JBoss JIRA] (ELY-798) FIPS cipher suite security level in not used
Ondrej Kotek (JIRA)
issues at jboss.org
Mon Nov 28 09:21:00 EST 2016
Ondrej Kotek created ELY-798:
--------------------------------
Summary: FIPS cipher suite security level in not used
Key: ELY-798
URL: https://issues.jboss.org/browse/ELY-798
Project: WildFly Elytron
Issue Type: Bug
Components: SSL
Affects Versions: 1.1.0.Beta16
Reporter: Ondrej Kotek
Assignee: Darran Lofthouse
There is defined FIPS cipher suite security level name [1,2], but there are no cipher suites with such level [1]. Do we expect some cipher suites with such level to be added? Or {{(fips value == true) => FIPS security level}}?
There is is preparation for matching FIPS cipher suites [4], which is not used. {{CipherSuiteSelector}} [5,6] could offer _FIPS_ keyword to enable users to set FIPS cipher suites easily.
[1] https://github.com/wildfly-security/wildfly-elytron/blob/master/src/main/java/org/wildfly/security/ssl/MechanismDatabase.properties#L36
[2] https://github.com/wildfly-security/wildfly-elytron/blob/master/src/main/java/org/wildfly/security/ssl/SecurityLevel.java#L35
[3] https://github.com/wildfly-security/wildfly-elytron/blob/master/src/main/java/org/wildfly/security/ssl/MechanismDatabase.properties#L37
[4] https://github.com/wildfly-security/wildfly-elytron/blob/master/src/main/java/org/wildfly/security/ssl/CipherSuitePredicate.java#L338
[5] https://github.com/wildfly-security/wildfly-elytron/blob/master/src/main/java/org/wildfly/security/ssl/CipherSuiteSelector.java#L264
[6] https://github.com/wildfly-security/wildfly-elytron/blob/master/src/main/java/org/wildfly/security/ssl/CipherSuiteSelector.java#L490
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list