[jboss-jira] [JBoss JIRA] (ELY-1605) ELY05016: Unrecognized token for CCM mode cipher suites.
Martin Choma (JIRA)
issues at jboss.org
Tue Jul 3 08:47:00 EDT 2018
[ https://issues.jboss.org/browse/ELY-1605?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13600134#comment-13600134 ]
Martin Choma commented on ELY-1605:
-----------------------------------
This brings up bigger question. I know there was discussed we should revise/update database and defaults with each release. But I can't find any such blocker JIRA. Should I create one?
> ELY05016: Unrecognized token for CCM mode cipher suites.
> --------------------------------------------------------
>
> Key: ELY-1605
> URL: https://issues.jboss.org/browse/ELY-1605
> Project: WildFly Elytron
> Issue Type: Bug
> Components: SSL
> Affects Versions: 1.3.3.Final
> Reporter: Martin Choma
> Priority: Critical
>
> {code}
> /subsystem=elytron/server-ssl-context=a:add(cipher-suite-filter="TLS_RSA_WITH_AES_256_CCM,TLS_RSA_WITH_AES_128_CCM")
> {
> "outcome" => "failed",
> "failure-description" => "WFLYELY01017: Invalid value for cipher-suite-filter. ELY05016: Unrecognized token \"TLS_RSA_WITH_AES_256_CCM\" in mechanism selection string \"TLS_RSA_WITH_AES_256_CCM,TLS_RSA_WITH_AES_128_CCM\"",
> "rolled-back" => true
> }
> {code}
> This is probably simply because MechanismDatabase.properties does not know CCM cipher suites.
> Marking as Critical because both of ciphersuites from reproducer are listed as FIPS cipher suites for FIPS BC TLS [1]
> [1] https://downloads.bouncycastle.org/fips-java/BC-FJA-(D)TLSUserGuide-1.0.5.pdf
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
More information about the jboss-jira
mailing list