This repository has been archived by the owner on Nov 29, 2022. It is now read-only.
FIPS support #457
Comments
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
What would it take to have the library run in FIPS-compliant environment. This question is both for the new version being developed and the latest stable legacy branch. With 1.0.9, I've ran into [1] which hardcodes working with JKS files. Java 13 (i believe) is defaulting to PKCS12 keystores (though JKS support is going nowhere). Is there any plans to isolate BC into abstraction layer so it can be replaced by BCFIPS if necessary. BC and BCFIPS are mutually exclusive, so loading BCFIPS in a JVM at bootstrap level eliminates BC from being available to consumers in that JVM.
[1] https://github.com/spring-projects/spring-security-saml/blob/1.0.9.RELEASE/core/src/main/java/org/springframework/security/saml/key/JKSKeyManager.java
The text was updated successfully, but these errors were encountered: