🟡 Update with information related to Crypto #325
Labels
Engineering
Task related to the Engineering Guide and/or pulled from the old Engineering Guide repo.
Guides
Initiative 2
Tracks work for "Improving the Maintainability of the 18F Guides and Methods"
This is a really good example from @mgwalker on an implementation he did for crypto https://github.com/CMSgov/eAPD/pull/1514/files#diff-fa6796d6a6e8c4c9fc59e6f2b82f1b6cdec0a58af443f16beb73ecb567e9af9a
I found it because I'm going through a similar experience where I'm examining some code's crypto https://gsa-tts.slack.com/archives/C02DYG8UK6E/p1634836139002600 and searching I saw another instance where bcrypt was mentioned https://gsa-tts.slack.com/archives/C8E5EJK9V/p1558377372059400 and reached out to Greg to chat about it and he let me know that the repo had moved Enterprise-CMCS/eAPD#1514 and pointed out the good example above!
User Story:
As a developer that is new to government engineering, I would like to know up front that bcrypt shouldn't be used and pbkdf2 should be used instead so that I can create code that is FIPS-140 compliant.
The text was updated successfully, but these errors were encountered: