Commits on Dec 14, 2022

1. Use PKCS5 instead of ISO10126 padding for secrets encryption …

   If Graylog is run in an FIPS environment there is no
   crypto provider available that supports "AES/CBC/ISO10126Padding".
   This is likely because this padding standard was withdrawn from ISO in
   2007.
   It is considered bad practice to leave a subliminal channel in the
   padding.
   
   We tried to workaround this by explicitly using BouncyCastle
   for the encryption/decryption.
   
   This however creates problems with Oracle Java, because
   we strip the signature off the bouncy castle jar while repackaging
   it into our Uber-Jar.
   In contrast to OpenJDK, Oracle Java does not allow the use
   of unsigned Security Providers.
   
   Solution:
   
   Change our secret encryption to using PKCS5Padding instead.
   There is a FIPS compatible provider "SunPKCS11-NSS-FIPS"
   available which supports "AES/CBC/PKCS5Padding".
   
   For backwards compatibility, we decrypt the ISO10126Padded keys
   without stripping the padding, and do that manually.
   
   Fixes #14153
   
   Refs #13525
   
   use explicit type to simplify backport
   
   Also try legacy decoding when catching a ProviderException
   
   This seems to happen with FIPS enabled OpenJDK 17
   
   Try decrypting legacy keys on any Exception
   
   improve wording on comments
   
   improve changelog

   

   mpfz0r committed Dec 14, 2022
   Configuration menu

   • View commit details
   • Copy full SHA for 115e972
   • Browse repository at this point

   Copy the full SHA

   115e972 View commit details

   Browse the repository at this point in the history