We are trying to replace bc-fips (https://www.bouncycastle.org/fips-java/)
with a JSP that is based on a cryptographic module that is 1) a native
library and 2) is certified for FIPS 140-2 (
https://csrc.nist.gov/pubs/fips/140-2/upd2/final).
A native library is faster, plus it doesn't entangle the
Hi Jim,
My branch has not been merged because it does not fully work. It's
challenging to update the code such that one can use either OpenSSL 1.1.1
or 3.0.0 or both. We might need the component split into more than one
Maven module.
The name commons-crypto might have been poorly chosen because i
Hi Apache Team,
We want to know the EOL dates for below listed maven libraries, please assist
in providing information for the same.
1. commons-io-2.11.0.jar
2. commons-beanutils-1.9.4.jar
3. antlr-2.7.7.jar
4. commons-codec-1.15.jar
5. jakarta.activation-api-2.0.1.jar
6. java
A split seems reasonable. We were amazed at how few changes you had to make
to support OpenSSL 3.x. The EVPs are very different. But it sounds like
there's more to do.
The problem with commons-codec is that it doesn't use OpenSSL or any other
FIPS-certified cryptographic module. For example, HmacU
Hi Varun,
While you may be obtaining these libraries from the "Maven Central
Repository", nearly all of them are artifacts from their respective
third-party projects. You will need to read the documentation of those
projects and/or approach those projects if you want more information.
I'll let ot
OK, I found the source of the performance hit. In the POOL-411 changes, we
had inadvertently forced every register to acquire a write lock from the
keylock. I think I also finally definitively fixed the root issue there.
The tricky bit about the numInterested tracking is that the counters are
att
