OpenSearch

Commit Graph

Author	SHA1	Message	Date
Ioannis Kakavas	475752be75	Make plugin verification FIPS 140 compliant (#44266 ) This change makes the process of verifying the signature of official plugins FIPS 140 compliant by defaulting to use the BouncyCastle FIPS provider and adding a dependency to bcpg-fips that implement parts of openPGP in a FIPS compliant manner. In already FIPS 140 enabled environments that use the BouncyCastle FIPS provider, the bcfips dependency is redundant but doesn't cause an issue as it will be added only in the classpath of the cli-tools This is a backport of #44224	2019-07-12 14:34:15 +03:00

Author

SHA1

Message

Date

Ioannis Kakavas

475752be75

Make plugin verification FIPS 140 compliant (#44266 )

This change makes the process of verifying the signature of
official plugins FIPS 140 compliant by defaulting to use the
BouncyCastle FIPS provider and adding a dependency to bcpg-fips
that implement parts of openPGP in a FIPS compliant manner.

In already FIPS 140 enabled environments that use the 
BouncyCastle FIPS provider, the bcfips dependency is redundant
but doesn't cause an issue as it will be added only in the classpath
 of the cli-tools

This is a backport of #44224

2019-07-12 14:34:15 +03:00

1 Commits