Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade bouncy castle version to 1.78.1 inside sechub-encryption #3275

Closed
de-jcup opened this issue Jul 4, 2024 · 0 comments · Fixed by #3254
Closed

Upgrade bouncy castle version to 1.78.1 inside sechub-encryption #3275

de-jcup opened this issue Jul 4, 2024 · 0 comments · Fixed by #3254
Assignees
@de-jcup
Labels
encryption library
Milestone
Server 2.0.0

Comments

@de-jcup
Copy link
Member

de-jcup commented Jul 4, 2024
edited
Loading

Situation

There is a newer bouncy castle version available

Solution

Upgrade to 1.78.1
@de-jcup de-jcup self-assigned this Jul 4, 2024
@de-jcup de-jcup mentioned this issue Jul 4, 2024
Merged
13 tasks
de-jcup added a commit that referenced this issue Jul 4, 2024
@de-jcup
Introduced sechub-encryption #3273 + update bouncy castle version #3275
27e9bd2 
- moved own encryption implementations into own gradle sub module
  "sechub-encryption"
- CryptoAccess class is kept in commons-core because
  there are no dependencies to bouncy castle or other
  libraries
- updated bouncy castle dependencies to 1.78.1
@de-jcup de-jcup changed the title Upgrade bouncy caslte version to 1.78.1 inside sechub-encryption Upgrade bouncy castle version to 1.78.1 inside sechub-encryption Jul 4, 2024
de-jcup added a commit that referenced this issue Aug 5, 2024
@de-jcup
SecHub data encryption #3250 (#3254)
173dc36 
* SecHub
  - described concept of data encryption #3250
  - Introduced sechub-encryption #3273 + update bouncy castle version #3275
  - encryption implementation are now inside own gradle sub module "sechub-encryption"
  - refacotred sechub encryption library #3274

  - implemented data encryption inside SecHub #3250
  - restricted access and storage, avoid using configuration when not
    absolut necessary
  - created dedicated job message which contains unencrypted configuration
    at runtime. Only one message uses this one -> clear not accidently
    used on another code location
  - created migration scripts, seperated pool id generation for h2 and
    postgres because of binary type. Also postgres will migrate old
    data automatically to NoneCipher variant (means no real encryption,
    but admin will be able to rotate keys...)
  - wrote tests
  - introduced new usecases
  - new  REST APIs introduced
  - added integration test for encryption rotation
  - added developer admin ui actions

  - auto cleanup does also auto clean old unused encryption pool data
 - Scheduler now only executes for accepted encryption pool ids #3250
  -  Updated open api file for encryption parts #3250

*  PDS 
  - implemented data encryption + documentation #3264
  - NONE is default cipher encryption, means startup possible without
  encryption 
  - summary log service shows encryption algorithm
  - handled encryption out of sync problems on PDS side and
  at SecHub side
@de-jcup de-jcup added this to the Server 2.0.0 milestone Aug 5, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@de-jcup de-jcup

Labels
encryption library
Projects
None yet
Milestone
Server 2.0.0
Development

Successfully merging a pull request may close this issue.

SecHub data encryption #3250 mercedes-benz/sechub
1 participant
@de-jcup