Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Address BouncyCastle's deprecated AESFastEngine usage #16164

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

fjacobs
Copy link

@fjacobs fjacobs commented Nov 25, 2024

@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged label Nov 25, 2024
…ngine

- Update AESEngine to use the default AES engine, following BouncyCastle's recommendations
  (see release-1-56 of changelog: https://www.bouncycastle.org/download/bouncy-castle-java/?filter=java%3Drelease-1-56).
- Migrate to the latest API 'newInstance()' method to allow removal of @SuppressWarnings("deprecation")
- Remove @SuppressWarnings("deprecation")
@sjohnr sjohnr self-assigned this Nov 26, 2024
@sjohnr sjohnr added in: crypto An issue in spring-security-crypto type: enhancement A general enhancement and removed status: waiting-for-triage An issue we've not yet triaged labels Nov 26, 2024
@sjohnr
Copy link
Member

sjohnr commented Nov 26, 2024

@fjacobs thanks for opening this. I have reviewed the release notes you referenced and agree that the recommendation in certain cases is to use AESEngine. However, I think this could be at a minimum a performance impact on applications, so I am not certain we want to apply this without considering that. I'm unfamiliar with the runtime performance characteristics of the different engines other than what is stated in the docs about three levels of performance (slow, middle, fast). Do you have a sense of what the impact of this change might be in terms of performance, or an idea of how we might best gauge that?

@sjohnr sjohnr added the status: waiting-for-feedback We need additional information before we can continue label Nov 26, 2024
@sjohnr sjohnr removed the status: waiting-for-feedback We need additional information before we can continue label Dec 18, 2024
@sjohnr
Copy link
Member

sjohnr commented Dec 18, 2024

@fjacobs do you have any thoughts regarding the above comment?

@sjohnr sjohnr added the status: waiting-for-feedback We need additional information before we can continue label Dec 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
in: crypto An issue in spring-security-crypto status: waiting-for-feedback We need additional information before we can continue type: enhancement A general enhancement
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants