-
Improvement
-
Resolution: Unresolved
-
Minor
-
None
-
Version 2.431-SNAPSHOT - FIPS Compliance enabled mode - Docker - FIPS container
While creating User in FIPS activated mode, if a short password is chosen, it throws Error in console and navigates away from the user creating page. the same happens in create admin user page also. essentially there is a uncaught error as below
{{2023-10-31 03:54:39.570+0000 [id=395] WARNING h.i.i.InstallUncaughtExceptionHandler#handleException: Caught unhandled exception with ID 90fef658-8b3d-4145-990b-13f8d038d292 org.bouncycastle.crypto.fips.FipsUnapprovedOperationError: password must be at least 112 bits
at org.bouncycastle.crypto.fips.FipsPBKD$Parameters.<init>(Unknown Source)
at org.bouncycastle.crypto.fips.FipsPBKD$Parameters.<init>(Unknown Source)
at org.bouncycastle.crypto.fips.FipsPBKD$ParametersBuilder.using(Unknown Source)
at org.bouncycastle.jcajce.provider.ProvPBEPBKDF2$BasePBKDF2.engineGenerateSecret(Unknown Source)
at java.base/javax.crypto.SecretKeyFactory.generateSecret(SecretKeyFactory.java:344)
at hudson.security.HudsonPrivateSecurityRealm$PBKDF2PasswordEncoder.generateSecretKey(HudsonPrivateSecurityRealm.java:1007)
at hudson.security.HudsonPrivateSecurityRealm$PBKDF2PasswordEncoder.validatePassword(HudsonPrivateSecurityRealm.java:1044)
at hudson.security.HudsonPrivateSecurityRealm$PBKDF2PasswordEncoder.matches(HudsonPrivateSecurityRealm.java:992)
at hudson.security.HudsonPrivateSecurityRealm$MultiPasswordEncoder.matches(HudsonPrivateSecurityRealm.java:1087)
at hudson.security.HudsonPrivateSecurityRealm$Details.isPasswordCorrect(HudsonPrivateSecurityRealm.java:698)
at hudson.security.HudsonPrivateSecurityRealm.authenticate2(HudsonPrivateSecurityRealm.java:225)
at hudson.security.AbstractPasswordBasedSecurityRealm.doAuthenticate(AbstractPasswordBasedSecurityRealm.java:97)
at hudson.security.AbstractPasswordBasedSecurityRealm$Authenticator.retrieveUser(AbstractPasswordBasedSecurityRealm.java:183)
at org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:133)
at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:182)
at org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter.attemptAuthentication(UsernamePasswordAuthenticationFilter.java:85)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:231)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:221)
}}