Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

FIPS support #162

Open
yelabbas opened this issue Aug 31, 2020 · 6 comments
Open

FIPS support #162

yelabbas opened this issue Aug 31, 2020 · 6 comments
Labels
DCM-7010 question responded

Comments

@yelabbas
Copy link

Hi there,

We are using the "docusign-java-client" library to automate an eSignature process.
However, at runtime we face an issue due to the fact that other dependencies we are using are using FIPS version of Bouncy Castle dependency.
Can you please indicate if/how we can use FIPS Bouncy castle for this library as well?
Thanks in advance.
Youssef EL ABBASSI
@LarryKlugerDS
Copy link
Contributor

You have some options:

  1. You could rebuild the SDK yourself with the FIPS Bouncy Castle
  2. You could isolate this SDK from the rest of your app.
  3. You could call the API directly and not use this SDK. If you need JWT authentication, then you'd need to create the signed JWT yourself. DocuSign uses a standard JWT signed format.

We do not have a plan to support the FIPS Bouncy Castle library at this time.

@larrywest
Copy link

@LarryKlugerDS the primary difference seems to be only using BouncyCastleFipsProvider instead of BouncyCastleProvider ... and making both libraries <optional> dependencies, and deciding which based of the presence of BouncyCastleFipsProvider on the classpath (of course defaulting to the non-FIPS) wouldn't be a lot of code (or risk).

Is this something I should pursue contributing as a PR?

@LarryKlugerDS
Copy link
Contributor

Hi Larry,
I've passed on your issue to our SDK Product Manager.
I appreciate your offer of a PR. Unfortunately, because the SDK is machine generated by the Swagger code generator, we usually can't use a PR directly.

Your proposed solution sounds good to me but I'm not a Java guy.

If you can get it working (FIPS and current BouncyCastle) and propose a PR that would certainly be helpful, but I don't know when/if it could be integrated. That depends on the product manager and the many competing projects for very few engineering resources.

@larrywest
Copy link

@LarryKlugerDS A big thank-you for the quick response - let me know if the product manager sees a possibility here.

(PS: I'm also a happy end-user.)

@LarryKlugerDS
Copy link
Contributor

Hi @larrywest ,
I heard back from the prod mgr. Your request is on the roadmap to be investigated, but we don't have a schedule for it yet. If you have time to create PR (see my notes above), that would be helpful.
/Larry

@LarryKlugerDS
Copy link
Contributor

LarryKlugerDS commented Dec 22, 2021
edited
Loading

Internal DocuSign ticket DCM-7010. You can ask customer service to add your information to the request ticket.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
DCM-7010 question responded
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@larrywest @LarryKlugerDS @mmallis87 @yelabbas