Open yelabbas opened 3 years ago
You have some options:
We do not have a plan to support the FIPS Bouncy Castle library at this time.
@LarryKlugerDS the primary difference seems to be only using BouncyCastleFipsProvider
instead of BouncyCastleProvider
... and making both libraries <optional>
dependencies, and deciding which based of the presence of BouncyCastleFipsProvider
on the classpath (of course defaulting to the non-FIPS) wouldn't be a lot of code (or risk).
Is this something I should pursue contributing as a PR?
Hi Larry, I've passed on your issue to our SDK Product Manager. I appreciate your offer of a PR. Unfortunately, because the SDK is machine generated by the Swagger code generator, we usually can't use a PR directly.
Your proposed solution sounds good to me but I'm not a Java guy.
If you can get it working (FIPS and current BouncyCastle) and propose a PR that would certainly be helpful, but I don't know when/if it could be integrated. That depends on the product manager and the many competing projects for very few engineering resources.
@LarryKlugerDS A big thank-you for the quick response - let me know if the product manager sees a possibility here.
(PS: I'm also a happy end-user.)
Hi @larrywest , I heard back from the prod mgr. Your request is on the roadmap to be investigated, but we don't have a schedule for it yet. If you have time to create PR (see my notes above), that would be helpful. /Larry
Internal DocuSign ticket DCM-7010. You can ask customer service to add your information to the request ticket.
Hi there,
We are using the "docusign-java-client" library to automate an eSignature process. However, at runtime we face an issue due to the fact that other dependencies we are using are using FIPS version of Bouncy Castle dependency. Can you please indicate if/how we can use FIPS Bouncy castle for this library as well? Thanks in advance. Youssef EL ABBASSI