What would it take to have the library run in FIPS-compliant environment. This question is both for the new version being developed and the latest stable legacy branch. With 1.0.9, I've ran into [1] which hardcodes working with JKS files. Java 13 (i believe) is defaulting to PKCS12 keystores (though JKS support is going nowhere). Is there any plans to isolate BC into abstraction layer so it can be replaced by BCFIPS if necessary. BC and BCFIPS are mutually exclusive, so loading BCFIPS in a JVM at bootstrap level eliminates BC from being available to consumers in that JVM.
What would it take to have the library run in FIPS-compliant environment. This question is both for the new version being developed and the latest stable legacy branch. With 1.0.9, I've ran into [1] which hardcodes working with JKS files. Java 13 (i believe) is defaulting to PKCS12 keystores (though JKS support is going nowhere). Is there any plans to isolate BC into abstraction layer so it can be replaced by BCFIPS if necessary. BC and BCFIPS are mutually exclusive, so loading BCFIPS in a JVM at bootstrap level eliminates BC from being available to consumers in that JVM.
[1] https://github.com/spring-projects/spring-security-saml/blob/1.0.9.RELEASE/core/src/main/java/org/springframework/security/saml/key/JKSKeyManager.java