Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix code scanning alert - tracker 3 #651

Open
1 task
kwwall opened this issue Jan 10, 2022 · 1 comment
Open
1 task

Fix code scanning alert - tracker 3 #651

kwwall opened this issue Jan 10, 2022 · 1 comment
Assignees
@kwwall

Comments

@kwwall
Copy link
Contributor

kwwall commented Jan 10, 2022

This "feature" needs to be kept for legacy reasons, but research to see if we can include some logging here.

Tracking issue for:
@kwwall kwwall self-assigned this Jan 10, 2022
@kwwall kwwall mentioned this issue Jan 10, 2022
Closed
1 task
@kwwall
Copy link
Contributor Author

kwwall commented Jul 16, 2022

Looking at this again, the simple thing would be to log something directly from CipherSpec, but I'd prefer not to tightly couple that class with the ESAPI Logger for that one item. If we make the assumption that now is using the CipherSpec class directly for encrypting / decrypting, but instead it is only used via the ESAPI Encryptor (which seems like a reasonable assumption), then it would preferred that JavaEncryptor do the logging. Will create a new GitHub issue to log ECB there.

@kwwall kwwall mentioned this issue Jul 16, 2022
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kwwall kwwall

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@kwwall