lucenenet-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Torsten Rendelmann (JIRA)" <j...@apache.org>
Subject [jira] Created: (LUCENENET-175) Add FIPS comliance to lucene.net
Date Sun, 08 Mar 2009 10:36:56 GMT
Add FIPS comliance to lucene.net
--------------------------------

                 Key: LUCENENET-175
                 URL: https://issues.apache.org/jira/browse/LUCENENET-175
             Project: Lucene.Net
          Issue Type: Improvement
         Environment: CLR 2.0; DOT.NET
            Reporter: Torsten Rendelmann


The FSDirectory.cs is the only place it have to be modified to apply FIPS compliance.

I think, changing to use a FIPS compliant algorithm in general for the NET port of lucene
to calc the lock
file name is "safe" (mean: java-compat.) - the only case where I can see the
may have to use the same algorithm is if a java-lucene impl. access the
index with a writer at the same time as lucene.net - that would be rarely
the case: writing to the same index is only allowed by one writer.

First change required was to switch 
private static System.Security.Cryptography.MD5 DIGESTER; to
private static readonly System.Security.Cryptography.HashAlgorithm DIGESTER;

Last change is this:
#if FIPS_COMLIANT
					// use a FIPS compliant algorithm (see also http://blog.aggregatedintelligence.com/2007/10/fips-validated-cryptographic-algorithms.html
)
					DIGESTER = System.Security.Cryptography.SHA1.Create();
#else
					// use the java compatible hash algorithm:
 					DIGESTER = System.Security.Cryptography.MD5.Create();
#endif

I will attach the .patch to.


-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message