lucenenet-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "George Aroush (JIRA)" <j...@apache.org>
Subject [jira] Commented: (LUCENENET-175) Add FIPS compliance to lucene.net
Date Mon, 06 Apr 2009 12:45:12 GMT

    [ https://issues.apache.org/jira/browse/LUCENENET-175?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12696062#action_12696062
] 

George Aroush commented on LUCENENET-175:
-----------------------------------------

Hi DIGY,

I might be missing something obvious.  If the algorithm is changed, will the lock file still
be compatible with Java Lucene?  That is, with this change, will I still be able to have a
Java Lucene and a Lucene.Net application concurrently accessing (read and write) a Lucene
index?  If the answer is "yes", then this change is acceptable so apply the patch, otherwise
we need to be extra careful, at least use conditional compilation or use my ealier suggestion.

Regards,

-- George

> Add FIPS compliance to lucene.net
> ---------------------------------
>
>                 Key: LUCENENET-175
>                 URL: https://issues.apache.org/jira/browse/LUCENENET-175
>             Project: Lucene.Net
>          Issue Type: Improvement
>         Environment: CLR 2.0; DOT.NET
>            Reporter: Torsten Rendelmann
>         Attachments: FIPS_COMLIANCE.patch
>
>   Original Estimate: 0.25h
>  Remaining Estimate: 0.25h
>
> The FSDirectory.cs is the only place it have to be modified to apply FIPS compliance.
> I think, changing to use a FIPS compliant algorithm in general for the NET port of lucene
to calc the lock
> file name is "safe" (mean: java-compat.) - the only case where I can see the
> may have to use the same algorithm is if a java-lucene impl. access the
> index with a writer at the same time as lucene.net - that would be rarely
> the case: writing to the same index is only allowed by one writer.
> First change required was to switch 
> private static System.Security.Cryptography.MD5 DIGESTER; to
> private static readonly System.Security.Cryptography.HashAlgorithm DIGESTER;
> Last change is this:
> #if FIPS_COMLIANT
> 					// use a FIPS compliant algorithm (see also http://blog.aggregatedintelligence.com/2007/10/fips-validated-cryptographic-algorithms.html
)
> 					DIGESTER = System.Security.Cryptography.SHA1.Create();
> #else
> 					// use the java compatible hash algorithm:
>  					DIGESTER = System.Security.Cryptography.MD5.Create();
> #endif
> I will attach the .patch to.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message