lucenenet-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "George Aroush (JIRA)" <>
Subject [jira] Commented: (LUCENENET-175) Add FIPS compliance to
Date Sun, 19 Apr 2009 00:05:47 GMT


George Aroush commented on LUCENENET-175:

I like the API approach.  However, this patch, as is, a Lucene.Net user has no way to pick
between MD5 or SHA1 without a code change and compilation to pass in 'true' vs. 'false'.

How about this.  In the SupportClass, rather then passing 'false' in the call: GetHashAlgorithm(false),
why not pass true / false base on an attribute in AssemblyInfo.cs?  If the attribute is missing,
or its value isn't valid, then default to MD5.

If you agree, I suggest:

1) [assembly: AssemblyUseSHA1("false")]
2) If 'AssemblyUseSHA1' is missing or its value isn't 'true' (match case), then default to

> Add FIPS compliance to
> ---------------------------------
>                 Key: LUCENENET-175
>                 URL:
>             Project: Lucene.Net
>          Issue Type: Improvement
>         Environment: CLR 2.0; DOT.NET
>            Reporter: Torsten Rendelmann
>         Attachments: FIPS_COMLIANCE.patch, LUCENENET-175.rar
>   Original Estimate: 0.25h
>  Remaining Estimate: 0.25h
> The FSDirectory.cs is the only place it have to be modified to apply FIPS compliance.
> I think, changing to use a FIPS compliant algorithm in general for the NET port of lucene
to calc the lock
> file name is "safe" (mean: java-compat.) - the only case where I can see the
> may have to use the same algorithm is if a java-lucene impl. access the
> index with a writer at the same time as - that would be rarely
> the case: writing to the same index is only allowed by one writer.
> First change required was to switch 
> private static System.Security.Cryptography.MD5 DIGESTER; to
> private static readonly System.Security.Cryptography.HashAlgorithm DIGESTER;
> Last change is this:
> 					// use a FIPS compliant algorithm (see also
> 					DIGESTER = System.Security.Cryptography.SHA1.Create();
> #else
> 					// use the java compatible hash algorithm:
>  					DIGESTER = System.Security.Cryptography.MD5.Create();
> #endif
> I will attach the .patch to.

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message