From lucene-net-dev-return-1959-apmail-incubator-lucene-net-dev-archive=incubator.apache.org@incubator.apache.org Sun Apr 19 09:22:18 2009 Return-Path: Delivered-To: apmail-incubator-lucene-net-dev-archive@minotaur.apache.org Received: (qmail 87496 invoked from network); 19 Apr 2009 09:22:17 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 19 Apr 2009 09:22:17 -0000 Received: (qmail 47100 invoked by uid 500); 19 Apr 2009 09:22:17 -0000 Delivered-To: apmail-incubator-lucene-net-dev-archive@incubator.apache.org Received: (qmail 47009 invoked by uid 500); 19 Apr 2009 09:22:17 -0000 Mailing-List: contact lucene-net-dev-help@incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: lucene-net-dev@incubator.apache.org Delivered-To: mailing list lucene-net-dev@incubator.apache.org Received: (qmail 46991 invoked by uid 99); 19 Apr 2009 09:22:17 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 19 Apr 2009 09:22:17 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.140] (HELO brutus.apache.org) (140.211.11.140) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 19 Apr 2009 09:22:07 +0000 Received: from brutus (localhost [127.0.0.1]) by brutus.apache.org (Postfix) with ESMTP id 767FC234C004 for ; Sun, 19 Apr 2009 02:21:47 -0700 (PDT) Message-ID: <1970082803.1240132907470.JavaMail.jira@brutus> Date: Sun, 19 Apr 2009 02:21:47 -0700 (PDT) From: "Digy (JIRA)" To: lucene-net-dev@incubator.apache.org Subject: [jira] Commented: (LUCENENET-175) Add FIPS compliance to lucene.net In-Reply-To: <1364577824.1236508616194.JavaMail.jira@brutus> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 X-Virus-Checked: Checked by ClamAV on apache.org [ https://issues.apache.org/jira/browse/LUCENENET-175?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12700565#action_12700565 ] Digy commented on LUCENENET-175: -------------------------------- Hi George, Your solution also needs recompilation of the code. What about a public, static field in SupportClass such as "FIPSCompliant"? DIGY > Add FIPS compliance to lucene.net > --------------------------------- > > Key: LUCENENET-175 > URL: https://issues.apache.org/jira/browse/LUCENENET-175 > Project: Lucene.Net > Issue Type: Improvement > Environment: CLR 2.0; DOT.NET > Reporter: Torsten Rendelmann > Attachments: FIPS_COMLIANCE.patch, LUCENENET-175.rar > > Original Estimate: 0.25h > Remaining Estimate: 0.25h > > The FSDirectory.cs is the only place it have to be modified to apply FIPS compliance. > I think, changing to use a FIPS compliant algorithm in general for the NET port of lucene to calc the lock > file name is "safe" (mean: java-compat.) - the only case where I can see the > may have to use the same algorithm is if a java-lucene impl. access the > index with a writer at the same time as lucene.net - that would be rarely > the case: writing to the same index is only allowed by one writer. > First change required was to switch > private static System.Security.Cryptography.MD5 DIGESTER; to > private static readonly System.Security.Cryptography.HashAlgorithm DIGESTER; > Last change is this: > #if FIPS_COMLIANT > // use a FIPS compliant algorithm (see also http://blog.aggregatedintelligence.com/2007/10/fips-validated-cryptographic-algorithms.html ) > DIGESTER = System.Security.Cryptography.SHA1.Create(); > #else > // use the java compatible hash algorithm: > DIGESTER = System.Security.Cryptography.MD5.Create(); > #endif > I will attach the .patch to. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.