You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@lucenenet.apache.org by "Digy (JIRA)" <ji...@apache.org> on 2009/05/19 21:36:46 UTC
[jira] Closed: (LUCENENET-175) Add FIPS compliance to lucene.net
[ https://issues.apache.org/jira/browse/LUCENENET-175?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Digy closed LUCENENET-175.
--------------------------
Resolution: Fixed
Last patch applied.
DIGY
> Add FIPS compliance to lucene.net
> ---------------------------------
>
> Key: LUCENENET-175
> URL: https://issues.apache.org/jira/browse/LUCENENET-175
> Project: Lucene.Net
> Issue Type: Improvement
> Environment: CLR 2.0; DOT.NET
> Reporter: Torsten Rendelmann
> Attachments: FIPS_COMLIANCE.patch, LUCENENET-175.rar, LUCENENET-175.rar
>
> Original Estimate: 0.25h
> Remaining Estimate: 0.25h
>
> The FSDirectory.cs is the only place it have to be modified to apply FIPS compliance.
> I think, changing to use a FIPS compliant algorithm in general for the NET port of lucene to calc the lock
> file name is "safe" (mean: java-compat.) - the only case where I can see the
> may have to use the same algorithm is if a java-lucene impl. access the
> index with a writer at the same time as lucene.net - that would be rarely
> the case: writing to the same index is only allowed by one writer.
> First change required was to switch
> private static System.Security.Cryptography.MD5 DIGESTER; to
> private static readonly System.Security.Cryptography.HashAlgorithm DIGESTER;
> Last change is this:
> #if FIPS_COMLIANT
> // use a FIPS compliant algorithm (see also http://blog.aggregatedintelligence.com/2007/10/fips-validated-cryptographic-algorithms.html )
> DIGESTER = System.Security.Cryptography.SHA1.Create();
> #else
> // use the java compatible hash algorithm:
> DIGESTER = System.Security.Cryptography.MD5.Create();
> #endif
> I will attach the .patch to.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.