You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@accumulo.apache.org by "Hayden Marchant (JIRA)" <ji...@apache.org> on 2014/06/24 09:04:25 UTC
[jira] [Created] (ACCUMULO-2943) Usage of SecureRandom with "SUN"
as RNG provider causes lots of failures
Hayden Marchant created ACCUMULO-2943:
-----------------------------------------
Summary: Usage of SecureRandom with "SUN" as RNG provider causes lots of failures
Key: ACCUMULO-2943
URL: https://issues.apache.org/jira/browse/ACCUMULO-2943
Project: Accumulo
Issue Type: Sub-task
Affects Versions: 1.6.0
Environment: IBM JVM
Reporter: Hayden Marchant
Fix For: 1.6.1, 1.7.0
Both org.apache.accumulo.core.security.crypto.CrypoTest & org.apache.accumulo.core.file.rfile.RFileTest have lots of failures due to calls to SEcureRandom with Random Number Generator Provider hard-coded as Sun. The IBM JVM has it's own built in RNG Provider called IBMJCE. 2 issues - hard-coded calls to SecureRandom.getInstance(<algo>,"SUN") and also default value in Property class is "SUN".
Options for proposals:
1. Add mechanism to override default Property through System property through new annotator in Property class. Only usage will be by Property.CRYPTO_SECURE_RNG_PROVIDER
The default is SUN, as coded in the Property class.
Some of the unit tests explicitly call SecureRandom.getInstance() with SUN as provider. Others rely on the default value, which is SUN (and do not rely on accumulo-site.xml in which this can be overridden). For the system tests, I propose adding an override through a System property. For regular execution of accumulo, accumulo-site.xml can include the adjusted default. However, system tests will also fall on same problem.
Another solution would be to have a factory class which supplies JVM specific behaviour, such as default NRG provider - this could be used by the Property class to retrieve this value based on the System.property for java.vendor etc.....
--
This message was sent by Atlassian JIRA
(v6.2#6252)