[jira] Commented: (LUCENENET-175) Add FIPS compliance to lucene.net

Mon, 06 Apr 2009 05:45:47 -0700 

    [ 
https://issues.apache.org/jira/browse/LUCENENET-175?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12696062#action_12696062
 ] 

George Aroush commented on LUCENENET-175:
-----------------------------------------

Hi DIGY,

I might be missing something obvious.  If the algorithm is changed, will the 
lock file still be compatible with Java Lucene?  That is, with this change, 
will I still be able to have a Java Lucene and a Lucene.Net application 
concurrently accessing (read and write) a Lucene index?  If the answer is 
"yes", then this change is acceptable so apply the patch, otherwise we need to 
be extra careful, at least use conditional compilation or use my ealier 
suggestion.

Regards,

-- George

> Add FIPS compliance to lucene.net
> ---------------------------------
>
>                 Key: LUCENENET-175
>                 URL: https://issues.apache.org/jira/browse/LUCENENET-175
>             Project: Lucene.Net
>          Issue Type: Improvement
>         Environment: CLR 2.0; DOT.NET
>            Reporter: Torsten Rendelmann
>         Attachments: FIPS_COMLIANCE.patch
>
>   Original Estimate: 0.25h
>  Remaining Estimate: 0.25h
>
> The FSDirectory.cs is the only place it have to be modified to apply FIPS 
> compliance.
> I think, changing to use a FIPS compliant algorithm in general for the NET 
> port of lucene to calc the lock
> file name is "safe" (mean: java-compat.) - the only case where I can see the
> may have to use the same algorithm is if a java-lucene impl. access the
> index with a writer at the same time as lucene.net - that would be rarely
> the case: writing to the same index is only allowed by one writer.
> First change required was to switch 
> private static System.Security.Cryptography.MD5 DIGESTER; to
> private static readonly System.Security.Cryptography.HashAlgorithm DIGESTER;
> Last change is this:
> #if FIPS_COMLIANT
>                                       // use a FIPS compliant algorithm (see 
> also 
> http://blog.aggregatedintelligence.com/2007/10/fips-validated-cryptographic-algorithms.html
>  )
>                                       DIGESTER = 
> System.Security.Cryptography.SHA1.Create();
> #else
>                                       // use the java compatible hash 
> algorithm:
>                                       DIGESTER = 
> System.Security.Cryptography.MD5.Create();
> #endif
> I will attach the .patch to.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to