[GitHub] [pulsar] nodece commented on a diff in pull request #20542: [improve][broker, client] Fixing BC FIPS based payload encryption

[via GitHub]

nodece commented on code in PR #20542:
URL: https://github.com/apache/pulsar/pull/20542#discussion_r1228906227


##########
pulsar-client-messagecrypto-bc/src/main/java/org/apache/pulsar/client/impl/crypto/MessageCryptoBc.java:
##########
@@ -106,28 +80,64 @@ public class MessageCryptoBc implements 
MessageCrypto<MessageMetadata, MessageMe
 
 
     private static final SecureRandom secureRandom;
+
+    private static final String providerName;
+    private static BcVersionSpecificCryptoUtility 
bcVersionSpecificCryptoUtilityDelegate;
+
     static {
-        SecureRandom rand = null;
-        try {
-            rand = SecureRandom.getInstance("NativePRNGNonBlocking");
-        } catch (NoSuchAlgorithmException nsa) {
-            rand = new SecureRandom();
-        }
 
-        secureRandom = rand;
+        providerName = SecurityUtility.getProvider().getName();
+
+        switch (providerName) {
+            case SecurityUtility.BC:
+                SecureRandom rand = null;
+                try {
+                    rand = SecureRandom.getInstance("NativePRNGNonBlocking", 
providerName);
+                } catch (NoSuchAlgorithmException | NoSuchProviderException 
nsa) {
+                    rand = new SecureRandom();
+                }
+                secureRandom = rand;
+                break;
+            case SecurityUtility.BC_FIPS:
+                try {
+                    secureRandom = SecureRandom.getInstance("NONCEANDIV", 
providerName);
+                } catch (NoSuchAlgorithmException | NoSuchProviderException 
nsa) {
+                    throw new RuntimeException(
+                            "In BC FIPS mode, we expect the specific Random 
generators to be available!");
+                }
+                break;

Review Comment:
   > Could you please elaborate on >if "NONCEANDIV" does not work<?
   
   This is an assumption. When "NONCEANDIV" is not available, we can fallback 
to "DEFAULT", If it is still not available we throw an error that BC-FIPS is 
not available.
   
   > DEFAULT is the prediction resistant one - so the safest (I think to 
generate AES keys), and NONCEANDIV is for nonce and IV generation, exactly what 
we use that random generator when sending messages. 
   
   Sounds good, you use the different secure-random for generating ASE and 
sending messages.
   
   I'm not an expert in BC, so I'm not sure which works better, when I don't 
know which one to use, I prefer to use "DEFAULT".
   
   
   
   
   



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscr...@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org