[ https://issues.apache.org/jira/browse/SOLR-9609?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jeremy Martini updated SOLR-9609: --------------------------------- Attachment: solr.log > Change hard-coded keysize from 512 to 1024 > ------------------------------------------ > > Key: SOLR-9609 > URL: https://issues.apache.org/jira/browse/SOLR-9609 > Project: Solr > Issue Type: Bug > Security Level: Public(Default Security Level. Issues are Public) > Reporter: Jeremy Martini > Attachments: solr.log > > > In order to configure our dataSource without requiring a plaintext password > in the configuration file, we extended JdbcDataSource to create our own > custom implementation. Our dataSource config now looks something like this: > {code:xml} > <dataSource type="com.foo.FooDataSource" driver="oracle.jdbc.OracleDriver" > url="jdbc:oracle:thin:@db-host-machine:1521:tst1" user="testuser" > password="{ENC}{1.1}1ePOfWcbOIU056gKiLTrLw=="/> > {code} > We are using the RSA JSAFE Crypto-J libraries for encrypting/decrypting the > password. However, this seems to cause an issue when we try use Solr in a > Cloud Configuration (using Zookeeper). The error is "Strong key gen and > multiprime gen require at least 1024-bit keysize." Full log attached. > This seems to be due to the hard-coded value of 512 in the > org.apache.solr.util.CryptoKeys$RSAKeyPair class: > {code:java} > public RSAKeyPair() { > KeyPairGenerator keyGen = null; > try { > keyGen = KeyPairGenerator.getInstance("RSA"); > } catch (NoSuchAlgorithmException e) { > throw new SolrException(SolrException.ErrorCode.SERVER_ERROR, e); > } > keyGen.initialize(512); > {code} > I pulled down the Solr code, changed the hard-coded value to 1024, rebuilt > it, and this now everything seems to work great. -- This message was sent by Atlassian JIRA (v6.3.4#6332) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org