OK, I did: https://issues.apache.org/jira/secure/ManageAttachments.jspa?id=12416387
> -----Original Message----- > From: DIGY [mailto:[email protected]] > Sent: Saturday, March 07, 2009 10:53 PM > To: [email protected] > Subject: RE: FIPS compliance? > > Yes, "#if FIPS_COMPLIANT" seems to be a good solution but its java > incompatibility should be commented somewhere. > > Can you open a JIRA issue for that? > > > > DIGY > > > > > > > > From: Torsten Rendelmann [mailto:[email protected]] > Sent: Saturday, March 07, 2009 10:36 PM > To: [email protected] > Subject: RE: FIPS compliance? > > > > As far as I can see in lucene code the FSDirectory is the only > place it > exist. I think, changing to use a FIPS compliant algorithm to calc > the lock > file name is "safe" (mean: java-compat.) - the only case where I > can see the > may have to use the same algorithm is if a java-lucene impl. access > the > index with a writer at the same time as lucene.net - that would be > rarely > the case: writing to the same index is only allowed by one writer > > > > But if you don't like it to change, maybe I can provide a patch > with a "#if > FIPS_COMPLIANT" switch construct that is off by default (to be java > compatible if you like) ? > > > > Torsten > > > > From: DIGY [mailto:[email protected]] > Sent: Saturday, March 07, 2009 8:27 PM > To: [email protected] > Subject: RE: FIPS compliance? > > > > Lucene.Java also uses MD5 and Lucene.Net is supposed to be > compatible with > it at API and index level. Therefore, unless java version changes > the hash > algorithm, I don't think that a code change can be done in > Lucene.Net. > > > > DIGY > > > > From: Torsten Rendelmann [mailto:[email protected]] > Sent: Saturday, March 07, 2009 8:00 PM > To: [email protected] > Cc: [email protected] > Subject: FIPS compliance? > Importance: High > > > > Hi, > > > > I just got back user complaints about this: > > System.TypeInitializationException: The type initializer for > 'Lucene.Net.Store.FSDirectory' threw an exception. ---> > System.SystemException: > System.Reflection.TargetInvocationException: > Exception has been thrown by the target of an invocation. ---> > System.InvalidOperationException: This implementation is not part > of the > Windows Platform FIPS validated cryptographic algorithms. > at System.Security.Cryptography.MD5CryptoServiceProvider..ctor() > --- End of inner exception stack trace --- > > > > We use an older version (2.0.x) of lucense.net in our public > release, but as > I see in FSDirectory type initializer there is still the MD5-non- > FIPS > compliant hash provider in use. > > What is the best way to get a FIPS compliant lucene.net assembly? I > can > change the code manually here, but then I have to apply that every > time we > adopt a newer version L > > > > Useful link: > http://blog.aggregatedintelligence.com/2007/10/fips-validated- > cryptographic- > algorithms.html > > > > Any hints? > > > > Torsten > > > > > > > > Torsten Rendelmann > > > > > > > Bergstr. 26 > 88138 Weissensberg > Germany > > near Lindau (Lake of Constance) > > > <mailto:[email protected]> [email protected] > <http://www.rendelmann.info/blog/> > http://www.rendelmann.info/blog/ > > > tel: > > > <http://www.plaxo.com/click_to_call?src=jj_signature&To=%2B49+8389+ > 984490&Em > [email protected]> +49 8389 984490 > > > > > > <https://www.plaxo.com/add_me?u=30065227899&v0=910826&k0=614476248&; > v1=910827 > &k1=620516059> Add me to your address book... > > <http://www.plaxo.com/signature> Want a signature like this? > > > > > > __________ Information from ESET NOD32 Antivirus, version of virus > signature > database 3917 (20090307) __________ > > The message was checked by ESET NOD32 Antivirus. > > http://www.eset.com > > > > > __________ Information from ESET NOD32 Antivirus, version of virus > signature database 3917 (20090307) __________ > > The message was checked by ESET NOD32 Antivirus. > > http://www.eset.com
smime.p7s
Description: S/MIME cryptographic signature
