accumulo-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From GitBox <...@apache.org>
Subject [GitHub] ctubbsii commented on a change in pull request #322: ACCUMULO-4740 Enable GCM mode for crypto
Date Thu, 01 Jan 1970 00:00:00 GMT
ctubbsii commented on a change in pull request #322: ACCUMULO-4740 Enable GCM mode for crypto
URL: https://github.com/apache/accumulo/pull/322#discussion_r151212576
 
 

 ##########
 File path: core/src/main/java/org/apache/accumulo/core/security/crypto/CryptoModuleParameters.java
 ##########
 @@ -570,6 +570,52 @@ public void setBlockStreamSize(int blockStreamSize) {
   }
 
   /**
+   * Returns the mode from the cipher suite. Assumes the suite is in the form of algorithm/mode/padding,
returns null if the cipher suite is malformed or
+   * NullCipher.
+   *
+   * @return the encryption mode from the cipher suite
+   */
+  public String getCipherSuiteEncryptionMode() {
+    String[] parts = this.cipherSuite.split("/");
+    if (parts.length == 3) {
 
 Review comment:
   According to https://docs.oracle.com/javase/7/docs/technotes/guides/security/StandardNames.html,
sometimes the mode, like CCM or GCM are used as the "Algorithm Name". Are those expected to
be returned here as the mode?
   
   Since only the mode is being extracted here, are we assuming AES is the algorithm here?
or is that extracted elsewhere?
   
   Could one reasonably conclude that the syntax "AES/CBC" means "NoPadding"? Should this
method handle the case where parts.length == 2, with the assumption that "NoPadding" is implied?

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services

Mime
View raw message