accumulo-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From GitBox <...@apache.org>
Subject [GitHub] PircDef commented on a change in pull request #322: ACCUMULO-4740 Enable GCM mode for crypto
Date Thu, 01 Jan 1970 00:00:00 GMT
PircDef commented on a change in pull request #322: ACCUMULO-4740 Enable GCM mode for crypto
URL: https://github.com/apache/accumulo/pull/322#discussion_r151762732
 
 

 ##########
 File path: core/src/main/java/org/apache/accumulo/core/security/crypto/CryptoModuleParameters.java
 ##########
 @@ -570,6 +570,52 @@ public void setBlockStreamSize(int blockStreamSize) {
   }
 
   /**
+   * Returns the mode from the cipher suite. Assumes the suite is in the form of algorithm/mode/padding,
returns null if the cipher suite is malformed or
+   * NullCipher.
+   *
+   * @return the encryption mode from the cipher suite
+   */
+  public String getCipherSuiteEncryptionMode() {
+    String[] parts = this.cipherSuite.split("/");
+    if (parts.length == 3) {
+      return parts[1];
+    } else {
+      return null;
+    }
+  }
+
+  /**
+   * Updates the initialization vector for use when the encryption mode is GCM. If the IV
is not currently null, and the encryption mode is GCM, it will
+   * increment the IV instead of letting the CryptoModule decide what to do.
+   */
+  public void updateInitializationVector() {
+    if (this.initializationVector != null && getCipherSuiteEncryptionMode().equals(DefaultCryptoModule.ALGORITHM_PARAMETER_SPEC_GCM))
{
+      incrementIV(this.initializationVector, this.initializationVector.length - 1);
 
 Review comment:
   The code is with the CryptoModuleParameters because that is where we expect the IV to be
held.
   
   In the future, it might be worth exploring which parts of the DefaultCryptoModule, CryptoModuleParameters,
DefaultCryptoModuleUtils, and maybe even the CryptoModuleFactory belong where. I think it
would take a fair bit of time to figure out the best way to reorganize and rename some of
these pieces.

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services

Mime
View raw message