accumulo-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From GitBox <...@apache.org>
Subject [GitHub] PircDef commented on a change in pull request #322: ACCUMULO-4740 Enable GCM mode for crypto
Date Thu, 01 Jan 1970 00:00:00 GMT
PircDef commented on a change in pull request #322: ACCUMULO-4740 Enable GCM mode for crypto
URL: https://github.com/apache/accumulo/pull/322#discussion_r152405798
 
 

 ##########
 File path: core/src/main/java/org/apache/accumulo/core/security/crypto/CryptoModuleParameters.java
 ##########
 @@ -569,6 +569,52 @@ public void setBlockStreamSize(int blockStreamSize) {
     this.blockStreamSize = blockStreamSize;
   }
 
+  /**
+   * Returns the mode from the cipher suite. Assumes the suite is in the form of algorithm/mode/padding,
returns null if the cipher suite is malformed or
+   * NullCipher.
+   *
+   * @return the encryption mode from the cipher suite
+   */
+  public String getCipherSuiteEncryptionMode() {
+    String[] parts = this.cipherSuite.split("/");
+    if (parts.length == 3) {
+      return parts[1];
+    } else {
+      return null;
+    }
+  }
+
+  /**
+   * Updates the initialization vector for use when the encryption mode is GCM. If the IV
is not currently null, and the encryption mode is GCM, it will
+   * increment the IV instead of letting the CryptoModule decide what to do.
+   */
+  public void updateInitializationVector() {
+    if (this.initializationVector != null && getCipherSuiteEncryptionMode().equals(DefaultCryptoModule.ALGORITHM_PARAMETER_SPEC_GCM))
{
+      incrementIV(this.initializationVector, this.initializationVector.length - 1);
+    } else {
+      this.initializationVector = null;
+    }
+  }
+
+  /**
+   * Because IVs can be longer than longs, this increments arbitrarily sized byte arrays
by 1, with a roll over to 0 after the max value is reached.
+   *
+   * @param iv
+   *          The iv to be incremented
+   * @param i
+   *          The current byte being incremented
+   */
+  static void incrementIV(byte[] iv, int i) {
 
 Review comment:
   Yeah.

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services

Mime
View raw message