accumulo-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Nick Felts (JIRA)" <>
Subject [jira] [Created] (ACCUMULO-4737) Clean up cipher algorithm configuration
Date Mon, 06 Nov 2017 15:44:00 GMT
Nick Felts created ACCUMULO-4737:

             Summary: Clean up cipher algorithm configuration
                 Key: ACCUMULO-4737
             Project: Accumulo
          Issue Type: Improvement
            Reporter: Nick Felts
            Assignee: Nick Felts
            Priority: Minor

The two property options:

are not used intuitively. For example, as far as I can tell, the only place the cipher suite's
algorithm name is used is to check for NullCipher. I even tested this using bogus strings
to confirm. Instead, once the suite is found to not indicate NullCipher, the
replaces the algorithm found in the cipher suite for all further uses.

Further, the suite is parsed out into padding and mode options, which only exist to pass a
few unit tests and reconstruct the cipher suite using the other specified algorithm.

This leads to some unintuitive behavior, where someone specifying an algorithm in the cipher
suite is not necessarily using their intended algorithm, unless both options specified the
the same algorithm.

To clean this up, the algorithm specified should be renamed and used for key generation, since
some keys can be used across different algorithms (,
and the cipher suite can be used as stated, instead of deconstructing it to then reconstruct

This message was sent by Atlassian JIRA

View raw message