Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 9D47C200D2B for ; Thu, 2 Nov 2017 18:02:39 +0100 (CET) Received: by cust-asf.ponee.io (Postfix) id 9BBB1160BE6; Thu, 2 Nov 2017 17:02:39 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id E2B3D1609EB for ; Thu, 2 Nov 2017 18:02:38 +0100 (CET) Received: (qmail 25295 invoked by uid 500); 2 Nov 2017 17:02:38 -0000 Mailing-List: contact notifications-help@accumulo.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: jira@apache.org Delivered-To: mailing list notifications@accumulo.apache.org Received: (qmail 25284 invoked by uid 99); 2 Nov 2017 17:02:38 -0000 Received: from ec2-52-202-80-70.compute-1.amazonaws.com (HELO gitbox.apache.org) (52.202.80.70) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 02 Nov 2017 17:02:38 +0000 From: GitBox To: notifications@accumulo.apache.org Subject: [GitHub] ctubbsii commented on a change in pull request #318: ACCUMULO-4733 Implement configurable security provider for crypto Message-ID: <150964215742.22532.9769522358491552482.gitbox@gitbox.apache.org> archived-at: Thu, 02 Nov 2017 17:02:39 -0000 ctubbsii commented on a change in pull request #318: ACCUMULO-4733 Implement configurable security provider for crypto URL: https://github.com/apache/accumulo/pull/318#discussion_r148596928 ########## File path: core/src/main/java/org/apache/accumulo/core/security/crypto/DefaultCryptoModuleUtils.java ########## @@ -50,20 +50,23 @@ public static SecureRandom getSecureRandom(String secureRNG, String secureRNGPro return secureRandom; } - public static Cipher getCipher(String cipherSuite) { + public static Cipher getCipher(String cipherSuite, String securityProvider) { Cipher cipher = null; if (cipherSuite.equals("NullCipher")) { cipher = new NullCipher(); } else { try { - cipher = Cipher.getInstance(cipherSuite); + cipher = Cipher.getInstance(cipherSuite, securityProvider); Review comment: This will override the system-wide prioritized crypto providers for Java set by the system administrator. This may be okay in some cases, but I don't think this should be the default. I think that we should set the default value to be null, instead of SunJCE, and if it is null, then we call the one-parameter version of this method, which respects the system-wide security settings. The specific provider should only be used if it's not null. Doing it the way I'm suggesting will be much friendlier on system administrators trying to ensure their systems are compliant with their organizational requirements. It also makes more sense if a single crypto doesn't support all of the algorithms the user has specified, because the default behavior is to search the providers set by the system administrator to find one that will work for a given algorithm. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: users@infra.apache.org With regards, Apache Git Services