lucene-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kris...@apache.org
Subject [07/20] lucene-solr:jira/solr-8593: SOLR-9606: Change hard-coded keysize from 512 to 1024
Date Fri, 18 Nov 2016 16:42:32 GMT
SOLR-9606: Change hard-coded keysize from 512 to 1024


Project: http://git-wip-us.apache.org/repos/asf/lucene-solr/repo
Commit: http://git-wip-us.apache.org/repos/asf/lucene-solr/commit/e402a304
Tree: http://git-wip-us.apache.org/repos/asf/lucene-solr/tree/e402a304
Diff: http://git-wip-us.apache.org/repos/asf/lucene-solr/diff/e402a304

Branch: refs/heads/jira/solr-8593
Commit: e402a304bf97ead8c2a7f00a745e837fe0c6d449
Parents: 774e31b
Author: Erick Erickson <erick@apache.org>
Authored: Wed Nov 16 13:33:18 2016 -0800
Committer: Erick Erickson <erick@apache.org>
Committed: Wed Nov 16 13:33:18 2016 -0800

----------------------------------------------------------------------
 solr/CHANGES.txt                                        | 2 ++
 solr/core/src/java/org/apache/solr/util/CryptoKeys.java | 6 +++++-
 2 files changed, 7 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/e402a304/solr/CHANGES.txt
----------------------------------------------------------------------
diff --git a/solr/CHANGES.txt b/solr/CHANGES.txt
index 3d02456..00c0669 100644
--- a/solr/CHANGES.txt
+++ b/solr/CHANGES.txt
@@ -185,6 +185,8 @@ Other Changes
 
 * SOLR-9597: Add setReadOnly(String ...) to ConnectionImpl (Kevin Risden)
 
+* SOLR-9609: Change hard-coded keysize from 512 to 1024 (Jeremy Martini via Erick Erickson)
+
 ==================  6.3.0 ==================
 
 Consult the LUCENE_CHANGES.txt file for additional, low level, changes in this release.

http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/e402a304/solr/core/src/java/org/apache/solr/util/CryptoKeys.java
----------------------------------------------------------------------
diff --git a/solr/core/src/java/org/apache/solr/util/CryptoKeys.java b/solr/core/src/java/org/apache/solr/util/CryptoKeys.java
index c110aeb..1122860 100644
--- a/solr/core/src/java/org/apache/solr/util/CryptoKeys.java
+++ b/solr/core/src/java/org/apache/solr/util/CryptoKeys.java
@@ -285,6 +285,10 @@ public final class CryptoKeys {
     private final PrivateKey privateKey;
     private final SecureRandom random = new SecureRandom();
 
+    // If this ever comes back to haunt us see the discussion at
+    // SOLR-9609 for background and code allowing this to go
+    // into security.json
+    private static final int DEFAULT_KEYPAIR_LENGTH = 1024;
 
     public RSAKeyPair() {
       KeyPairGenerator keyGen = null;
@@ -293,7 +297,7 @@ public final class CryptoKeys {
       } catch (NoSuchAlgorithmException e) {
         throw new SolrException(SolrException.ErrorCode.SERVER_ERROR, e);
       }
-      keyGen.initialize(512);
+      keyGen.initialize(DEFAULT_KEYPAIR_LENGTH);
       java.security.KeyPair keyPair = keyGen.genKeyPair();
       privateKey = keyPair.getPrivate();
       publicKey = keyPair.getPublic();


Mime
View raw message