New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SOLR-16613: CryptoKeys should handle RSA padding for OpenJ9 #1279
Conversation
testRoundTrip(new CryptoKeys.RSAKeyPair(privateKey, publicKey)); | ||
} | ||
|
||
private void testRoundTrip(CryptoKeys.RSAKeyPair kp) throws Exception { | ||
final byte[] plaintext = new byte[random().nextInt(64)]; | ||
random().nextBytes(plaintext); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
random().nextBytes() would end up with null bytes and that would cause issues. I switched this to generate a regular string with no null bytes.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for inviting me to review, but this is far away from my knowledge. I try to avoid crypto apis in Java.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should we switch the algorithm from no padding to something with padding?
probably at some point. I don't really want to tackle that with this. This at least cleans up the build failures. Let me add one more thing related to this - as far as I can tell the whole "RSA Encryption" stuff in question here - is really just a signature and shouldn't be done this way. This is encrypting with private key and verifying with public key. There are signatures for that instead. Not sure why its done this way, but it MIGHT be that the whole |
https://issues.apache.org/jira/browse/SOLR-16613
Tested with: