Uploaded image for project: 'Bookkeeper'
  1. Bookkeeper
  2. BOOKKEEPER-938

LedgerOpenOp should use digestType from metadata

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 4.5.0
    • Fix Version/s: 4.5.0
    • Component/s: bookkeeper-client
    • Labels:
      None

      Description

      Currently digestType verification in LedgerOpenOp seems to be treated as part of security logic. Since it is checked after password and error explicitly states that digestType mismatched, all that evil hacker has to do is to change digest type to another one. There are only two of them after all.

      here is the scenario significantly affected by current behavior:

      1. user rolls out clients with digestType set to MAC and creates lots of ledgers.
      2. user notices that MAC is slower than CRC32 and decides to change digestType.
      3. more ledgers created with CRC32.
      4. user tries to read old and new ledgers
      -> now old ledgers cannot be read because of the digest type mismatch.

      I'll send pull request for review.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                ayegorov Andrey Yegorov
                Reporter:
                ayegorov Andrey Yegorov
              • Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: