From 243bfafd5cb58c1d3ae6c2a1a9e2c14c3a13526c Mon Sep 17 00:00:00 2001 From: sweisdb <60895808+sweisdb@users.noreply.github.com> Date: Fri, 20 Aug 2021 08:31:39 -0500 Subject: [PATCH] Updates AuthEngine to pass the correct SecretKeySpec format AuthEngineSuite was passing on some platforms (MacOS), but failing on others (Linux) with an InvalidKeyException stemming from this line. We should explicitly pass AES as the key format. ### What changes were proposed in this pull request? Changes the AuthEngine SecretKeySpec from "RAW" to "AES". ### Why are the changes needed? Unit tests were failing on some platforms with InvalidKeyExceptions when this key was used to instantiate a Cipher. ### Does this PR introduce _any_ user-facing change? No. ### How was this patch tested? Unit tests on a MacOS and Linux platform. Closes #33790 from sweisdb/patch-1. Authored-by: sweisdb <60895808+sweisdb@users.noreply.github.com> Signed-off-by: Sean Owen (cherry picked from commit c441c7e365cdbed4bae55e9bfdf94fa4a118fb21) Signed-off-by: Sean Owen --- .../main/java/org/apache/spark/network/crypto/AuthEngine.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/common/network-common/src/main/java/org/apache/spark/network/crypto/AuthEngine.java b/common/network-common/src/main/java/org/apache/spark/network/crypto/AuthEngine.java index aadf2b590b..078d9ceb31 100644 --- a/common/network-common/src/main/java/org/apache/spark/network/crypto/AuthEngine.java +++ b/common/network-common/src/main/java/org/apache/spark/network/crypto/AuthEngine.java @@ -213,7 +213,7 @@ class AuthEngine implements Closeable { transcript, // Passing this as the HKDF salt OUTPUT_IV_INFO, // This is the HKDF info field used to differentiate IV values AES_GCM_KEY_SIZE_BYTES); - SecretKeySpec sessionKey = new SecretKeySpec(sharedSecret, "RAW"); + SecretKeySpec sessionKey = new SecretKeySpec(sharedSecret, "AES"); return new TransportCipher( cryptoConf, conf.cipherTransformation(),