Updates AuthEngine to pass the correct SecretKeySpec format
AuthEngineSuite was passing on some platforms (MacOS), but failing on others (Linux) with an InvalidKeyException stemming from this line. We should explicitly pass AES as the key format.
### What changes were proposed in this pull request?
Changes the AuthEngine SecretKeySpec from "RAW" to "AES".
### Why are the changes needed?
Unit tests were failing on some platforms with InvalidKeyExceptions when this key was used to instantiate a Cipher.
### Does this PR introduce _any_ user-facing change?
No.
### How was this patch tested?
Unit tests on a MacOS and Linux platform.
Closes #33790 from sweisdb/patch-1.
Authored-by: sweisdb <60895808+sweisdb@users.noreply.github.com>
Signed-off-by: Sean Owen <srowen@gmail.com>
(cherry picked from commit c441c7e365
)
Signed-off-by: Sean Owen <srowen@gmail.com>
This commit is contained in:
parent
69be513c5e
commit
243bfafd5c
|
@ -213,7 +213,7 @@ class AuthEngine implements Closeable {
|
||||||
transcript, // Passing this as the HKDF salt
|
transcript, // Passing this as the HKDF salt
|
||||||
OUTPUT_IV_INFO, // This is the HKDF info field used to differentiate IV values
|
OUTPUT_IV_INFO, // This is the HKDF info field used to differentiate IV values
|
||||||
AES_GCM_KEY_SIZE_BYTES);
|
AES_GCM_KEY_SIZE_BYTES);
|
||||||
SecretKeySpec sessionKey = new SecretKeySpec(sharedSecret, "RAW");
|
SecretKeySpec sessionKey = new SecretKeySpec(sharedSecret, "AES");
|
||||||
return new TransportCipher(
|
return new TransportCipher(
|
||||||
cryptoConf,
|
cryptoConf,
|
||||||
conf.cipherTransformation(),
|
conf.cipherTransformation(),
|
||||||
|
|
Loading…
Reference in a new issue