ODIn/spark-instrumented-optimizer
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Updates AuthEngine to pass the correct SecretKeySpec format

Browse source 
AuthEngineSuite was passing on some platforms (MacOS), but failing on others (Linux) with an InvalidKeyException stemming from this line. We should explicitly pass AES as the key format.

### What changes were proposed in this pull request?

Changes the AuthEngine SecretKeySpec from "RAW" to "AES".

### Why are the changes needed?

Unit tests were failing on some platforms with InvalidKeyExceptions when this key was used to instantiate a Cipher.

### Does this PR introduce _any_ user-facing change?

No.

### How was this patch tested?

Unit tests on a MacOS and Linux platform.

Closes #33790 from sweisdb/patch-1.

Authored-by: sweisdb <60895808+sweisdb@users.noreply.github.com>
Signed-off-by: Sean Owen <srowen@gmail.com>
(cherry picked from commit c441c7e365)
Signed-off-by: Sean Owen <srowen@gmail.com>
This commit is contained in:
sweisdb 2021-08-20 08:31:39 -05:00 committed by Sean Owen
parent 69be513c5e
commit 243bfafd5c
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
common/network-common/src/main/java/org/apache/spark/network/crypto/AuthEngine.java
View file

@ -213,7 +213,7 @@ class AuthEngine implements Closeable {
transcript, // Passing this as the HKDF salt transcript, // Passing this as the HKDF salt
OUTPUT_IV_INFO, // This is the HKDF info field used to differentiate IV values OUTPUT_IV_INFO, // This is the HKDF info field used to differentiate IV values
AES_GCM_KEY_SIZE_BYTES); AES_GCM_KEY_SIZE_BYTES);
SecretKeySpec sessionKey = new SecretKeySpec(sharedSecret, "RAW"); SecretKeySpec sessionKey = new SecretKeySpec(sharedSecret, "AES");
return new TransportCipher( return new TransportCipher(
cryptoConf, cryptoConf,
conf.cipherTransformation(), conf.cipherTransformation(),