You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@spark.apache.org by sr...@apache.org on 2021/08/20 13:33:36 UTC

[spark] branch branch-3.1 updated: Updates AuthEngine to pass the correct SecretKeySpec format

This is an automated email from the ASF dual-hosted git repository.

srowen pushed a commit to branch branch-3.1
in repository https://gitbox.apache.org/repos/asf/spark.git


The following commit(s) were added to refs/heads/branch-3.1 by this push:
     new dadb08b  Updates AuthEngine to pass the correct SecretKeySpec format
dadb08b is described below

commit dadb08b2129d5dcd7c2bc14a47c2b5a5a878a19c
Author: sweisdb <60...@users.noreply.github.com>
AuthorDate: Fri Aug 20 08:31:39 2021 -0500

    Updates AuthEngine to pass the correct SecretKeySpec format
    
    AuthEngineSuite was passing on some platforms (MacOS), but failing on others (Linux) with an InvalidKeyException stemming from this line. We should explicitly pass AES as the key format.
    
    ### What changes were proposed in this pull request?
    
    Changes the AuthEngine SecretKeySpec from "RAW" to "AES".
    
    ### Why are the changes needed?
    
    Unit tests were failing on some platforms with InvalidKeyExceptions when this key was used to instantiate a Cipher.
    
    ### Does this PR introduce _any_ user-facing change?
    
    No.
    
    ### How was this patch tested?
    
    Unit tests on a MacOS and Linux platform.
    
    Closes #33790 from sweisdb/patch-1.
    
    Authored-by: sweisdb <60...@users.noreply.github.com>
    Signed-off-by: Sean Owen <sr...@gmail.com>
    (cherry picked from commit c441c7e365cdbed4bae55e9bfdf94fa4a118fb21)
    Signed-off-by: Sean Owen <sr...@gmail.com>
---
 .../src/main/java/org/apache/spark/network/crypto/AuthEngine.java       | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/common/network-common/src/main/java/org/apache/spark/network/crypto/AuthEngine.java b/common/network-common/src/main/java/org/apache/spark/network/crypto/AuthEngine.java
index aadf2b5..078d9ce 100644
--- a/common/network-common/src/main/java/org/apache/spark/network/crypto/AuthEngine.java
+++ b/common/network-common/src/main/java/org/apache/spark/network/crypto/AuthEngine.java
@@ -213,7 +213,7 @@ class AuthEngine implements Closeable {
         transcript,  // Passing this as the HKDF salt
         OUTPUT_IV_INFO,  // This is the HKDF info field used to differentiate IV values
         AES_GCM_KEY_SIZE_BYTES);
-    SecretKeySpec sessionKey = new SecretKeySpec(sharedSecret, "RAW");
+    SecretKeySpec sessionKey = new SecretKeySpec(sharedSecret, "AES");
     return new TransportCipher(
         cryptoConf,
         conf.cipherTransformation(),

---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@spark.apache.org
For additional commands, e-mail: commits-help@spark.apache.org