You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@spark.apache.org by sr...@apache.org on 2021/08/20 13:32:59 UTC

[spark] branch branch-3.2 updated: Updates AuthEngine to pass the correct SecretKeySpec format

This is an automated email from the ASF dual-hosted git repository.

srowen pushed a commit to branch branch-3.2
in repository https://gitbox.apache.org/repos/asf/spark.git


The following commit(s) were added to refs/heads/branch-3.2 by this push:
     new 243bfaf  Updates AuthEngine to pass the correct SecretKeySpec format
243bfaf is described below

commit 243bfafd5cb58c1d3ae6c2a1a9e2c14c3a13526c
Author: sweisdb <60...@users.noreply.github.com>
AuthorDate: Fri Aug 20 08:31:39 2021 -0500

    Updates AuthEngine to pass the correct SecretKeySpec format
    
    AuthEngineSuite was passing on some platforms (MacOS), but failing on others (Linux) with an InvalidKeyException stemming from this line. We should explicitly pass AES as the key format.
    
    ### What changes were proposed in this pull request?
    
    Changes the AuthEngine SecretKeySpec from "RAW" to "AES".
    
    ### Why are the changes needed?
    
    Unit tests were failing on some platforms with InvalidKeyExceptions when this key was used to instantiate a Cipher.
    
    ### Does this PR introduce _any_ user-facing change?
    
    No.
    
    ### How was this patch tested?
    
    Unit tests on a MacOS and Linux platform.
    
    Closes #33790 from sweisdb/patch-1.
    
    Authored-by: sweisdb <60...@users.noreply.github.com>
    Signed-off-by: Sean Owen <sr...@gmail.com>
    (cherry picked from commit c441c7e365cdbed4bae55e9bfdf94fa4a118fb21)
    Signed-off-by: Sean Owen <sr...@gmail.com>
---
 .../src/main/java/org/apache/spark/network/crypto/AuthEngine.java       | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/common/network-common/src/main/java/org/apache/spark/network/crypto/AuthEngine.java b/common/network-common/src/main/java/org/apache/spark/network/crypto/AuthEngine.java
index aadf2b5..078d9ce 100644
--- a/common/network-common/src/main/java/org/apache/spark/network/crypto/AuthEngine.java
+++ b/common/network-common/src/main/java/org/apache/spark/network/crypto/AuthEngine.java
@@ -213,7 +213,7 @@ class AuthEngine implements Closeable {
         transcript,  // Passing this as the HKDF salt
         OUTPUT_IV_INFO,  // This is the HKDF info field used to differentiate IV values
         AES_GCM_KEY_SIZE_BYTES);
-    SecretKeySpec sessionKey = new SecretKeySpec(sharedSecret, "RAW");
+    SecretKeySpec sessionKey = new SecretKeySpec(sharedSecret, "AES");
     return new TransportCipher(
         cryptoConf,
         conf.cipherTransformation(),

---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@spark.apache.org
For additional commands, e-mail: commits-help@spark.apache.org