You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-commits@hadoop.apache.org by cm...@apache.org on 2014/12/19 22:11:55 UTC
hadoop git commit: HADOOP-11422. Check CryptoCodec is AES-CTR for
Crypto input/output stream (Yi Liu via Colin P. McCabe)
Repository: hadoop
Updated Branches:
refs/heads/trunk d9e4d67d1 -> e369d98ba
HADOOP-11422. Check CryptoCodec is AES-CTR for Crypto input/output stream (Yi Liu via Colin P. McCabe)
Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/e369d98b
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/e369d98b
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/e369d98b
Branch: refs/heads/trunk
Commit: e369d98ba24906abcb35c0906cd57750c0d21fdb
Parents: d9e4d67
Author: Colin Patrick Mccabe <cm...@cloudera.com>
Authored: Fri Dec 19 13:11:38 2014 -0800
Committer: Colin Patrick Mccabe <cm...@cloudera.com>
Committed: Fri Dec 19 13:11:38 2014 -0800
----------------------------------------------------------------------
hadoop-common-project/hadoop-common/CHANGES.txt | 3 +
.../apache/hadoop/crypto/CryptoInputStream.java | 1 +
.../hadoop/crypto/CryptoOutputStream.java | 1 +
.../apache/hadoop/crypto/CryptoStreamUtils.java | 7 +++
.../crypto/UnsupportedCodecException.java | 60 ++++++++++++++++++++
5 files changed, 72 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/hadoop/blob/e369d98b/hadoop-common-project/hadoop-common/CHANGES.txt
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-common/CHANGES.txt b/hadoop-common-project/hadoop-common/CHANGES.txt
index 708eae1..9f7600b 100644
--- a/hadoop-common-project/hadoop-common/CHANGES.txt
+++ b/hadoop-common-project/hadoop-common/CHANGES.txt
@@ -435,6 +435,9 @@ Release 2.7.0 - UNRELEASED
HADOOP-11430. Add GenericTestUtils#disableLog, GenericTestUtils#setLogLevel
(cmccabe)
+ HADOOP-11422. Check CryptoCodec is AES-CTR for Crypto input/output stream
+ (Yi Liu via Colin P. McCabe)
+
OPTIMIZATIONS
HADOOP-11323. WritableComparator#compare keeps reference to byte array.
http://git-wip-us.apache.org/repos/asf/hadoop/blob/e369d98b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/CryptoInputStream.java
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/CryptoInputStream.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/CryptoInputStream.java
index 4b53563..f3e5b90 100644
--- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/CryptoInputStream.java
+++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/CryptoInputStream.java
@@ -113,6 +113,7 @@ public class CryptoInputStream extends FilterInputStream implements
public CryptoInputStream(InputStream in, CryptoCodec codec,
int bufferSize, byte[] key, byte[] iv, long streamOffset) throws IOException {
super(in);
+ CryptoStreamUtils.checkCodec(codec);
this.bufferSize = CryptoStreamUtils.checkBufferSize(codec, bufferSize);
this.codec = codec;
this.key = key.clone();
http://git-wip-us.apache.org/repos/asf/hadoop/blob/e369d98b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/CryptoOutputStream.java
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/CryptoOutputStream.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/CryptoOutputStream.java
index 4f9f7f5..876ffd6 100644
--- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/CryptoOutputStream.java
+++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/CryptoOutputStream.java
@@ -83,6 +83,7 @@ public class CryptoOutputStream extends FilterOutputStream implements
int bufferSize, byte[] key, byte[] iv, long streamOffset)
throws IOException {
super(out);
+ CryptoStreamUtils.checkCodec(codec);
this.bufferSize = CryptoStreamUtils.checkBufferSize(codec, bufferSize);
this.codec = codec;
this.key = key.clone();
http://git-wip-us.apache.org/repos/asf/hadoop/blob/e369d98b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/CryptoStreamUtils.java
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/CryptoStreamUtils.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/CryptoStreamUtils.java
index 820d775..be85497 100644
--- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/CryptoStreamUtils.java
+++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/CryptoStreamUtils.java
@@ -49,6 +49,13 @@ public class CryptoStreamUtils {
HADOOP_SECURITY_CRYPTO_BUFFER_SIZE_DEFAULT);
}
+ /** AES/CTR/NoPadding is required */
+ public static void checkCodec(CryptoCodec codec) {
+ if (codec.getCipherSuite() != CipherSuite.AES_CTR_NOPADDING) {
+ throw new UnsupportedCodecException("AES/CTR/NoPadding is required");
+ }
+ }
+
/** Check and floor buffer size */
public static int checkBufferSize(CryptoCodec codec, int bufferSize) {
Preconditions.checkArgument(bufferSize >= MIN_BUFFER_SIZE,
http://git-wip-us.apache.org/repos/asf/hadoop/blob/e369d98b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/UnsupportedCodecException.java
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/UnsupportedCodecException.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/UnsupportedCodecException.java
new file mode 100644
index 0000000..ad6b525
--- /dev/null
+++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/UnsupportedCodecException.java
@@ -0,0 +1,60 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.hadoop.crypto;
+
+/**
+ * Thrown to indicate that the specific codec is not supported.
+ */
+public class UnsupportedCodecException extends RuntimeException {
+
+ /** Default constructor */
+ public UnsupportedCodecException() {
+ }
+
+ /**
+ * Constructs an UnsupportedCodecException with the specified
+ * detail message.
+ *
+ * @param message the detail message
+ */
+ public UnsupportedCodecException(String message) {
+ super(message);
+ }
+
+ /**
+ * Constructs a new exception with the specified detail message and
+ * cause.
+ *
+ * @param message the detail message
+ * @param cause the cause
+ */
+ public UnsupportedCodecException(String message, Throwable cause) {
+ super(message, cause);
+ }
+
+ /**
+ * Constructs a new exception with the specified cause.
+ *
+ * @param cause the cause
+ */
+ public UnsupportedCodecException(Throwable cause) {
+ super(cause);
+ }
+
+ private static final long serialVersionUID = 6713920435487942224L;
+}
\ No newline at end of file