You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-commits@hadoop.apache.org by na...@apache.org on 2019/10/04 03:01:01 UTC
[hadoop] 02/02: HDDS-2226. S3 Secrets should use a strong RNG.
(#1572)
This is an automated email from the ASF dual-hosted git repository.
nanda pushed a commit to branch ozone-0.4.1
in repository https://gitbox.apache.org/repos/asf/hadoop.git
commit ddb395d5cbf9152a3ab518f2a37a22a4dccef18a
Author: Anu Engineer <ae...@apache.org>
AuthorDate: Thu Oct 3 09:28:41 2019 -0700
HDDS-2226. S3 Secrets should use a strong RNG. (#1572)
(cherry picked from commit d59bcbfa0f30fc6fedb0a7e1896292a524ff71c7)
---
.../common/src/main/java/org/apache/hadoop/ozone/OmUtils.java | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/OmUtils.java b/hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/OmUtils.java
index 25bfc29..5b47876 100644
--- a/hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/OmUtils.java
+++ b/hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/OmUtils.java
@@ -30,6 +30,7 @@ import java.nio.file.Path;
import java.nio.file.Paths;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
import java.util.Collection;
import java.util.Collections;
import java.util.Optional;
@@ -39,7 +40,6 @@ import com.google.common.base.Strings;
import org.apache.commons.compress.archivers.tar.TarArchiveEntry;
import org.apache.commons.compress.archivers.tar.TarArchiveOutputStream;
import org.apache.commons.compress.utils.IOUtils;
-import org.apache.commons.lang3.RandomStringUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hdds.scm.HddsServerUtil;
@@ -70,6 +70,8 @@ import org.slf4j.LoggerFactory;
*/
public final class OmUtils {
public static final Logger LOG = LoggerFactory.getLogger(OmUtils.class);
+ private static final SecureRandom SRAND = new SecureRandom();
+ private static byte[] randomBytes = new byte[32];
private OmUtils() {
}
@@ -246,9 +248,9 @@ public final class OmUtils {
public static byte[] getSHADigest() throws IOException {
try {
+ SRAND.nextBytes(randomBytes);
MessageDigest sha = MessageDigest.getInstance(OzoneConsts.FILE_HASH);
- return sha.digest(RandomStringUtils.random(32)
- .getBytes(StandardCharsets.UTF_8));
+ return sha.digest(randomBytes);
} catch (NoSuchAlgorithmException ex) {
throw new IOException("Error creating an instance of SHA-256 digest.\n" +
"This could possibly indicate a faulty JRE");
---------------------------------------------------------------------
To unsubscribe, e-mail: common-commits-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-commits-help@hadoop.apache.org