You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hbase.apache.org by zh...@apache.org on 2021/12/22 16:14:27 UTC
[hbase] branch branch-2.5 updated: HBASE-26613 The logic of the method incrementIV in Encryption class has problem (#3968)
This is an automated email from the ASF dual-hosted git repository.
zhangduo pushed a commit to branch branch-2.5
in repository https://gitbox.apache.org/repos/asf/hbase.git
The following commit(s) were added to refs/heads/branch-2.5 by this push:
new f239886 HBASE-26613 The logic of the method incrementIV in Encryption class has problem (#3968)
f239886 is described below
commit f2398864355390a7869010b30c254f8187c26434
Author: Yutong Xiao <yu...@gmail.com>
AuthorDate: Thu Dec 23 00:00:12 2021 +0800
HBASE-26613 The logic of the method incrementIV in Encryption class has problem (#3968)
Signed-off-by: Duo Zhang <zh...@apache.org>
---
.../apache/hadoop/hbase/io/crypto/Encryption.java | 21 +++++++++------------
.../hadoop/hbase/io/crypto/TestEncryption.java | 20 ++++++++++++++++++++
2 files changed, 29 insertions(+), 12 deletions(-)
diff --git a/hbase-common/src/main/java/org/apache/hadoop/hbase/io/crypto/Encryption.java b/hbase-common/src/main/java/org/apache/hadoop/hbase/io/crypto/Encryption.java
index 6adcae5..8077589 100644
--- a/hbase-common/src/main/java/org/apache/hadoop/hbase/io/crypto/Encryption.java
+++ b/hbase-common/src/main/java/org/apache/hadoop/hbase/io/crypto/Encryption.java
@@ -640,20 +640,17 @@ public final class Encryption {
}
public static void incrementIv(byte[] iv, int v) {
+ // v should be > 0
int length = iv.length;
- boolean carry = true;
- // TODO: Optimize for v > 1, e.g. 16, 32
- do {
- for (int i = 0; i < length; i++) {
- if (carry) {
- iv[i] = (byte) ((iv[i] + 1) & 0xFF);
- carry = 0 == iv[i];
- } else {
- break;
- }
+ int sum = 0;
+ for (int i = 0; i < length; i++) {
+ if (v <= 0) {
+ break;
}
- v--;
- } while (v > 0);
+ sum = v + (iv[i] & 0xFF);
+ v = sum / 256;
+ iv[i] = (byte)(sum % 256);
+ }
}
/**
diff --git a/hbase-common/src/test/java/org/apache/hadoop/hbase/io/crypto/TestEncryption.java b/hbase-common/src/test/java/org/apache/hadoop/hbase/io/crypto/TestEncryption.java
index 829be39..8d850a7 100644
--- a/hbase-common/src/test/java/org/apache/hadoop/hbase/io/crypto/TestEncryption.java
+++ b/hbase-common/src/test/java/org/apache/hadoop/hbase/io/crypto/TestEncryption.java
@@ -89,6 +89,26 @@ public class TestEncryption {
}
}
+ @Test
+ public void testIncrementIV() {
+ byte[] iv = new byte[] {1, 2, 3};
+ byte[] iv_neg = new byte[] {-3, -13, 25};
+ Encryption.incrementIv(iv);
+ assertTrue(Bytes.equals(iv, new byte[] {2, 2, 3}));
+
+ Encryption.incrementIv(iv, 255);
+ assertTrue(Bytes.equals(iv, new byte[] {1, 3, 3}));
+
+ Encryption.incrementIv(iv, 1024);
+ assertTrue(Bytes.equals(iv, new byte[] {1, 7, 3}));
+
+ Encryption.incrementIv(iv_neg);
+ assertTrue(Bytes.equals(iv_neg, new byte[] {-2, -13, 25}));
+
+ Encryption.incrementIv(iv_neg, 5);
+ assertTrue(Bytes.equals(iv_neg, new byte[] {3, -12, 25}));
+ }
+
private void checkTransformSymmetry(byte[] keyBytes, byte[] iv, byte[] plaintext)
throws Exception {
LOG.info("checkTransformSymmetry: AES, plaintext length = " + plaintext.length);