[
https://issues.apache.org/jira/browse/HADOOP-19338?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
ConfX updated HADOOP-19338:
---------------------------
Description:
h3. What Happened:
A null pointer exception occurs in KeyProviderExtension when trying to close a
null CryptoCodec object. If supplied with an invalid class name for
hadoop.security.crypto.codec.classes.aes.ctr.nopadding getClassbyName throws a
ClassNotFound exception and consequently the CryptoCodec object is not created.
h3. Buggy Code:
{code:java}
CryptoCodec cc = CryptoCodec.getInstance(keyProvider.getConf()); // -> this
does not initialize cc due to a ClassNotFound exception.
try {
final byte[] newKey = new byte[encryptionKey.getMaterial().length];
cc.generateSecureRandom(newKey);
final byte[] iv = new byte[cc.getCipherSuite().getAlgorithmBlockSize()];
cc.generateSecureRandom(iv);
Encryptor encryptor = cc.createEncryptor();
return generateEncryptedKey(encryptor, encryptionKey, newKey, iv);
} finally {
cc.close(); // -> this throws a NPE as cc is null
} {code}
h3. Stack Trace:
{code:java}
java.lang.NullPointerException
at
org.apache.hadoop.crypto.key.KeyProviderCryptoExtension$DefaultCryptoExtension.generateEncryptedKey(KeyProviderCryptoExtension.java:303)
at
org.apache.hadoop.crypto.key.KeyProviderCryptoExtension.generateEncryptedKey(KeyProviderCryptoExtension.java:513)
at
org.apache.hadoop.crypto.key.TestKeyProviderCryptoExtension.testReencryptEncryptedKeys(TestKeyProviderCryptoExtension.java:229)
{code}
h3. How to Reproduce:
(1) Set hadoop.security.crypto.codec.classes.aes.ctr.nopadding to
org.apache.hadoop.crypto.OpensslAesCtrCryptoCodec/
(2) Run test:
org.apache.hadoop.crypto.key.TestKeyProviderCryptoExtension#testReencryptEncryptedKeys
was:
h3. What Happened:
A null pointer exception occurs in KeyProviderExtension when trying to close a
null CryptoCodec object. If supplied with an invalid class name for
hadoop.security.crypto.codec.classes.aes.ctr.nopadding getClassbyName throws a
ClassNotFound exception and consequently the CryptoCodec object is not created.
h3. Buggy Code:
{code:java}
CryptoCodec cc = CryptoCodec.getInstance(keyProvider.getConf()); // -> this
does not initialize cc due to a ClassNotFound exception.
try {
final byte[] newKey = new byte[encryptionKey.getMaterial().length];
cc.generateSecureRandom(newKey);
final byte[] iv = new byte[cc.getCipherSuite().getAlgorithmBlockSize()];
cc.generateSecureRandom(iv);
Encryptor encryptor = cc.createEncryptor();
return generateEncryptedKey(encryptor, encryptionKey, newKey, iv);
} finally {
cc.close(); // -> this throws a NPE as cc is null
} {code}
h3. Stack Trace:
{code:java}
java.lang.NullPointerException
at
org.apache.hadoop.crypto.key.KeyProviderCryptoExtension$DefaultCryptoExtension.generateEncryptedKey(KeyProviderCryptoExtension.java:303)
at
org.apache.hadoop.crypto.key.KeyProviderCryptoExtension.generateEncryptedKey(KeyProviderCryptoExtension.java:513)
at
org.apache.hadoop.crypto.key.TestKeyProviderCryptoExtension.testReencryptEncryptedKeys(TestKeyProviderCryptoExtension.java:229)
{code}
h3. How to Reproduce:
(1) Set hadoop.security.crypto.codec.classes.aes.ctr.nopadding to
org.apache.hadoop.crypto.OpensslAesCtrCryptoCodec/
(2) Run test:
org.apache.hadoop.crypto.key.TestKeyProviderCryptoExtension#testReencryptEncryptedKeys
> Null Pointer Exception in KeyProviderCryptoExtension due to Class Not Found
> Exception
> -------------------------------------------------------------------------------------
>
> Key: HADOOP-19338
> URL: https://issues.apache.org/jira/browse/HADOOP-19338
> Project: Hadoop Common
> Issue Type: Bug
> Components: common
> Affects Versions: 3.4.0
> Reporter: ConfX
> Assignee: ConfX
> Priority: Critical
> Labels: pull-request-available
>
> h3. What Happened:
> A null pointer exception occurs in KeyProviderExtension when trying to close
> a null CryptoCodec object. If supplied with an invalid class name for
> hadoop.security.crypto.codec.classes.aes.ctr.nopadding getClassbyName throws
> a ClassNotFound exception and consequently the CryptoCodec object is not
> created.
> h3. Buggy Code:
> {code:java}
> CryptoCodec cc = CryptoCodec.getInstance(keyProvider.getConf()); // -> this
> does not initialize cc due to a ClassNotFound exception.
> try {
> final byte[] newKey = new byte[encryptionKey.getMaterial().length];
> cc.generateSecureRandom(newKey);
> final byte[] iv = new byte[cc.getCipherSuite().getAlgorithmBlockSize()];
> cc.generateSecureRandom(iv);
> Encryptor encryptor = cc.createEncryptor();
> return generateEncryptedKey(encryptor, encryptionKey, newKey, iv);
> } finally {
> cc.close(); // -> this throws a NPE as cc is null
> } {code}
> h3. Stack Trace:
> {code:java}
> java.lang.NullPointerException
> at
> org.apache.hadoop.crypto.key.KeyProviderCryptoExtension$DefaultCryptoExtension.generateEncryptedKey(KeyProviderCryptoExtension.java:303)
> at
> org.apache.hadoop.crypto.key.KeyProviderCryptoExtension.generateEncryptedKey(KeyProviderCryptoExtension.java:513)
> at
> org.apache.hadoop.crypto.key.TestKeyProviderCryptoExtension.testReencryptEncryptedKeys(TestKeyProviderCryptoExtension.java:229)
> {code}
> h3. How to Reproduce:
> (1) Set hadoop.security.crypto.codec.classes.aes.ctr.nopadding to
> org.apache.hadoop.crypto.OpensslAesCtrCryptoCodec/
> (2) Run test:
> org.apache.hadoop.crypto.key.TestKeyProviderCryptoExtension#testReencryptEncryptedKeys
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
