yandrey321 commented on code in PR #9344:
URL: https://github.com/apache/ozone/pull/9344#discussion_r2561326609
##########
hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/security/STSTokenIdentifier.java:
##########
@@ -161,12 +161,64 @@ public void fromProtoBuf(OMTokenProto token) throws
IOException {
"Invalid secretKeyId format in STS token: " +
token.getSecretKeyId(), e);
}
}
+ // Note: secretKeyId must be set before attempting to decrypt
secretAccessKey
+ if (token.hasSecretAccessKey()) {
+ this.secretAccessKey = decryptSensitiveField(token.getSecretAccessKey());
+ }
if (token.hasSessionPolicy()) {
this.sessionPolicy = token.getSessionPolicy();
}
}
+ /**
+ * Encrypt a sensitive field using the configured encryption key.
+ */
+ private String encryptSensitiveField(String value) {
+ if (value == null || value.isEmpty()) {
+ return value != null ? value : "";
+ }
+ if (encryptionKey == null) {
+ throw new IllegalStateException("Encryption key must be set before
encrypting sensitive fields");
+ }
+
+ try {
+ final byte[] aad = computeAadBytes();
+ return STSTokenEncryption.encrypt(value, encryptionKey, aad);
+ } catch (STSTokenEncryption.STSTokenEncryptionException e) {
+ throw new RuntimeException("Token encryption failed", e);
+ }
+ }
+
+ /**
+ * Decrypt a sensitive field using the configured encryption key.
+ */
+ private String decryptSensitiveField(String encryptedValue) {
+ if (encryptedValue == null || encryptedValue.isEmpty()) {
Review Comment:
shouldn't it be the part of STSTokenEncryption.decrypt() contract?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
