mridulm commented on code in PR #45425:
URL: https://github.com/apache/spark/pull/45425#discussion_r1525236753
##########
common/network-common/src/main/java/org/apache/spark/network/crypto/AuthEngine.java:
##########
@@ -213,7 +220,7 @@ private TransportCipher generateTransportCipher(
transcript, // Passing this as the HKDF salt
OUTPUT_IV_INFO, // This is the HKDF info field used to differentiate
IV values
AES_GCM_KEY_SIZE_BYTES);
- SecretKeySpec sessionKey = new SecretKeySpec(sharedSecret, "AES");
+ SecretKeySpec sessionKey = new SecretKeySpec(derivedKey, "AES");
Review Comment:
Let us flag guard this change - given we want to backport to 3.x patch
releases as well as giving users migration opportunities. This flag can be
flipped to default in a subsequent 4.x minor version.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
