Repository: hadoop Updated Branches: refs/heads/branch-2 11e4ec52a -> 2d1ddbe58
HADOOP-11358. Tests for encryption/decryption with IV calculation overflow. (yliu) Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/2d1ddbe5 Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/2d1ddbe5 Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/2d1ddbe5 Branch: refs/heads/branch-2 Commit: 2d1ddbe58ec8e2cc316c0a7cea3782f14fe77fe2 Parents: 11e4ec5 Author: yliu <[email protected]> Authored: Thu Dec 18 00:43:31 2014 +0800 Committer: yliu <[email protected]> Committed: Thu Dec 18 00:43:31 2014 +0800 ---------------------------------------------------------------------- hadoop-common-project/hadoop-common/CHANGES.txt | 3 ++ .../apache/hadoop/crypto/TestCryptoCodec.java | 40 ++++++++++++++------ 2 files changed, 32 insertions(+), 11 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/hadoop/blob/2d1ddbe5/hadoop-common-project/hadoop-common/CHANGES.txt ---------------------------------------------------------------------- diff --git a/hadoop-common-project/hadoop-common/CHANGES.txt b/hadoop-common-project/hadoop-common/CHANGES.txt index 4afdb2a..f3392b0 100644 --- a/hadoop-common-project/hadoop-common/CHANGES.txt +++ b/hadoop-common-project/hadoop-common/CHANGES.txt @@ -257,6 +257,9 @@ Release 2.7.0 - UNRELEASED HADOOP-10946. Fix a bunch of typos in log messages (Ray Chiang via aw) + HADOOP-11358. Tests for encryption/decryption with IV calculation + overflow. (yliu) + Release 2.6.0 - 2014-11-18 INCOMPATIBLE CHANGES http://git-wip-us.apache.org/repos/asf/hadoop/blob/2d1ddbe5/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/crypto/TestCryptoCodec.java ---------------------------------------------------------------------- diff --git a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/crypto/TestCryptoCodec.java b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/crypto/TestCryptoCodec.java index 08231f9..6e2ceaf 100644 --- a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/crypto/TestCryptoCodec.java +++ b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/crypto/TestCryptoCodec.java @@ -41,16 +41,15 @@ import org.apache.hadoop.util.NativeCodeLoader; import org.apache.hadoop.util.ReflectionUtils; import org.junit.Assert; import org.junit.Assume; +import org.junit.Before; import org.junit.Test; import com.google.common.primitives.Longs; public class TestCryptoCodec { private static final Log LOG= LogFactory.getLog(TestCryptoCodec.class); - private static final byte[] key = {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, - 0x07, 0x08, 0x09, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16}; - private static final byte[] iv = {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, - 0x07, 0x08, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08}; + private static byte[] key = new byte[16]; + private static byte[] iv = new byte[16]; private static final int bufferSize = 4096; private Configuration conf = new Configuration(); @@ -61,6 +60,13 @@ public class TestCryptoCodec { private final String opensslCodecClass = "org.apache.hadoop.crypto.OpensslAesCtrCryptoCodec"; + @Before + public void setUp() throws IOException { + Random random = new SecureRandom(); + random.nextBytes(key); + random.nextBytes(iv); + } + @Test(timeout=120000) public void testJceAesCtrCryptoCodec() throws Exception { if (!"true".equalsIgnoreCase(System.getProperty("runningWithNative"))) { @@ -72,9 +78,15 @@ public class TestCryptoCodec { Assume.assumeTrue(false); } Assert.assertEquals(null, OpensslCipher.getLoadingFailureReason()); - cryptoCodecTest(conf, seed, 0, jceCodecClass, jceCodecClass); - cryptoCodecTest(conf, seed, count, jceCodecClass, jceCodecClass); - cryptoCodecTest(conf, seed, count, jceCodecClass, opensslCodecClass); + cryptoCodecTest(conf, seed, 0, jceCodecClass, jceCodecClass, iv); + cryptoCodecTest(conf, seed, count, jceCodecClass, jceCodecClass, iv); + cryptoCodecTest(conf, seed, count, jceCodecClass, opensslCodecClass, iv); + // Overflow test, IV: xx xx xx xx xx xx xx xx ff ff ff ff ff ff ff ff + for(int i = 0; i < 8; i++) { + iv[8 + i] = (byte) 0xff; + } + cryptoCodecTest(conf, seed, count, jceCodecClass, jceCodecClass, iv); + cryptoCodecTest(conf, seed, count, jceCodecClass, opensslCodecClass, iv); } @Test(timeout=120000) @@ -88,13 +100,19 @@ public class TestCryptoCodec { Assume.assumeTrue(false); } Assert.assertEquals(null, OpensslCipher.getLoadingFailureReason()); - cryptoCodecTest(conf, seed, 0, opensslCodecClass, opensslCodecClass); - cryptoCodecTest(conf, seed, count, opensslCodecClass, opensslCodecClass); - cryptoCodecTest(conf, seed, count, opensslCodecClass, jceCodecClass); + cryptoCodecTest(conf, seed, 0, opensslCodecClass, opensslCodecClass, iv); + cryptoCodecTest(conf, seed, count, opensslCodecClass, opensslCodecClass, iv); + cryptoCodecTest(conf, seed, count, opensslCodecClass, jceCodecClass, iv); + // Overflow test, IV: xx xx xx xx xx xx xx xx ff ff ff ff ff ff ff ff + for(int i = 0; i < 8; i++) { + iv[8 + i] = (byte) 0xff; + } + cryptoCodecTest(conf, seed, count, opensslCodecClass, opensslCodecClass, iv); + cryptoCodecTest(conf, seed, count, opensslCodecClass, jceCodecClass, iv); } private void cryptoCodecTest(Configuration conf, int seed, int count, - String encCodecClass, String decCodecClass) throws IOException, + String encCodecClass, String decCodecClass, byte[] iv) throws IOException, GeneralSecurityException { CryptoCodec encCodec = null; try {
