rahulLiving commented on code in PR #2379:
URL: https://github.com/apache/phoenix/pull/2379#discussion_r3057961844
##########
phoenix-core-client/src/main/java/org/apache/phoenix/util/SHA256DigestUtil.java:
##########
@@ -32,53 +28,49 @@
public class SHA256DigestUtil {
/**
- * Maximum allowed size for encoded SHA-256 digest state. SHA-256 state is
~96 bytes, we allow up
- * to 128 bytes as buffer.
+ * Maximum allowed size for encoded SHA-256 digest state. BouncyCastle's
SHA256Digest encoded
+ * state ranges from 53 to 113 bytes (52 base + 0-60 buffered words + 1
purpose byte). We allow up
+ * to 128 bytes as headroom.
*/
public static final int MAX_SHA256_DIGEST_STATE_SIZE = 128;
/**
- * Encodes a SHA256Digest state to a byte array with length prefix for
validation. Format: [4-byte
- * integer length][encoded digest state bytes]
+ * Encodes a SHA256Digest state to a byte array.
* @param digest The digest whose state should be encoded
- * @return Byte array containing integer length prefix + encoded state
+ * @return Byte array containing the raw BouncyCastle encoded state
*/
public static byte[] encodeDigestState(SHA256Digest digest) {
byte[] encoded = digest.getEncodedState();
- ByteBuffer buffer = ByteBuffer.allocate(Bytes.SIZEOF_INT + encoded.length);
- buffer.putInt(encoded.length);
- buffer.put(encoded);
- return buffer.array();
+ if (encoded.length > MAX_SHA256_DIGEST_STATE_SIZE) {
+ throw new IllegalArgumentException(
+ String.format("SHA256 encoded state too large: %d, expected <= %d",
encoded.length,
+ MAX_SHA256_DIGEST_STATE_SIZE));
+ }
Review Comment:
We pass around digest across Scanner and Mapper as scan attribute.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
