Skip to content

Commit 82cdd6a

Browse files
author
Harsh J
committed
HADOOP-13694. Add support for AES-192 in OpenSSL native Cipher.
1 parent c5ca216 commit 82cdd6a

File tree

4 files changed

+256
-144
lines changed

4 files changed

+256
-144
lines changed

hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/crypto/OpensslCipher.c

Lines changed: 22 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -36,6 +36,7 @@ static int (*dlsym_EVP_CipherUpdate)(EVP_CIPHER_CTX *, unsigned char *, \
3636
int *, const unsigned char *, int);
3737
static int (*dlsym_EVP_CipherFinal_ex)(EVP_CIPHER_CTX *, unsigned char *, int *);
3838
static EVP_CIPHER * (*dlsym_EVP_aes_256_ctr)(void);
39+
static EVP_CIPHER * (*dlsym_EVP_aes_192_ctr)(void);
3940
static EVP_CIPHER * (*dlsym_EVP_aes_128_ctr)(void);
4041
static void *openssl;
4142
#endif
@@ -54,6 +55,7 @@ typedef int (__cdecl *__dlsym_EVP_CipherUpdate)(EVP_CIPHER_CTX *, \
5455
typedef int (__cdecl *__dlsym_EVP_CipherFinal_ex)(EVP_CIPHER_CTX *, \
5556
unsigned char *, int *);
5657
typedef EVP_CIPHER * (__cdecl *__dlsym_EVP_aes_256_ctr)(void);
58+
typedef EVP_CIPHER * (__cdecl *__dlsym_EVP_aes_192_ctr)(void);
5759
typedef EVP_CIPHER * (__cdecl *__dlsym_EVP_aes_128_ctr)(void);
5860
static __dlsym_EVP_CIPHER_CTX_new dlsym_EVP_CIPHER_CTX_new;
5961
static __dlsym_EVP_CIPHER_CTX_free dlsym_EVP_CIPHER_CTX_free;
@@ -64,6 +66,7 @@ static __dlsym_EVP_CipherInit_ex dlsym_EVP_CipherInit_ex;
6466
static __dlsym_EVP_CipherUpdate dlsym_EVP_CipherUpdate;
6567
static __dlsym_EVP_CipherFinal_ex dlsym_EVP_CipherFinal_ex;
6668
static __dlsym_EVP_aes_256_ctr dlsym_EVP_aes_256_ctr;
69+
static __dlsym_EVP_aes_192_ctr dlsym_EVP_aes_192_ctr;
6770
static __dlsym_EVP_aes_128_ctr dlsym_EVP_aes_128_ctr;
6871
static HMODULE openssl;
6972
#endif
@@ -72,12 +75,15 @@ static void loadAesCtr(JNIEnv *env)
7275
{
7376
#ifdef UNIX
7477
LOAD_DYNAMIC_SYMBOL(dlsym_EVP_aes_256_ctr, env, openssl, "EVP_aes_256_ctr");
78+
LOAD_DYNAMIC_SYMBOL(dlsym_EVP_aes_192_ctr, env, openssl, "EVP_aes_192_ctr");
7579
LOAD_DYNAMIC_SYMBOL(dlsym_EVP_aes_128_ctr, env, openssl, "EVP_aes_128_ctr");
7680
#endif
7781

7882
#ifdef WINDOWS
7983
LOAD_DYNAMIC_SYMBOL(__dlsym_EVP_aes_256_ctr, dlsym_EVP_aes_256_ctr, \
8084
env, openssl, "EVP_aes_256_ctr");
85+
LOAD_DYNAMIC_SYMBOL(__dlsym_EVP_aes_192_ctr, dlsym_EVP_aes_192_ctr, \
86+
env, openssl, "EVP_aes_192_ctr");
8187
LOAD_DYNAMIC_SYMBOL(__dlsym_EVP_aes_128_ctr, dlsym_EVP_aes_128_ctr, \
8288
env, openssl, "EVP_aes_128_ctr");
8389
#endif
@@ -165,7 +171,7 @@ JNIEXPORT jlong JNICALL Java_org_apache_hadoop_crypto_OpensslCipher_initContext
165171
return (jlong)0;
166172
}
167173

168-
if (dlsym_EVP_aes_256_ctr == NULL || dlsym_EVP_aes_128_ctr == NULL) {
174+
if (dlsym_EVP_aes_256_ctr == NULL || dlsym_EVP_aes_192_ctr == NULL || dlsym_EVP_aes_128_ctr == NULL) {
169175
THROW(env, "java/security/NoSuchAlgorithmException", \
170176
"Doesn't support AES CTR.");
171177
return (jlong)0;
@@ -188,6 +194,8 @@ static EVP_CIPHER * getEvpCipher(int alg, int keyLen)
188194
if (alg == AES_CTR) {
189195
if (keyLen == KEY_LENGTH_256) {
190196
cipher = dlsym_EVP_aes_256_ctr();
197+
} else if (keyLen == KEY_LENGTH_192) {
198+
cipher = dlsym_EVP_aes_192_ctr();
191199
} else if (keyLen == KEY_LENGTH_128) {
192200
cipher = dlsym_EVP_aes_128_ctr();
193201
}
@@ -201,12 +209,22 @@ JNIEXPORT jlong JNICALL Java_org_apache_hadoop_crypto_OpensslCipher_init
201209
{
202210
int jKeyLen = (*env)->GetArrayLength(env, key);
203211
int jIvLen = (*env)->GetArrayLength(env, iv);
204-
if (jKeyLen != KEY_LENGTH_128 && jKeyLen != KEY_LENGTH_256) {
205-
THROW(env, "java/lang/IllegalArgumentException", "Invalid key length.");
212+
if (jKeyLen != KEY_LENGTH_128 && jKeyLen != KEY_LENGTH_192 && jKeyLen != KEY_LENGTH_256) {
213+
char* keyLenErrMsg;
214+
if (asprintf(&keyLenErrMsg, "Invalid key length: %d bytes", jKeyLen) < 0) {
215+
THROW(env, "java/lang/IllegalArgumentException", "Invalid key length");
216+
} else {
217+
THROW(env, "java/lang/IllegalArgumentException", keyLenErrMsg);
218+
}
206219
return (jlong)0;
207220
}
208221
if (jIvLen != IV_LENGTH) {
209-
THROW(env, "java/lang/IllegalArgumentException", "Invalid iv length.");
222+
char* ivLenErrMsg;
223+
if (asprintf(&ivLenErrMsg, "Invalid iv length: %d bytes", jIvLen) < 0) {
224+
THROW(env, "java/lang/IllegalArgumentException", "Invalid iv length.");
225+
} else {
226+
THROW(env, "java/lang/IllegalArgumentException", ivLenErrMsg);
227+
}
210228
return (jlong)0;
211229
}
212230

hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/crypto/org_apache_hadoop_crypto.h

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -47,6 +47,7 @@
4747
#define JLONG(context) ((jlong)((ptrdiff_t)(context)))
4848

4949
#define KEY_LENGTH_128 16
50+
#define KEY_LENGTH_192 24
5051
#define KEY_LENGTH_256 32
5152
#define IV_LENGTH 16
5253

@@ -58,4 +59,4 @@
5859
#define NOPADDING 0
5960
#define PKCSPADDING 1
6061

61-
#endif //ORG_APACHE_HADOOP_CRYPTO_H
62+
#endif //ORG_APACHE_HADOOP_CRYPTO_H

0 commit comments

Comments
 (0)