HBASE-26613 The logic of the method incrementIV in Encryption class has problem (#3968)

Signed-off-by: Duo Zhang <zhangduo@apache.org>
This commit is contained in:
Yutong Xiao 2021-12-23 00:00:12 +08:00 committed by GitHub
parent 314e924e96
commit 6818ec23b8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 29 additions and 12 deletions

View File

@ -640,20 +640,17 @@ public final class Encryption {
}
public static void incrementIv(byte[] iv, int v) {
// v should be > 0
int length = iv.length;
boolean carry = true;
// TODO: Optimize for v > 1, e.g. 16, 32
do {
for (int i = 0; i < length; i++) {
if (carry) {
iv[i] = (byte) ((iv[i] + 1) & 0xFF);
carry = 0 == iv[i];
} else {
break;
}
int sum = 0;
for (int i = 0; i < length; i++) {
if (v <= 0) {
break;
}
v--;
} while (v > 0);
sum = v + (iv[i] & 0xFF);
v = sum / 256;
iv[i] = (byte)(sum % 256);
}
}
/**

View File

@ -89,6 +89,26 @@ public class TestEncryption {
}
}
@Test
public void testIncrementIV() {
byte[] iv = new byte[] {1, 2, 3};
byte[] iv_neg = new byte[] {-3, -13, 25};
Encryption.incrementIv(iv);
assertTrue(Bytes.equals(iv, new byte[] {2, 2, 3}));
Encryption.incrementIv(iv, 255);
assertTrue(Bytes.equals(iv, new byte[] {1, 3, 3}));
Encryption.incrementIv(iv, 1024);
assertTrue(Bytes.equals(iv, new byte[] {1, 7, 3}));
Encryption.incrementIv(iv_neg);
assertTrue(Bytes.equals(iv_neg, new byte[] {-2, -13, 25}));
Encryption.incrementIv(iv_neg, 5);
assertTrue(Bytes.equals(iv_neg, new byte[] {3, -12, 25}));
}
private void checkTransformSymmetry(byte[] keyBytes, byte[] iv, byte[] plaintext)
throws Exception {
LOG.info("checkTransformSymmetry: AES, plaintext length = " + plaintext.length);