Return-Path: X-Original-To: apmail-hadoop-common-issues-archive@minotaur.apache.org Delivered-To: apmail-hadoop-common-issues-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 19C98CC10 for ; Sat, 6 Dec 2014 02:23:13 +0000 (UTC) Received: (qmail 31360 invoked by uid 500); 6 Dec 2014 02:23:12 -0000 Delivered-To: apmail-hadoop-common-issues-archive@hadoop.apache.org Received: (qmail 31307 invoked by uid 500); 6 Dec 2014 02:23:12 -0000 Mailing-List: contact common-issues-help@hadoop.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: common-issues@hadoop.apache.org Delivered-To: mailing list common-issues@hadoop.apache.org Received: (qmail 31295 invoked by uid 99); 6 Dec 2014 02:23:12 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 06 Dec 2014 02:23:12 +0000 Date: Sat, 6 Dec 2014 02:23:12 +0000 (UTC) From: "Andrew Wang (JIRA)" To: common-issues@hadoop.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Updated] (HADOOP-11343) Overflow is not properly handled in caclulating final iv for AES CTR MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/HADOOP-11343?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andrew Wang updated HADOOP-11343: --------------------------------- Resolution: Fixed Fix Version/s: 2.7.0 Status: Resolved (was: Patch Available) Committed to trunk and branch-2. Thanks very much to Jerry for finding this bug, thorough explanations, and code contribution. Thanks as well to everyone who reviewed and commented, particularly Yi. > Overflow is not properly handled in caclulating final iv for AES CTR > -------------------------------------------------------------------- > > Key: HADOOP-11343 > URL: https://issues.apache.org/jira/browse/HADOOP-11343 > Project: Hadoop Common > Issue Type: Bug > Components: security > Affects Versions: 2.6.0 > Reporter: Jerry Chen > Assignee: Jerry Chen > Priority: Blocker > Fix For: 2.7.0 > > Attachments: HADOOP-11343.001.patch, HADOOP-11343.002.patch, HADOOP-11343.003.patch, HADOOP-11343.patch > > > In the AesCtrCryptoCodec calculateIV, as the init IV is a random generated 16 bytes, > final byte[] iv = new byte[cc.getCipherSuite().getAlgorithmBlockSize()]; > cc.generateSecureRandom(iv); > Then the following calculation of iv and counter on 8 bytes (64bit) space would easily cause overflow and this overflow gets lost. The result would be the 128 bit data block was encrypted with a wrong counter and cannot be decrypted by standard aes-ctr. > {code} > /** > * The IV is produced by adding the initial IV to the counter. IV length > * should be the same as {@link #AES_BLOCK_SIZE} > */ > @Override > public void calculateIV(byte[] initIV, long counter, byte[] IV) { > Preconditions.checkArgument(initIV.length == AES_BLOCK_SIZE); > Preconditions.checkArgument(IV.length == AES_BLOCK_SIZE); > > System.arraycopy(initIV, 0, IV, 0, CTR_OFFSET); > long l = 0; > for (int i = 0; i < 8; i++) { > l = ((l << 8) | (initIV[CTR_OFFSET + i] & 0xff)); > } > l += counter; > IV[CTR_OFFSET + 0] = (byte) (l >>> 56); > IV[CTR_OFFSET + 1] = (byte) (l >>> 48); > IV[CTR_OFFSET + 2] = (byte) (l >>> 40); > IV[CTR_OFFSET + 3] = (byte) (l >>> 32); > IV[CTR_OFFSET + 4] = (byte) (l >>> 24); > IV[CTR_OFFSET + 5] = (byte) (l >>> 16); > IV[CTR_OFFSET + 6] = (byte) (l >>> 8); > IV[CTR_OFFSET + 7] = (byte) (l); > } > {code} -- This message was sent by Atlassian JIRA (v6.3.4#6332)