[jira] [Created] (HADOOP-19338) Null Pointer Exception in KeyProviderCryptoExtension due to Class Not Found Exception

Sat, 16 Nov 2024 15:31:28 -0800 

ConfX created HADOOP-19338:
------------------------------

             Summary: Null Pointer Exception in KeyProviderCryptoExtension due 
to Class Not Found Exception
                 Key: HADOOP-19338
                 URL: https://issues.apache.org/jira/browse/HADOOP-19338
             Project: Hadoop Common
          Issue Type: Bug
          Components: common
    Affects Versions: 3.4.0
            Reporter: ConfX
            Assignee: ConfX


h3. What Happened: 

A null pointer exception occurs in KeyProviderExtension when trying to close a 
null CryptoCodec object. If supplied with an invalid class name for 
hadoop.security.crypto.codec.classes.aes.ctr.nopadding getClassbyName throws a 
ClassNotFound exception and consequently the CryptoCodec object is not created. 
h3. Buggy Code: 

 
{code:java}
CryptoCodec cc = CryptoCodec.getInstance(keyProvider.getConf()); // -> this 
does not initialize cc due to a ClassNotFound exception. 
try {
  final byte[] newKey = new byte[encryptionKey.getMaterial().length];
  cc.generateSecureRandom(newKey);
  final byte[] iv = new byte[cc.getCipherSuite().getAlgorithmBlockSize()];
  cc.generateSecureRandom(iv);
  Encryptor encryptor = cc.createEncryptor();
  return generateEncryptedKey(encryptor, encryptionKey, newKey, iv);
} finally {
  cc.close(); // -> this throws a NPE as cc is null
} {code}
 

 
h3. Stack Trace: 
{code:java}
java.lang.NullPointerException
        at 
org.apache.hadoop.crypto.key.KeyProviderCryptoExtension$DefaultCryptoExtension.generateEncryptedKey(KeyProviderCryptoExtension.java:303)
        at 
org.apache.hadoop.crypto.key.KeyProviderCryptoExtension.generateEncryptedKey(KeyProviderCryptoExtension.java:513)
        at 
org.apache.hadoop.crypto.key.TestKeyProviderCryptoExtension.testReencryptEncryptedKeys(TestKeyProviderCryptoExtension.java:229)
 {code}
h3. How to Reproduce: 

(1) Set hadoop.security.crypto.codec.classes.aes.ctr.nopadding to 
org.apache.hadoop.crypto.OpensslAesCtrCryptoCodec/

(2) Run test: 
org.apache.hadoop.crypto.key.TestKeyProviderCryptoExtension#testReencryptEncryptedKeys

 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-dev-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-dev-h...@hadoop.apache.org

Reply via email to