[
https://issues.apache.org/jira/browse/HADOOP-17609?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17871657#comment-17871657
]
ASF GitHub Bot commented on HADOOP-17609:
-----------------------------------------
steveloughran commented on code in PR #3019:
URL: https://github.com/apache/hadoop/pull/3019#discussion_r1707038476
##########
hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/crypto/OpensslCipher.c:
##########
@@ -245,7 +248,7 @@ JNIEXPORT void JNICALL
Java_org_apache_hadoop_crypto_OpensslCipher_initIDs
if (jthr) {
(*env)->DeleteLocalRef(env, jthr);
THROW(env, "java/lang/UnsatisfiedLinkError", \
- "Cannot find AES-CTR/SM4-CTR support, is your version of Openssl new
enough?");
+ "Cannot find AES-CTR support, is your version of Openssl new enough?");
Review Comment:
change to OpenSSL
##########
hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/crypto/TestOpensslCipher.java:
##########
@@ -107,4 +107,11 @@ public void testDoFinalArguments() throws Exception {
"Direct buffer is required", e);
}
}
+
+ @Test(timeout=120000)
+ public void testIsSupportedSuite() throws Exception {
+ Assume.assumeTrue(OpensslCipher.getLoadingFailureReason() == null);
+ Assert.assertFalse(OpensslCipher.isSupported(CipherSuite.UNKNOWN));
Review Comment:
add error message for these two assertions
##########
hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/crypto/OpensslCipher.c:
##########
@@ -554,3 +557,24 @@ JNIEXPORT jstring JNICALL
Java_org_apache_hadoop_crypto_OpensslCipher_getLibrary
}
#endif
}
+
+JNIEXPORT jboolean JNICALL
Java_org_apache_hadoop_crypto_OpensslCipher_isSupportedSuite
+ (JNIEnv *env, jclass clazz, jint alg, jint padding)
+{
+ if (padding != NOPADDING) {
+ return JNI_FALSE;
+ }
+
+ if (alg == AES_CTR && (dlsym_EVP_aes_256_ctr != NULL &&
dlsym_EVP_aes_128_ctr != NULL)) {
Review Comment:
so this requires both aes 128 and aes 256?
> Make SM4 support optional for OpenSSL native code
> -------------------------------------------------
>
> Key: HADOOP-17609
> URL: https://issues.apache.org/jira/browse/HADOOP-17609
> Project: Hadoop Common
> Issue Type: Improvement
> Components: native
> Affects Versions: 3.4.0
> Reporter: Masatake Iwasaki
> Assignee: Masatake Iwasaki
> Priority: Major
> Labels: pull-request-available
> Time Spent: 4h 50m
> Remaining Estimate: 0h
>
> openssl-devel-1.1.1g provided by CentOS 8 does not work after HDFS-15098
> because the SM4 is not enabled on the openssl package. We should not force
> users to install OpenSSL from source code even if they do not use SM4 feature.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
