ggershinsky commented on code in PR #3148:
URL: https://github.com/apache/parquet-java/pull/3148#discussion_r1948023769
##########
parquet-hadoop/src/main/java/org/apache/parquet/crypto/AesGcmDecryptor.java:
##########
@@ -81,7 +85,12 @@ public ByteBuffer decrypt(ByteBuffer ciphertext, byte[] AAD)
{
int cipherTextOffset = SIZE_LENGTH;
int cipherTextLength = ciphertext.limit() - ciphertext.position() -
SIZE_LENGTH;
int plainTextLength = cipherTextLength - GCM_TAG_LENGTH - NONCE_LENGTH;
- if (plainTextLength < 1) {
Review Comment:
same here
##########
parquet-hadoop/src/main/java/org/apache/parquet/crypto/AesGcmDecryptor.java:
##########
@@ -51,7 +51,11 @@ public byte[] decrypt(byte[] lengthAndCiphertext, byte[]
AAD) {
public byte[] decrypt(byte[] ciphertext, int cipherTextOffset, int
cipherTextLength, byte[] AAD) {
int plainTextLength = cipherTextLength - GCM_TAG_LENGTH - NONCE_LENGTH;
- if (plainTextLength < 1) {
Review Comment:
AES GCM decryption is able to handle an empty plaintext. It will also use
the key to check the IV/tag integrity.
So the fix can be just replacement of `if (plainTextLength < 1)` { with `if
(plainTextLength < 0) {`
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@parquet.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@parquet.apache.org
For additional commands, e-mail: issues-h...@parquet.apache.org
