[
https://issues.apache.org/jira/browse/HADOOP-19667?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
AMC-team updated HADOOP-19667:
------------------------------
Description:
In core-default.xml, the property hadoop.security.crypto.buffer.size is
currently documented as “The buffer size used by CryptoInputStream and
CryptoOutputStream.” It does not specify the legal value constraints.
{code:java}
<property>
<name>hadoop.security.crypto.buffer.size</name>
<value>8192</value>
<description>The buffer size used by CryptoInputStream and CryptoOutputStream.
</description>
</property> {code}
The runtime enforces two hidden constraints that are not documented:
1. Minimum value is 512 bytes. Values below 512 cause IllegalArgumentException
at stream construction time.
2. Block-size flooring: The effective buffer size is floored to a multiple of
the cipher algorithm’s block size (e.g., 16 bytes for AES/CTR/NoPadding).
As a result, users may be surprised that:
1. Setting a value like 4100 results in an actual capacity of 4096.
2. Setting values <512 fails fast with IllegalArgumentException.
*Expected*
core-default.xml (and user-facing docs) should explicitly document:
1. Minimum legal value: 512 bytes.
2. The effective value is floored to the nearest multiple of the cipher
algorithm block size (e.g., 16 for AES).
was:
In core-default.xml, the property hadoop.security.crypto.buffer.size is
currently documented as “The buffer size used by CryptoInputStream and
CryptoOutputStream.” It does not specify the legal value constraints.
{code:java}
<property>
<name>hadoop.security.crypto.buffer.size</name>
<value>8192</value>
<description>The buffer size used by CryptoInputStream and CryptoOutputStream.
</description>
</property> {code}
The runtime enforces two hidden constraints that are not documented:
1. Minimum value is 512 bytes. Values below 512 cause IllegalArgumentException
at stream construction time.
2. Block-size flooring: The effective buffer size is floored to a multiple of
the cipher algorithm’s block size (e.g., 16 bytes for AES/CTR/NoPadding).
As a result, users may be surprised that:
1. Setting a value like 4100 results in an actual capacity of 4096.
2. Setting values <512 fails fast with IllegalArgumentException.
*Expected*
core-default.xml (and user-facing docs) should explicitly document:
1. Minimum legal value: 512 bytes.
2. The effective value is floored to the nearest multiple of the cipher
algorithm block size (e.g., 16 for AES).
> Clarify legal value constraints for hadoop.security.crypto.buffer.size
> (min=512; floor to cipher block size)
> ------------------------------------------------------------------------------------------------------------
>
> Key: HADOOP-19667
> URL: https://issues.apache.org/jira/browse/HADOOP-19667
> Project: Hadoop Common
> Issue Type: Bug
> Affects Versions: 2.8.5
> Reporter: AMC-team
> Priority: Major
>
> In core-default.xml, the property hadoop.security.crypto.buffer.size is
> currently documented as “The buffer size used by CryptoInputStream and
> CryptoOutputStream.” It does not specify the legal value constraints.
> {code:java}
> <property>
> <name>hadoop.security.crypto.buffer.size</name>
> <value>8192</value>
> <description>The buffer size used by CryptoInputStream and
> CryptoOutputStream. </description>
> </property> {code}
> The runtime enforces two hidden constraints that are not documented:
> 1. Minimum value is 512 bytes. Values below 512 cause
> IllegalArgumentException at stream construction time.
> 2. Block-size flooring: The effective buffer size is floored to a multiple of
> the cipher algorithm’s block size (e.g., 16 bytes for AES/CTR/NoPadding).
> As a result, users may be surprised that:
> 1. Setting a value like 4100 results in an actual capacity of 4096.
> 2. Setting values <512 fails fast with IllegalArgumentException.
> *Expected*
> core-default.xml (and user-facing docs) should explicitly document:
> 1. Minimum legal value: 512 bytes.
> 2. The effective value is floored to the nearest multiple of the cipher
> algorithm block size (e.g., 16 for AES).
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
