private static byte[] serializeVertexSpec(SignableVertexSpec.Builder svsb) throws IOException { ByteArrayOutputStream os = new ByteArrayOutputStream(); svsb.build().writeTo(os); return os.toByteArray(); }
private static byte[] serializeVertexSpec(SignableVertexSpec.Builder svsb) throws IOException { ByteArrayOutputStream os = new ByteArrayOutputStream(); svsb.build().writeTo(os); return os.toByteArray(); }
private void checkSignature(SignableVertexSpec vertex, ByteString vertexBinary, SubmitWorkRequestProto request, String tokenUserName) throws SecurityException, IOException { if (!request.hasWorkSpecSignature()) { logSecurityErrorRarely(tokenUserName); throw new SecurityException("Unsigned fragment not allowed"); } if (vertexBinary == null) { ByteString.Output os = ByteString.newOutput(); vertex.writeTo(os); vertexBinary = os.toByteString(); } try { signer.checkSignature(vertexBinary.toByteArray(), request.getWorkSpecSignature().toByteArray(), (int)vertex.getSignatureKeyId()); } catch (SecurityException ex) { logSecurityErrorRarely(tokenUserName); throw ex; } if (!vertex.hasUser() || !vertex.getUser().equals(tokenUserName)) { logSecurityErrorRarely(tokenUserName); throw new SecurityException("LLAP token is for " + tokenUserName + " but the fragment is for " + (vertex.hasUser() ? vertex.getUser() : null)); } }
private void checkSignature(SignableVertexSpec vertex, ByteString vertexBinary, SubmitWorkRequestProto request, String tokenUserName) throws SecurityException, IOException { if (!request.hasWorkSpecSignature()) { logSecurityErrorRarely(tokenUserName); throw new SecurityException("Unsigned fragment not allowed"); } if (vertexBinary == null) { ByteString.Output os = ByteString.newOutput(); vertex.writeTo(os); vertexBinary = os.toByteString(); } try { signer.checkSignature(vertexBinary.toByteArray(), request.getWorkSpecSignature().toByteArray(), (int)vertex.getSignatureKeyId()); } catch (SecurityException ex) { logSecurityErrorRarely(tokenUserName); throw ex; } if (!vertex.hasUser() || !vertex.getUser().equals(tokenUserName)) { logSecurityErrorRarely(tokenUserName); throw new SecurityException("LLAP token is for " + tokenUserName + " but the fragment is for " + (vertex.hasUser() ? vertex.getUser() : null)); } }