HADOOP-11711. Provide a default value for AES/CTR/NoPadding CryptoCodec classes.
(cherry picked from commit 387f271c81
)
This commit is contained in:
parent
813c93cb25
commit
146abadb96
|
@ -24,6 +24,7 @@ import org.apache.hadoop.classification.InterfaceAudience;
|
|||
import org.apache.hadoop.classification.InterfaceStability;
|
||||
import org.apache.hadoop.conf.Configurable;
|
||||
import org.apache.hadoop.conf.Configuration;
|
||||
import org.apache.hadoop.fs.CommonConfigurationKeysPublic;
|
||||
import org.apache.hadoop.util.PerformanceAdvisory;
|
||||
import org.apache.hadoop.util.ReflectionUtils;
|
||||
import org.slf4j.Logger;
|
||||
|
@ -105,7 +106,14 @@ public abstract class CryptoCodec implements Configurable {
|
|||
List<Class<? extends CryptoCodec>> result = Lists.newArrayList();
|
||||
String configName = HADOOP_SECURITY_CRYPTO_CODEC_CLASSES_KEY_PREFIX +
|
||||
cipherSuite.getConfigSuffix();
|
||||
String codecString = conf.get(configName);
|
||||
String codecString;
|
||||
if (configName.equals(CommonConfigurationKeysPublic
|
||||
.HADOOP_SECURITY_CRYPTO_CODEC_CLASSES_AES_CTR_NOPADDING_KEY)) {
|
||||
codecString = conf.get(configName, CommonConfigurationKeysPublic
|
||||
.HADOOP_SECURITY_CRYPTO_CODEC_CLASSES_AES_CTR_NOPADDING_DEFAULT);
|
||||
} else {
|
||||
codecString = conf.get(configName);
|
||||
}
|
||||
if (codecString == null) {
|
||||
PerformanceAdvisory.LOG.debug(
|
||||
"No crypto codec classes with cipher suite configured.");
|
||||
|
|
|
@ -19,6 +19,9 @@
|
|||
package org.apache.hadoop.fs;
|
||||
|
||||
import org.apache.hadoop.classification.InterfaceAudience;
|
||||
import org.apache.hadoop.crypto.CipherSuite;
|
||||
import org.apache.hadoop.crypto.JceAesCtrCryptoCodec;
|
||||
import org.apache.hadoop.crypto.OpensslAesCtrCryptoCodec;
|
||||
|
||||
/**
|
||||
* This class contains constants for configuration keys used
|
||||
|
@ -307,6 +310,14 @@ public class CommonConfigurationKeysPublic {
|
|||
"hadoop.security.saslproperties.resolver.class";
|
||||
public static final String HADOOP_SECURITY_CRYPTO_CODEC_CLASSES_KEY_PREFIX =
|
||||
"hadoop.security.crypto.codec.classes";
|
||||
public static final String
|
||||
HADOOP_SECURITY_CRYPTO_CODEC_CLASSES_AES_CTR_NOPADDING_KEY =
|
||||
HADOOP_SECURITY_CRYPTO_CODEC_CLASSES_KEY_PREFIX
|
||||
+ CipherSuite.AES_CTR_NOPADDING.getConfigSuffix();
|
||||
public static final String
|
||||
HADOOP_SECURITY_CRYPTO_CODEC_CLASSES_AES_CTR_NOPADDING_DEFAULT =
|
||||
OpensslAesCtrCryptoCodec.class.getName() + "," +
|
||||
JceAesCtrCryptoCodec.class.getName();
|
||||
/** See <a href="{@docRoot}/../core-default.html">core-default.xml</a> */
|
||||
public static final String HADOOP_SECURITY_CRYPTO_CIPHER_SUITE_KEY =
|
||||
"hadoop.security.crypto.cipher.suite";
|
||||
|
|
|
@ -47,15 +47,9 @@ public class TestCryptoStreamsForLocalFS extends CryptoStreamsTestBase {
|
|||
|
||||
@BeforeClass
|
||||
public static void init() throws Exception {
|
||||
Configuration conf = new Configuration();
|
||||
conf = new Configuration(false);
|
||||
Configuration conf = new Configuration(false);
|
||||
conf.set("fs.file.impl", LocalFileSystem.class.getName());
|
||||
fileSys = FileSystem.getLocal(conf);
|
||||
conf.set(
|
||||
CommonConfigurationKeysPublic.HADOOP_SECURITY_CRYPTO_CODEC_CLASSES_KEY_PREFIX
|
||||
+ CipherSuite.AES_CTR_NOPADDING.getConfigSuffix(),
|
||||
OpensslAesCtrCryptoCodec.class.getName() + ","
|
||||
+ JceAesCtrCryptoCodec.class.getName());
|
||||
codec = CryptoCodec.getInstance(conf);
|
||||
}
|
||||
|
||||
|
|
|
@ -0,0 +1,38 @@
|
|||
/**
|
||||
* Licensed to the Apache Software Foundation (ASF) under one
|
||||
* or more contributor license agreements. See the NOTICE file
|
||||
* distributed with this work for additional information
|
||||
* regarding copyright ownership. The ASF licenses this file
|
||||
* to you under the Apache License, Version 2.0 (the
|
||||
* "License"); you may not use this file except in compliance
|
||||
* with the License. You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.apache.hadoop.crypto;
|
||||
|
||||
import org.apache.hadoop.conf.Configuration;
|
||||
import org.apache.hadoop.fs.CommonConfigurationKeysPublic;
|
||||
import org.junit.Assert;
|
||||
import org.junit.BeforeClass;
|
||||
|
||||
public class TestCryptoStreamsWithJceAesCtrCryptoCodec extends
|
||||
TestCryptoStreams {
|
||||
|
||||
@BeforeClass
|
||||
public static void init() throws Exception {
|
||||
Configuration conf = new Configuration();
|
||||
conf.set(
|
||||
CommonConfigurationKeysPublic.HADOOP_SECURITY_CRYPTO_CODEC_CLASSES_AES_CTR_NOPADDING_KEY,
|
||||
JceAesCtrCryptoCodec.class.getName());
|
||||
codec = CryptoCodec.getInstance(conf);
|
||||
Assert.assertEquals(JceAesCtrCryptoCodec.class.getCanonicalName(),
|
||||
codec.getClass().getCanonicalName());
|
||||
}
|
||||
}
|
|
@ -18,6 +18,8 @@
|
|||
package org.apache.hadoop.crypto;
|
||||
|
||||
import org.apache.hadoop.conf.Configuration;
|
||||
import org.apache.hadoop.fs.CommonConfigurationKeysPublic;
|
||||
import org.junit.Assert;
|
||||
import org.junit.BeforeClass;
|
||||
|
||||
public class TestCryptoStreamsWithOpensslAesCtrCryptoCodec
|
||||
|
@ -26,6 +28,11 @@ public class TestCryptoStreamsWithOpensslAesCtrCryptoCodec
|
|||
@BeforeClass
|
||||
public static void init() throws Exception {
|
||||
Configuration conf = new Configuration();
|
||||
conf.set(
|
||||
CommonConfigurationKeysPublic.HADOOP_SECURITY_CRYPTO_CODEC_CLASSES_AES_CTR_NOPADDING_KEY,
|
||||
OpensslAesCtrCryptoCodec.class.getName());
|
||||
codec = CryptoCodec.getInstance(conf);
|
||||
Assert.assertEquals(OpensslAesCtrCryptoCodec.class.getCanonicalName(),
|
||||
codec.getClass().getCanonicalName());
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue