HADOOP-10891. Add EncryptedKeyVersion factory method to KeyProviderCryptoExtension. (wang)
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/branches/branch-2@1619540 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
parent
30fe1849c3
commit
c6eee38b81
|
@ -160,6 +160,9 @@ Release 2.6.0 - UNRELEASED
|
||||||
HADOOP-10720. KMS: Implement generateEncryptedKey and decryptEncryptedKey
|
HADOOP-10720. KMS: Implement generateEncryptedKey and decryptEncryptedKey
|
||||||
in the REST API. (asuresh via tucu)
|
in the REST API. (asuresh via tucu)
|
||||||
|
|
||||||
|
HADOOP-10891. Add EncryptedKeyVersion factory method to
|
||||||
|
KeyProviderCryptoExtension. (wang)
|
||||||
|
|
||||||
BUG FIXES
|
BUG FIXES
|
||||||
|
|
||||||
HADOOP-10781. Unportable getgrouplist() usage breaks FreeBSD (Dmitry
|
HADOOP-10781. Unportable getgrouplist() usage breaks FreeBSD (Dmitry
|
||||||
|
|
|
@ -79,6 +79,30 @@ public class KeyProviderCryptoExtension extends
|
||||||
this.encryptedKeyVersion = encryptedKeyVersion;
|
this.encryptedKeyVersion = encryptedKeyVersion;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Factory method to create a new EncryptedKeyVersion that can then be
|
||||||
|
* passed into {@link #decryptEncryptedKey}. Note that the fields of the
|
||||||
|
* returned EncryptedKeyVersion will only partially be populated; it is not
|
||||||
|
* necessarily suitable for operations besides decryption.
|
||||||
|
*
|
||||||
|
* @param encryptionKeyVersionName Version name of the encryption key used
|
||||||
|
* to encrypt the encrypted key.
|
||||||
|
* @param encryptedKeyIv Initialization vector of the encrypted
|
||||||
|
* key. The IV of the encryption key used to
|
||||||
|
* encrypt the encrypted key is derived from
|
||||||
|
* this IV.
|
||||||
|
* @param encryptedKeyMaterial Key material of the encrypted key.
|
||||||
|
* @return EncryptedKeyVersion suitable for decryption.
|
||||||
|
*/
|
||||||
|
public static EncryptedKeyVersion createForDecryption(String
|
||||||
|
encryptionKeyVersionName, byte[] encryptedKeyIv,
|
||||||
|
byte[] encryptedKeyMaterial) {
|
||||||
|
KeyVersion encryptedKeyVersion = new KeyVersion(null, null,
|
||||||
|
encryptedKeyMaterial);
|
||||||
|
return new EncryptedKeyVersion(null, encryptionKeyVersionName,
|
||||||
|
encryptedKeyIv, encryptedKeyVersion);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @return Name of the encryption key used to encrypt the encrypted key.
|
* @return Name of the encryption key used to encrypt the encrypted key.
|
||||||
*/
|
*/
|
||||||
|
|
Loading…
Reference in New Issue