private static void setUpKeyProvider(Configuration conf) throws Exception { URI keyProviderUri = new URI("jceks://file" + TEST_UTIL.getDataTestDir("test.jks").toUri().toString()); conf.set("dfs.encryption.key.provider.uri", keyProviderUri.toString()); KeyProvider keyProvider = KeyProviderFactory.get(keyProviderUri, conf); keyProvider.createKey(TEST_KEY_NAME, KeyProvider.options(conf)); keyProvider.flush(); keyProvider.close(); }
final Options options = KeyProvider.options(getConf()); final Map<String, String> attributes = new HashMap<String, String>();
private static void setUpKeyProvider(Configuration conf) throws Exception { URI keyProviderUri = new URI("jceks://file" + TEST_UTIL.getDataTestDir("test.jks").toUri().toString()); conf.set("dfs.encryption.key.provider.uri", keyProviderUri.toString()); KeyProvider keyProvider = KeyProviderFactory.get(keyProviderUri, conf); keyProvider.createKey(TEST_KEY_NAME, KeyProvider.options(conf)); keyProvider.flush(); keyProvider.close(); }
final Options options = KeyProvider.options(getConf()); final Map<String, String> attributes = new HashMap<String, String>();
final Options options = KeyProvider.options(getConf()); final Map<String, String> attributes = new HashMap<String, String>();
final Options options = KeyProvider.options(getConf()); final Map<String, String> attributes = new HashMap<String, String>();
final Options options = KeyProvider.options(getConf()); final Map<String, String> attributes = new HashMap<String, String>();
public void checkPermissionRetention(Configuration conf, String ourUrl, Path path) throws Exception { KeyProvider provider = KeyProviderFactory.getProviders(conf).get(0); // let's add a new key and flush and check that permissions are still set to 777 byte[] key = new byte[16]; for(int i =0; i < key.length; ++i) { key[i] = (byte) i; } // create a new key try { provider.createKey("key5", key, KeyProvider.options(conf)); } catch (Exception e) { e.printStackTrace(); throw e; } provider.flush(); // get a new instance of the provider to ensure it was saved correctly provider = KeyProviderFactory.getProviders(conf).get(0); assertArrayEquals(key, provider.getCurrentKey("key5").getMaterial()); FileSystem fs = path.getFileSystem(conf); FileStatus s = fs.getFileStatus(path); assertTrue("Permissions should have been retained from the preexisting keystore.", s.getPermission().toString().equals("rwxrwxrwx")); }
public void checkPermissionRetention(Configuration conf, String ourUrl, Path path) throws Exception { KeyProvider provider = KeyProviderFactory.getProviders(conf).get(0); // let's add a new key and flush and check that permissions are still set to 777 byte[] key = new byte[16]; for(int i =0; i < key.length; ++i) { key[i] = (byte) i; } // create a new key try { provider.createKey("key5", key, KeyProvider.options(conf)); } catch (Exception e) { e.printStackTrace(); throw e; } provider.flush(); // get a new instance of the provider to ensure it was saved correctly provider = KeyProviderFactory.getProviders(conf).get(0); assertArrayEquals(key, provider.getCurrentKey("key5").getMaterial()); FileSystem fs = path.getFileSystem(conf); FileStatus s = fs.getFileStatus(path); assertTrue("Permissions should have been retained from the preexisting keystore.", s.getPermission().toString().equals("rwxrwxrwx")); }
"javakeystoreprovider.password"); KeyProvider provider = KeyProviderFactory.getProviders(conf).get(0); provider.createKey("key3", new byte[16], KeyProvider.options(conf)); provider.flush(); } catch (Exception ex) {
"javakeystoreprovider.password"); KeyProvider provider = KeyProviderFactory.getProviders(conf).get(0); provider.createKey("key3", new byte[16], KeyProvider.options(conf)); provider.flush(); } catch (Exception ex) {
private void createAKey(String keyName, Configuration conf) throws NoSuchAlgorithmException, IOException { final KeyProvider provider = dfsCluster.getNameNode().getNamesystem().getProvider(); final KeyProvider.Options options = KeyProvider.options(conf); provider.createKey(keyName, options); provider.flush(); }
@Test public void testOptions() throws Exception { Configuration conf = new Configuration(); conf.set(KeyProvider.DEFAULT_CIPHER_NAME, "myCipher"); conf.setInt(KeyProvider.DEFAULT_BITLENGTH_NAME, 512); Map<String, String> attributes = new HashMap<String, String>(); attributes.put("a", "A"); KeyProvider.Options options = KeyProvider.options(conf); assertEquals("myCipher", options.getCipher()); assertEquals(512, options.getBitLength()); options.setCipher("yourCipher"); options.setDescription("description"); options.setAttributes(attributes); options.setBitLength(128); assertEquals("yourCipher", options.getCipher()); assertEquals(128, options.getBitLength()); assertEquals("description", options.getDescription()); assertEquals(attributes, options.getAttributes()); options = KeyProvider.options(new Configuration()); assertEquals(KeyProvider.DEFAULT_CIPHER, options.getCipher()); assertEquals(KeyProvider.DEFAULT_BITLENGTH, options.getBitLength()); }
@Test public void testOptions() throws Exception { Configuration conf = new Configuration(); conf.set(KeyProvider.DEFAULT_CIPHER_NAME, "myCipher"); conf.setInt(KeyProvider.DEFAULT_BITLENGTH_NAME, 512); Map<String, String> attributes = new HashMap<String, String>(); attributes.put("a", "A"); KeyProvider.Options options = KeyProvider.options(conf); assertEquals("myCipher", options.getCipher()); assertEquals(512, options.getBitLength()); options.setCipher("yourCipher"); options.setDescription("description"); options.setAttributes(attributes); options.setBitLength(128); assertEquals("yourCipher", options.getCipher()); assertEquals(128, options.getBitLength()); assertEquals("description", options.getDescription()); assertEquals(attributes, options.getAttributes()); options = KeyProvider.options(new Configuration()); assertEquals(KeyProvider.DEFAULT_CIPHER, options.getCipher()); assertEquals(KeyProvider.DEFAULT_BITLENGTH, options.getBitLength()); }
fProvider.setWriteFail(true); provider.createKey("key5", new byte[]{1}, KeyProvider.options(conf).setBitLength(8)); assertNotNull(provider.getCurrentKey("key5")); try { fProvider.setBackupFail(true); provider.createKey("key6", new byte[]{1}, KeyProvider.options(conf).setBitLength(8)); assertNotNull(provider.getCurrentKey("key6")); try { provider.createKey("UPPERCASE", KeyProvider.options(conf)); Assert.fail("Expected failure on creating key name with uppercase " + "characters");
fProvider.setWriteFail(true); provider.createKey("key5", new byte[]{1}, KeyProvider.options(conf).setBitLength(8)); assertNotNull(provider.getCurrentKey("key5")); try { fProvider.setBackupFail(true); provider.createKey("key6", new byte[]{1}, KeyProvider.options(conf).setBitLength(8)); assertNotNull(provider.getCurrentKey("key6")); try { provider.createKey("UPPERCASE", KeyProvider.options(conf)); Assert.fail("Expected failure on creating key name with uppercase " + "characters");
/** * Helper function to create a key in the Key Provider. * * @param keyName The name of the key to create * @param cluster The cluster to create it in * @param idx The NameNode index * @param conf Configuration to use */ public static void createKey(String keyName, MiniDFSCluster cluster, int idx, Configuration conf) throws NoSuchAlgorithmException, IOException { NameNode nn = cluster.getNameNode(idx); KeyProvider provider = nn.getNamesystem().getProvider(); final KeyProvider.Options options = KeyProvider.options(conf); options.setDescription(keyName); options.setBitLength(128); provider.createKey(keyName, options); provider.flush(); }
provider.createKey("key3", key3, KeyProvider.options(conf)); } catch (Exception e) { e.printStackTrace(); provider.createKey("key3", key3, KeyProvider.options(conf)); assertTrue("should throw", false); } catch (IOException e) { assertEquals("Key key3 does not exist in " + ourUrl, e.getMessage()); provider.createKey("key3", key3, KeyProvider.options(conf)); try { provider.createKey("key4", key3, KeyProvider.options(conf).setBitLength(8)); assertTrue("should throw", false); } catch (IOException e) { KeyProvider.options(conf).setBitLength(8)); provider.rollNewVersion("key4", new byte[]{2}); meta = provider.getMetadata("key4");
provider.createKey("key3", key3, KeyProvider.options(conf)); } catch (Exception e) { e.printStackTrace(); provider.createKey("key3", key3, KeyProvider.options(conf)); assertTrue("should throw", false); } catch (IOException e) { assertEquals("Key key3 does not exist in " + ourUrl, e.getMessage()); provider.createKey("key3", key3, KeyProvider.options(conf)); try { provider.createKey("key4", key3, KeyProvider.options(conf).setBitLength(8)); assertTrue("should throw", false); } catch (IOException e) { KeyProvider.options(conf).setBitLength(8)); provider.rollNewVersion("key4", new byte[]{2}); meta = provider.getMetadata("key4");