options.setBitLength(Integer.parseInt(args[++i])); } else if ("-cipher".equals(args[i]) && moreTokens) { options.setCipher(args[++i]); } else if ("-description".equals(args[i]) && moreTokens) { options.setDescription(args[++i]); } else if ("-attr".equals(args[i]) && moreTokens) { final String attrval[] = args[++i].split("=", 2); options.setAttributes(attributes);
@Override public void createKey(String keyName, int bitLength) throws IOException, NoSuchAlgorithmException { checkKeyProvider(); if (keyProvider.getMetadata(keyName) == null) { final KeyProvider.Options options = new Options(this.conf); options.setCipher(HDFS_SECURITY_DEFAULT_CIPHER); options.setBitLength(bitLength); keyProvider.createKey(keyName, options); keyProvider.flush(); } else { throw new IOException("key '" + keyName + "' already exists"); } }
@Override public KeyVersion createKey(String name, byte[] material, Options options) throws IOException { Preconditions.checkArgument(name.equals(StringUtils.toLowerCase(name)), "Uppercase key names are unsupported: %s", name); writeLock.lock(); try { try { if (keyStore.containsAlias(name) || cache.containsKey(name)) { throw new IOException("Key " + name + " already exists in " + this); } } catch (KeyStoreException e) { throw new IOException("Problem looking up key " + name + " in " + this, e); } Metadata meta = new Metadata(options.getCipher(), options.getBitLength(), options.getDescription(), options.getAttributes(), new Date(), 1); if (options.getBitLength() != 8 * material.length) { throw new IOException("Wrong key length. Required " + options.getBitLength() + ", but got " + (8 * material.length)); } cache.put(name, meta); String versionName = buildVersionName(name, 0); return innerSetKeyVersion(name, versionName, material, meta.getCipher()); } finally { writeLock.unlock(); } }
KeyProvider.Options options = new KeyProvider.Options(conf); options.setCipher("AES/CTR/NoPadding"); options.setBitLength(128); options.setDescription("l1"); KeyProvider.KeyVersion kv0 = kp.createKey("k1", options); Assert.assertNotNull(kv0); options = new KeyProvider.Options(conf); options.setCipher("AES/CTR/NoPadding"); options.setBitLength(128); KeyVersion kVer2 = kp.createKey("k2", options); KeyProvider.Metadata meta = kp.getMetadata("k2"); options = new KeyProvider.Options(conf); options.setCipher("AES/CTR/NoPadding"); options.setBitLength(128); options.setDescription("d"); kp.createKey("k3", options); meta = kp.getMetadata("k3"); options = new KeyProvider.Options(conf); options.setCipher("AES/CTR/NoPadding"); options.setBitLength(128); attributes.put("key.acl.name", "k4"); options.setAttributes(attributes); kp.createKey("k4", options); meta = kp.getMetadata("k4"); options = new KeyProvider.Options(conf);
KeyProvider.Options options = new KeyProvider.Options(conf); options.setCipher("AES/CTR/NoPadding"); options.setBitLength(128); options.setDescription("l1"); KeyProvider.KeyVersion kv0 = kp.createKey("k1", options); Assert.assertNotNull(kv0); options = new KeyProvider.Options(conf); options.setCipher("AES/CTR/NoPadding"); options.setBitLength(128); KeyVersion kVer2 = kp.createKey("k2", options); KeyProvider.Metadata meta = kp.getMetadata("k2"); options = new KeyProvider.Options(conf); options.setCipher("AES/CTR/NoPadding"); options.setBitLength(128); options.setDescription("d"); kp.createKey("k3", options); meta = kp.getMetadata("k3"); options = new KeyProvider.Options(conf); options.setCipher("AES/CTR/NoPadding"); options.setBitLength(128); attributes.put("key.acl.name", "k4"); options.setAttributes(attributes); kp.createKey("k4", options); meta = kp.getMetadata("k4"); options = new KeyProvider.Options(conf);
fProvider.setWriteFail(true); provider.createKey("key5", new byte[]{1}, KeyProvider.options(conf).setBitLength(8)); assertNotNull(provider.getCurrentKey("key5")); try { fProvider.setBackupFail(true); provider.createKey("key6", new byte[]{1}, KeyProvider.options(conf).setBitLength(8)); assertNotNull(provider.getCurrentKey("key6")); try {
fProvider.setWriteFail(true); provider.createKey("key5", new byte[]{1}, KeyProvider.options(conf).setBitLength(8)); assertNotNull(provider.getCurrentKey("key5")); try { fProvider.setBackupFail(true); provider.createKey("key6", new byte[]{1}, KeyProvider.options(conf).setBitLength(8)); assertNotNull(provider.getCurrentKey("key6")); try {
command = new ListCommand(); } else if ("-size".equals(args[i]) && moreTokens) { options.setBitLength(Integer.parseInt(args[++i])); } else if ("-cipher".equals(args[i]) && moreTokens) { options.setCipher(args[++i]); } else if ("-description".equals(args[i]) && moreTokens) { options.setDescription(args[++i]); } else if ("-attr".equals(args[i]) && moreTokens) { final String attrval[] = args[++i].split("=", 2); options.setAttributes(attributes);
try { provider.createKey("key4", key3, KeyProvider.options(conf).setBitLength(8)); assertTrue("should throw", false); } catch (IOException e) { KeyProvider.options(conf).setBitLength(8)); provider.rollNewVersion("key4", new byte[]{2}); meta = provider.getMetadata("key4");
command = new ListCommand(); } else if ("-size".equals(args[i]) && moreTokens) { options.setBitLength(Integer.parseInt(args[++i])); } else if ("-cipher".equals(args[i]) && moreTokens) { options.setCipher(args[++i]); } else if ("-description".equals(args[i]) && moreTokens) { options.setDescription(args[++i]); } else if ("-attr".equals(args[i]) && moreTokens) { final String attrval[] = args[++i].split("=", 2); options.setAttributes(attributes);
try { provider.createKey("key4", key3, KeyProvider.options(conf).setBitLength(8)); assertTrue("should throw", false); } catch (IOException e) { KeyProvider.options(conf).setBitLength(8)); provider.rollNewVersion("key4", new byte[]{2}); meta = provider.getMetadata("key4");
command = new ListCommand(); } else if ("-size".equals(args[i]) && moreTokens) { options.setBitLength(Integer.parseInt(args[++i])); } else if ("-cipher".equals(args[i]) && moreTokens) { options.setCipher(args[++i]); } else if ("-description".equals(args[i]) && moreTokens) { options.setDescription(args[++i]); } else if ("-attr".equals(args[i]) && moreTokens) { final String attrval[] = args[++i].split("=", 2); options.setAttributes(attributes);
command = new ListCommand(); } else if ("-size".equals(args[i]) && moreTokens) { options.setBitLength(Integer.parseInt(args[++i])); } else if ("-cipher".equals(args[i]) && moreTokens) { options.setCipher(args[++i]); } else if ("-description".equals(args[i]) && moreTokens) { options.setDescription(args[++i]); } else if ("-attr".equals(args[i]) && moreTokens) { final String attrval[] = args[++i].split("=", 2); options.setAttributes(attributes);
KMSOp.CREATE_KEY, name); final KeyProvider.Options options = new KeyProvider.Options( KMSWebApp.getConfiguration()); if (cipher != null) { options.setCipher(cipher); options.setBitLength(length); options.setDescription(description); options.setAttributes(attributes);
kp.createKey(keyA, new KeyProvider.Options(conf)); } catch (IOException ex) { System.out.println(ex.getMessage()); kp.createKey(keyA, new KeyProvider.Options(conf)); } catch (IOException ex) { System.out.println(ex.getMessage());
kp.createKey(keyA, new KeyProvider.Options(conf)); } catch (IOException ex) { System.out.println(ex.getMessage()); kp.createKey(keyA, new KeyProvider.Options(conf)); } catch (IOException ex) { System.out.println(ex.getMessage());
KeyProvider.Options options = new KeyProvider.Options(conf); options.setCipher("AES/CTR/NoPadding"); options.setBitLength(128); options.setDescription("l1"); KeyProvider.KeyVersion kv0 = kmscp.createKey(keyName, options); assertNotNull(kv0.getVersionName());
new KMSClientProvider[] { p1, p2, p3, p4 }, 0, conf); assertEquals("p1", kp.createKey("test4", new Options(conf)).getName()); kp.createKey("test1", new Options(conf)).getName(); fail("Should fail since its not an IOException"); } catch (Exception e) { assertTrue(e instanceof NoSuchAlgorithmException); assertEquals("p3", kp.createKey("test2", new Options(conf)).getName()); assertEquals("p1", kp.createKey("test3", new Options(conf)).getName());
new KMSClientProvider[] { p1, p2, p3, p4 }, 0, conf); assertEquals("p1", kp.createKey("test4", new Options(conf)).getName()); kp.createKey("test1", new Options(conf)).getName(); fail("Should fail since its not an IOException"); } catch (Exception e) { assertTrue(e instanceof NoSuchAlgorithmException); assertEquals("p3", kp.createKey("test2", new Options(conf)).getName()); assertEquals("p1", kp.createKey("test3", new Options(conf)).getName());
throw new AlreadyExistsException(String.format("Updating existing key %s is not supported.", name)); KeyProvider.Options options = new KeyProvider.Options(conf); options.setDescription(description); options.setAttributes(properties); byte[] buff = data.getBytes(Charsets.UTF_8); options.setBitLength(buff.length * Byte.SIZE); try { provider.createKey(keyName, buff, options);