@Test public void testKeyStoreKeyProviderWithPassword() throws Exception { KeyProvider provider = new KeyStoreKeyProvider(); provider.init("jceks://" + storeFile.toURI().getPath() + "?password=" + PASSWORD); Key key = provider.getKey(ALIAS); assertNotNull(key); byte[] keyBytes = key.getEncoded(); assertEquals(keyBytes.length, KEY.length); for (int i = 0; i < KEY.length; i++) { assertEquals(keyBytes[i], KEY[i]); } }
/** * Resolves a key for the given subject * @param subject * @param conf * @return a key for the given subject * @throws IOException if the key is not found */ public static Key getSecretKeyForSubject(String subject, Configuration conf) throws IOException { KeyProvider provider = getKeyProvider(conf); if (provider != null) try { Key[] keys = provider.getKeys(new String[] { subject }); if (keys != null && keys.length > 0) { return keys[0]; } } catch (Exception e) { throw new IOException(e); } throw new IOException("No key found for subject '" + subject + "'"); }
public static KeyProvider getKeyProvider(Configuration conf) { String providerClassName = conf.get(HConstants.CRYPTO_KEYPROVIDER_CONF_KEY, KeyStoreKeyProvider.class.getName()); String providerParameters = conf.get(HConstants.CRYPTO_KEYPROVIDER_PARAMETERS_KEY, ""); try { Pair<String,String> providerCacheKey = new Pair<>(providerClassName, providerParameters); KeyProvider provider = keyProviderCache.get(providerCacheKey); if (provider != null) { return provider; } provider = (KeyProvider) ReflectionUtils.newInstance( getClassLoaderForClass(KeyProvider.class).loadClass(providerClassName), conf); provider.init(providerParameters); if (LOG.isDebugEnabled()) { LOG.debug("Installed " + providerClassName + " into key provider cache"); } keyProviderCache.put(providerCacheKey, provider); return provider; } catch (Exception e) { throw new RuntimeException(e); } }
@Test public void testTestProvider() { Configuration conf = HBaseConfiguration.create(); conf.set(HConstants.CRYPTO_KEYPROVIDER_CONF_KEY, KeyProviderForTesting.class.getName()); KeyProvider provider = Encryption.getKeyProvider(conf); assertNotNull("Null returned for provider", provider); assertTrue("Provider is not the expected type", provider instanceof KeyProviderForTesting); Key key = provider.getKey("foo"); assertNotNull("Test provider did not return a key as expected", key); assertEquals("Test provider did not create a key for AES", "AES", key.getAlgorithm()); assertEquals("Test provider did not create a key of adequate length", AES.KEY_LENGTH, key.getEncoded().length); }
public static KeyProvider getKeyProvider(Configuration conf) { String providerClassName = conf.get(HConstants.CRYPTO_KEYPROVIDER_CONF_KEY, KeyStoreKeyProvider.class.getName()); String providerParameters = conf.get(HConstants.CRYPTO_KEYPROVIDER_PARAMETERS_KEY, ""); try { Pair<String,String> providerCacheKey = new Pair<>(providerClassName, providerParameters); KeyProvider provider = keyProviderCache.get(providerCacheKey); if (provider != null) { return provider; } provider = (KeyProvider) ReflectionUtils.newInstance( getClassLoaderForClass(KeyProvider.class).loadClass(providerClassName), conf); provider.init(providerParameters); if (LOG.isDebugEnabled()) { LOG.debug("Installed " + providerClassName + " into key provider cache"); } keyProviderCache.put(providerCacheKey, provider); return provider; } catch (Exception e) { throw new RuntimeException(e); } }
@Test public void testTestProvider() { Configuration conf = HBaseConfiguration.create(); conf.set(HConstants.CRYPTO_KEYPROVIDER_CONF_KEY, KeyProviderForTesting.class.getName()); KeyProvider provider = Encryption.getKeyProvider(conf); assertNotNull("Null returned for provider", provider); assertTrue("Provider is not the expected type", provider instanceof KeyProviderForTesting); Key key = provider.getKey("foo"); assertNotNull("Test provider did not return a key as expected", key); assertEquals("Test provider did not create a key for AES", "AES", key.getAlgorithm()); assertEquals("Test provider did not create a key of adequate length", AES.KEY_LENGTH, key.getEncoded().length); }
@Test public void testKeyStoreKeyProviderWithPasswordFile() throws Exception { KeyProvider provider = new KeyStoreKeyProvider(); provider.init("jceks://" + storeFile.toURI().getPath() + "?passwordFile=" + URLEncoder.encode(passwordFile.getAbsolutePath(), "UTF-8")); Key key = provider.getKey(ALIAS); assertNotNull(key); byte[] keyBytes = key.getEncoded(); assertEquals(keyBytes.length, KEY.length); for (int i = 0; i < KEY.length; i++) { assertEquals(keyBytes[i], KEY[i]); } } }
public static KeyProvider getKeyProvider(Configuration conf) { String providerClassName = conf.get(HConstants.CRYPTO_KEYPROVIDER_CONF_KEY, KeyStoreKeyProvider.class.getName()); String providerParameters = conf.get(HConstants.CRYPTO_KEYPROVIDER_PARAMETERS_KEY, ""); try { Pair<String,String> providerCacheKey = new Pair<>(providerClassName, providerParameters); KeyProvider provider = keyProviderCache.get(providerCacheKey); if (provider != null) { return provider; } provider = (KeyProvider) ReflectionUtils.newInstance( getClassLoaderForClass(KeyProvider.class).loadClass(providerClassName), conf); provider.init(providerParameters); if (LOG.isDebugEnabled()) { LOG.debug("Installed " + providerClassName + " into key provider cache"); } keyProviderCache.put(providerCacheKey, provider); return provider; } catch (Exception e) { throw new RuntimeException(e); } }
/** * Resolves a key for the given subject * @param subject * @param conf * @return a key for the given subject * @throws IOException if the key is not found */ public static Key getSecretKeyForSubject(String subject, Configuration conf) throws IOException { KeyProvider provider = getKeyProvider(conf); if (provider != null) try { Key[] keys = provider.getKeys(new String[] { subject }); if (keys != null && keys.length > 0) { return keys[0]; } } catch (Exception e) { throw new IOException(e); } throw new IOException("No key found for subject '" + subject + "'"); }
@Test public void testTestProvider() { Configuration conf = HBaseConfiguration.create(); conf.set(HConstants.CRYPTO_KEYPROVIDER_CONF_KEY, KeyProviderForTesting.class.getName()); KeyProvider provider = Encryption.getKeyProvider(conf); assertNotNull("Null returned for provider", provider); assertTrue("Provider is not the expected type", provider instanceof KeyProviderForTesting); Key key = provider.getKey("foo"); assertNotNull("Test provider did not return a key as expected", key); assertEquals("Test provider did not create a key for AES", "AES", key.getAlgorithm()); assertEquals("Test provider did not create a key of adequate length", AES.KEY_LENGTH, key.getEncoded().length); }
@Test public void testKeyStoreKeyProviderWithPassword() throws Exception { KeyProvider provider = new KeyStoreKeyProvider(); provider.init("jceks://" + storeFile.toURI().getPath() + "?password=" + PASSWORD); Key key = provider.getKey(ALIAS); assertNotNull(key); byte[] keyBytes = key.getEncoded(); assertEquals(keyBytes.length, KEY.length); for (int i = 0; i < KEY.length; i++) { assertEquals(keyBytes[i], KEY[i]); } }
public static KeyProvider getKeyProvider(Configuration conf) { String providerClassName = conf.get(HConstants.CRYPTO_KEYPROVIDER_CONF_KEY, KeyStoreKeyProvider.class.getName()); String providerParameters = conf.get(HConstants.CRYPTO_KEYPROVIDER_PARAMETERS_KEY, ""); try { Pair<String,String> providerCacheKey = new Pair<String,String>(providerClassName, providerParameters); KeyProvider provider = keyProviderCache.get(providerCacheKey); if (provider != null) { return provider; } provider = (KeyProvider) ReflectionUtils.newInstance( getClassLoaderForClass(KeyProvider.class).loadClass(providerClassName), conf); provider.init(providerParameters); if (LOG.isDebugEnabled()) { LOG.debug("Installed " + providerClassName + " into key provider cache"); } keyProviderCache.put(providerCacheKey, provider); return provider; } catch (Exception e) { throw new RuntimeException(e); } }
/** * Resolves a key for the given subject * @param subject * @param conf * @return a key for the given subject * @throws IOException if the key is not found */ public static Key getSecretKeyForSubject(String subject, Configuration conf) throws IOException { KeyProvider provider = getKeyProvider(conf); if (provider != null) try { Key[] keys = provider.getKeys(new String[] { subject }); if (keys != null && keys.length > 0) { return keys[0]; } } catch (Exception e) { throw new IOException(e); } throw new IOException("No key found for subject '" + subject + "'"); }
@Test public void testKeyStoreKeyProviderWithPasswordFile() throws Exception { KeyProvider provider = new KeyStoreKeyProvider(); provider.init("jceks://" + storeFile.toURI().getPath() + "?passwordFile=" + URLEncoder.encode(passwordFile.getAbsolutePath(), "UTF-8")); Key key = provider.getKey(ALIAS); assertNotNull(key); byte[] keyBytes = key.getEncoded(); assertEquals(keyBytes.length, KEY.length); for (int i = 0; i < KEY.length; i++) { assertEquals(keyBytes[i], KEY[i]); } } }
/** * Resolves a key for the given subject * @param subject * @param conf * @return a key for the given subject * @throws IOException if the key is not found */ public static Key getSecretKeyForSubject(String subject, Configuration conf) throws IOException { KeyProvider provider = (KeyProvider)getKeyProvider(conf); if (provider != null) try { Key[] keys = provider.getKeys(new String[] { subject }); if (keys != null && keys.length > 0) { return keys[0]; } } catch (Exception e) { throw new IOException(e); } throw new IOException("No key found for subject '" + subject + "'"); }
@Test public void testKeyStoreKeyProviderWithPassword() throws Exception { KeyProvider provider = new KeyStoreKeyProvider(); provider.init("jceks://" + storeFile.toURI().getPath() + "?password=" + PASSWORD); Key key = provider.getKey(ALIAS); assertNotNull(key); byte[] keyBytes = key.getEncoded(); assertEquals(keyBytes.length, KEY.length); for (int i = 0; i < KEY.length; i++) { assertEquals(keyBytes[i], KEY[i]); } }
@Test public void testKeyStoreKeyProviderWithPasswordFile() throws Exception { KeyProvider provider = new KeyStoreKeyProvider(); provider.init("jceks://" + storeFile.toURI().getPath() + "?passwordFile=" + URLEncoder.encode(passwordFile.getAbsolutePath(), "UTF-8")); Key key = provider.getKey(ALIAS); assertNotNull(key); byte[] keyBytes = key.getEncoded(); assertEquals(keyBytes.length, KEY.length); for (int i = 0; i < KEY.length; i++) { assertEquals(keyBytes[i], KEY[i]); } } }