@Override public HadoopShims.HdfsEncryptionShim createHdfsEncryptionShim(FileSystem fs, Configuration conf) throws IOException { if (isHdfsEncryptionSupported()) { URI uri = fs.getUri(); if ("hdfs".equals(uri.getScheme())) { return new HdfsEncryptionShim(uri, conf); } } return new HadoopShims.NoopHdfsEncryptionShim(); }
@Override public void createKey(String keyName, int bitLength) throws IOException, NoSuchAlgorithmException { checkKeyProvider(); if (keyProvider.getMetadata(keyName) == null) { final KeyProvider.Options options = new Options(this.conf); options.setCipher(HDFS_SECURITY_DEFAULT_CIPHER); options.setBitLength(bitLength); keyProvider.createKey(keyName, options); keyProvider.flush(); } else { throw new IOException("key '" + keyName + "' already exists"); } }
@Override public boolean arePathsOnSameEncryptionZone(Path path1, Path path2, HadoopShims.HdfsEncryptionShim encryptionShim2) throws IOException { if (!(encryptionShim2 instanceof Hadoop23Shims.HdfsEncryptionShim)) { LOG.warn("EncryptionShim for path2 (" + path2 + ") is of unexpected type: " + encryptionShim2.getClass() + ". Assuming path2 is on the same EncryptionZone as path1(" + path1 + ")."); return true; } return equivalentEncryptionZones(hdfsAdmin.getEncryptionZoneForPath(path1), ((HdfsEncryptionShim)encryptionShim2).hdfsAdmin.getEncryptionZoneForPath(path2)); }
/** * Compares two encryption key strengths. * * @param path1 First path to compare * @param path2 Second path to compare * @return 1 if path1 is stronger; 0 if paths are equals; -1 if path1 is weaker. * @throws IOException If an error occurred attempting to get key metadata */ @Override public int comparePathKeyStrength(Path path1, Path path2) throws IOException { EncryptionZone zone1, zone2; zone1 = getEncryptionZoneForPath(path1); zone2 = getEncryptionZoneForPath(path2); if (zone1 == null && zone2 == null) { return 0; } else if (zone1 == null) { return -1; } else if (zone2 == null) { return 1; } return compareKeyStrength(zone1, zone2); }
@Override public void createKey(String keyName, int bitLength) throws IOException, NoSuchAlgorithmException { checkKeyProvider(); if (keyProvider.getMetadata(keyName) == null) { final KeyProvider.Options options = new Options(this.conf); options.setCipher(HDFS_SECURITY_DEFAULT_CIPHER); options.setBitLength(bitLength); keyProvider.createKey(keyName, options); keyProvider.flush(); } else { throw new IOException("key '" + keyName + "' already exists"); } }
@Override public void createKey(String keyName, int bitLength) throws IOException, NoSuchAlgorithmException { checkKeyProvider(); if (keyProvider.getMetadata(keyName) == null) { final KeyProvider.Options options = new Options(this.conf); options.setCipher(HDFS_SECURITY_DEFAULT_CIPHER); options.setBitLength(bitLength); keyProvider.createKey(keyName, options); keyProvider.flush(); } else { throw new IOException("key '" + keyName + "' already exists"); } }
@Override public int comparePathKeyStrength(Path path1, Path path2) throws IOException { EncryptionZone zone1, zone2; zone1 = hdfsAdmin.getEncryptionZoneForPath(path1); zone2 = hdfsAdmin.getEncryptionZoneForPath(path2); if (zone1 == null && zone2 == null) { return 0; } else if (zone1 == null) { return -1; } else if (zone2 == null) { return 1; } return compareKeyStrength(zone1.getKeyName(), zone2.getKeyName()); }
@Override public void createKey(String keyName, int bitLength) throws IOException, NoSuchAlgorithmException { checkKeyProvider(); if (keyProvider.getMetadata(keyName) == null) { final KeyProvider.Options options = new Options(this.conf); options.setCipher(HDFS_SECURITY_DEFAULT_CIPHER); options.setBitLength(bitLength); keyProvider.createKey(keyName, options); keyProvider.flush(); } else { throw new IOException("key '" + keyName + "' already exists"); } }
@Override public int comparePathKeyStrength(Path path1, Path path2) throws IOException { EncryptionZone zone1, zone2; zone1 = hdfsAdmin.getEncryptionZoneForPath(path1); zone2 = hdfsAdmin.getEncryptionZoneForPath(path2); if (zone1 == null && zone2 == null) { return 0; } else if (zone1 == null) { return -1; } else if (zone2 == null) { return 1; } return compareKeyStrength(zone1.getKeyName(), zone2.getKeyName()); }
@Override public int comparePathKeyStrength(Path path1, Path path2) throws IOException { EncryptionZone zone1, zone2; zone1 = hdfsAdmin.getEncryptionZoneForPath(path1); zone2 = hdfsAdmin.getEncryptionZoneForPath(path2); if (zone1 == null && zone2 == null) { return 0; } else if (zone1 == null) { return -1; } else if (zone2 == null) { return 1; } return compareKeyStrength(zone1.getKeyName(), zone2.getKeyName()); }
@Override public void createKey(String keyName, int bitLength) throws IOException, NoSuchAlgorithmException { checkKeyProvider(); if (keyProvider.getMetadata(keyName) == null) { final KeyProvider.Options options = new Options(this.conf); options.setCipher(HDFS_SECURITY_DEFAULT_CIPHER); options.setBitLength(bitLength); keyProvider.createKey(keyName, options); keyProvider.flush(); } else { throw new IOException("key '" + keyName + "' already exists"); } }
@Override public boolean isPathEncrypted(Path path) throws IOException { Path fullPath; if (path.isAbsolute()) { fullPath = path; } else { fullPath = path.getFileSystem(conf).makeQualified(path); } if(!"hdfs".equalsIgnoreCase(path.toUri().getScheme())) { return false; } return (getEncryptionZoneForPath(fullPath) != null); }
@Override public void deleteKey(String keyName) throws IOException { checkKeyProvider(); if (keyProvider.getMetadata(keyName) != null) { keyProvider.deleteKey(keyName); keyProvider.flush(); } else { throw new IOException("key '" + keyName + "' does not exist."); } }
@Override public void deleteKey(String keyName) throws IOException { checkKeyProvider(); if (keyProvider.getMetadata(keyName) != null) { keyProvider.deleteKey(keyName); keyProvider.flush(); } else { throw new IOException("key '" + keyName + "' does not exist."); } }
@Override public void deleteKey(String keyName) throws IOException { checkKeyProvider(); if (keyProvider.getMetadata(keyName) != null) { keyProvider.deleteKey(keyName); keyProvider.flush(); } else { throw new IOException("key '" + keyName + "' does not exist."); } }
@Override public HadoopShims.HdfsEncryptionShim createHdfsEncryptionShim(FileSystem fs, Configuration conf) throws IOException { if (isHdfsEncryptionSupported()) { URI uri = fs.getUri(); if ("hdfs".equals(uri.getScheme())) { return new HdfsEncryptionShim(uri, conf); } } return new HadoopShims.NoopHdfsEncryptionShim(); }
@Override public List<String> getKeys() throws IOException { checkKeyProvider(); return keyProvider.getKeys(); }
@Override public HadoopShims.HdfsEncryptionShim createHdfsEncryptionShim(FileSystem fs, Configuration conf) throws IOException { if (isHdfsEncryptionSupported()) { URI uri = fs.getUri(); if ("hdfs".equals(uri.getScheme())) { return new HdfsEncryptionShim(uri, conf); } } return new HadoopShims.NoopHdfsEncryptionShim(); }
@Override public HadoopShims.HdfsEncryptionShim createHdfsEncryptionShim(FileSystem fs, Configuration conf) throws IOException { if (isHdfsEncryptionSupported()) { URI uri = fs.getUri(); if ("hdfs".equals(uri.getScheme())) { return new HdfsEncryptionShim(uri, conf); } } return new HadoopShims.NoopHdfsEncryptionShim(); }
@Override public void deleteKey(String keyName) throws IOException { checkKeyProvider(); if (keyProvider.getMetadata(keyName) != null) { keyProvider.deleteKey(keyName); keyProvider.flush(); } else { throw new IOException("key '" + keyName + "' does not exist."); } }