@Override public void createKey(String keyName, int bitLength) throws IOException, NoSuchAlgorithmException { checkKeyProvider(); if (keyProvider.getMetadata(keyName) == null) { final KeyProvider.Options options = new Options(this.conf); options.setCipher(HDFS_SECURITY_DEFAULT_CIPHER); options.setBitLength(bitLength); keyProvider.createKey(keyName, options); keyProvider.flush(); } else { throw new IOException("key '" + keyName + "' already exists"); } }
@Test public void testMaterialGeneration() throws Exception { MyKeyProvider kp = new MyKeyProvider(new Configuration()); KeyProvider.Options options = new KeyProvider.Options(new Configuration()); options.setCipher(CIPHER); options.setBitLength(128); kp.createKey("hello", options); Assert.assertEquals(128, kp.size); Assert.assertEquals(CIPHER, kp.algorithm); Assert.assertNotNull(kp.material); kp = new MyKeyProvider(new Configuration()); kp.rollNewVersion("hello"); Assert.assertEquals(128, kp.size); Assert.assertEquals(CIPHER, kp.algorithm); Assert.assertNotNull(kp.material); }
@Test public void testMaterialGeneration() throws Exception { MyKeyProvider kp = new MyKeyProvider(new Configuration()); KeyProvider.Options options = new KeyProvider.Options(new Configuration()); options.setCipher(CIPHER); options.setBitLength(128); kp.createKey("hello", options); Assert.assertEquals(128, kp.size); Assert.assertEquals(CIPHER, kp.algorithm); Assert.assertNotNull(kp.material); kp = new MyKeyProvider(new Configuration()); kp.rollNewVersion("hello"); Assert.assertEquals(128, kp.size); Assert.assertEquals(CIPHER, kp.algorithm); Assert.assertNotNull(kp.material); }
@Test public void testLoadBalancingWithAllBadNodes() throws Exception { Configuration conf = new Configuration(); KMSClientProvider p1 = mock(KMSClientProvider.class); when(p1.createKey(Mockito.anyString(), Mockito.any(Options.class))) .thenThrow(new IOException("p1")); KMSClientProvider p2 = mock(KMSClientProvider.class); when(p2.createKey(Mockito.anyString(), Mockito.any(Options.class))) .thenThrow(new IOException("p2")); KMSClientProvider p3 = mock(KMSClientProvider.class); when(p3.createKey(Mockito.anyString(), Mockito.any(Options.class))) .thenThrow(new IOException("p3")); KMSClientProvider p4 = mock(KMSClientProvider.class); when(p4.createKey(Mockito.anyString(), Mockito.any(Options.class))) .thenThrow(new IOException("p4")); when(p1.getKMSUrl()).thenReturn("p1"); when(p2.getKMSUrl()).thenReturn("p2"); when(p3.getKMSUrl()).thenReturn("p3"); when(p4.getKMSUrl()).thenReturn("p4"); KeyProvider kp = new LoadBalancingKMSClientProvider( new KMSClientProvider[] { p1, p2, p3, p4 }, 0, conf); try { kp.createKey("test3", new Options(conf)).getName(); fail("Should fail since all providers threw an IOException"); } catch (Exception e) { assertTrue(e instanceof IOException); } } }
@Test public void testLoadBalancing() throws Exception { Configuration conf = new Configuration(); KMSClientProvider p1 = mock(KMSClientProvider.class); when(p1.createKey(Mockito.anyString(), Mockito.any(Options.class))) .thenReturn( new KMSClientProvider.KMSKeyVersion("p1", "v1", new byte[0])); KMSClientProvider p2 = mock(KMSClientProvider.class); when(p2.createKey(Mockito.anyString(), Mockito.any(Options.class))) .thenReturn( new KMSClientProvider.KMSKeyVersion("p2", "v2", new byte[0])); KMSClientProvider p3 = mock(KMSClientProvider.class); when(p3.createKey(Mockito.anyString(), Mockito.any(Options.class))) .thenReturn( new KMSClientProvider.KMSKeyVersion("p3", "v3", new byte[0])); KeyProvider kp = new LoadBalancingKMSClientProvider( new KMSClientProvider[] { p1, p2, p3 }, 0, conf); assertEquals("p1", kp.createKey("test1", new Options(conf)).getName()); assertEquals("p2", kp.createKey("test2", new Options(conf)).getName()); assertEquals("p3", kp.createKey("test3", new Options(conf)).getName()); assertEquals("p1", kp.createKey("test4", new Options(conf)).getName()); }
@Override public Void call() throws Exception { Configuration conf = new Configuration(); URI uri = createKMSUri(getKMSUrl()); KeyProvider kp = createProvider(uri, conf); Assert.assertTrue(kp.getKeys().isEmpty()); Assert.assertEquals(0, kp.getKeysMetadata().length); KeyProvider.Options options = new KeyProvider.Options(conf); options.setCipher("AES/CTR/NoPadding"); options.setBitLength(128); options.setDescription("l1"); LOG.info("Creating key with name '{}'", specialKey); KeyProvider.KeyVersion kv0 = kp.createKey(specialKey, options); Assert.assertNotNull(kv0); Assert.assertEquals(specialKey, kv0.getName()); Assert.assertNotNull(kv0.getVersionName()); Assert.assertNotNull(kv0.getMaterial()); return null; } });
@Test public void testLoadBalancing() throws Exception { Configuration conf = new Configuration(); KMSClientProvider p1 = mock(KMSClientProvider.class); when(p1.createKey(Mockito.anyString(), Mockito.any(Options.class))) .thenReturn( new KMSClientProvider.KMSKeyVersion("p1", "v1", new byte[0])); KMSClientProvider p2 = mock(KMSClientProvider.class); when(p2.createKey(Mockito.anyString(), Mockito.any(Options.class))) .thenReturn( new KMSClientProvider.KMSKeyVersion("p2", "v2", new byte[0])); KMSClientProvider p3 = mock(KMSClientProvider.class); when(p3.createKey(Mockito.anyString(), Mockito.any(Options.class))) .thenReturn( new KMSClientProvider.KMSKeyVersion("p3", "v3", new byte[0])); KeyProvider kp = new LoadBalancingKMSClientProvider( new KMSClientProvider[] { p1, p2, p3 }, 0, conf); assertEquals("p1", kp.createKey("test1", new Options(conf)).getName()); assertEquals("p2", kp.createKey("test2", new Options(conf)).getName()); assertEquals("p3", kp.createKey("test3", new Options(conf)).getName()); assertEquals("p1", kp.createKey("test4", new Options(conf)).getName()); }
@Override public void createKey(String keyName, int bitLength) throws IOException, NoSuchAlgorithmException { checkKeyProvider(); if (keyProvider.getMetadata(keyName) == null) { final KeyProvider.Options options = new Options(this.conf); options.setCipher(HDFS_SECURITY_DEFAULT_CIPHER); options.setBitLength(bitLength); keyProvider.createKey(keyName, options); keyProvider.flush(); } else { throw new IOException("key '" + keyName + "' already exists"); } }
@Override public void createKey(String keyName, int bitLength) throws IOException, NoSuchAlgorithmException { checkKeyProvider(); if (keyProvider.getMetadata(keyName) == null) { final KeyProvider.Options options = new Options(this.conf); options.setCipher(HDFS_SECURITY_DEFAULT_CIPHER); options.setBitLength(bitLength); keyProvider.createKey(keyName, options); keyProvider.flush(); } else { throw new IOException("key '" + keyName + "' already exists"); } }
@Override public void createKey(String keyName, int bitLength) throws IOException, NoSuchAlgorithmException { checkKeyProvider(); if (keyProvider.getMetadata(keyName) == null) { final KeyProvider.Options options = new Options(this.conf); options.setCipher(HDFS_SECURITY_DEFAULT_CIPHER); options.setBitLength(bitLength); keyProvider.createKey(keyName, options); keyProvider.flush(); } else { throw new IOException("key '" + keyName + "' already exists"); } }
@Override public void createKey(String keyName, int bitLength) throws IOException, NoSuchAlgorithmException { checkKeyProvider(); if (keyProvider.getMetadata(keyName) == null) { final KeyProvider.Options options = new Options(this.conf); options.setCipher(HDFS_SECURITY_DEFAULT_CIPHER); options.setBitLength(bitLength); keyProvider.createKey(keyName, options); keyProvider.flush(); } else { throw new IOException("key '" + keyName + "' already exists"); } }
private static KeyProvider.Options newOptions(Configuration conf) { KeyProvider.Options options = new KeyProvider.Options(conf); options.setCipher(CIPHER); options.setBitLength(128); return options; }
@BeforeClass public static void setup() throws Exception { conf = new Configuration(); kp = new UserProvider.Factory().createProvider(new URI("user:///"), conf); kpExt = KeyProviderCryptoExtension.createKeyProviderCryptoExtension(kp); options = new KeyProvider.Options(conf); options.setCipher(CIPHER); options.setBitLength(128); encryptionKey = kp.createKey(ENCRYPTION_KEY_NAME, SecureRandom.getSeed(16), options); }
/** * A helper function to create an options object. * @param conf the configuration to use * @return a new options object */ public static Options options(Configuration conf) { return new Options(conf); }
@BeforeClass public static void setup() throws Exception { conf = new Configuration(); kp = new UserProvider.Factory().createProvider(new URI("user:///"), conf); kpExt = KeyProviderCryptoExtension.createKeyProviderCryptoExtension(kp); options = new KeyProvider.Options(conf); options.setCipher(CIPHER); options.setBitLength(128); encryptionKey = kp.createKey(ENCRYPTION_KEY_NAME, SecureRandom.getSeed(16), options); }
private static KeyProvider.Options newOptions(Configuration conf) { KeyProvider.Options options = new KeyProvider.Options(conf); options.setCipher(CIPHER); options.setBitLength(128); return options; }
/** * A helper function to create an options object. * @param conf the configuration to use * @return a new options object */ public static Options options(Configuration conf) { return new Options(conf); }
/** * A helper function to create an options object. * @param conf the configuration to use * @return a new options object */ public static Options options(Configuration conf) { return new Options(conf); }
/** * A helper function to create an options object. * @param conf the configuration to use * @return a new options object */ public static Options options(Configuration conf) { return new Options(conf); }
/** * A helper function to create an options object. * @param conf the configuration to use * @return a new options object */ public static Options options(Configuration conf) { return new Options(conf); }