/** * Check that the configured key provider can be loaded and initialized, or * throw an exception. * * @param conf * @throws IOException */ public static void testKeyProvider(final Configuration conf) throws IOException { String providerClassName = conf.get(HConstants.CRYPTO_KEYPROVIDER_CONF_KEY, KeyStoreKeyProvider.class.getName()); Boolean result = keyProviderResults.get(providerClassName); if (result == null) { try { Encryption.getKeyProvider(conf); keyProviderResults.put(providerClassName, true); } catch (Exception e) { // most likely a RuntimeException keyProviderResults.put(providerClassName, false); throw new IOException("Key provider " + providerClassName + " failed test: " + e.getMessage(), e); } } else if (result.booleanValue() == false) { throw new IOException("Key provider " + providerClassName + " previously failed test"); } }
/** * Resolves a key for the given subject * @param subject * @param conf * @return a key for the given subject * @throws IOException if the key is not found */ public static Key getSecretKeyForSubject(String subject, Configuration conf) throws IOException { KeyProvider provider = getKeyProvider(conf); if (provider != null) try { Key[] keys = provider.getKeys(new String[] { subject }); if (keys != null && keys.length > 0) { return keys[0]; } } catch (Exception e) { throw new IOException(e); } throw new IOException("No key found for subject '" + subject + "'"); }
@Test public void testTestProvider() { Configuration conf = HBaseConfiguration.create(); conf.set(HConstants.CRYPTO_KEYPROVIDER_CONF_KEY, KeyProviderForTesting.class.getName()); KeyProvider provider = Encryption.getKeyProvider(conf); assertNotNull("Null returned for provider", provider); assertTrue("Provider is not the expected type", provider instanceof KeyProviderForTesting); Key key = provider.getKey("foo"); assertNotNull("Test provider did not return a key as expected", key); assertEquals("Test provider did not create a key for AES", "AES", key.getAlgorithm()); assertEquals("Test provider did not create a key of adequate length", AES.KEY_LENGTH, key.getEncoded().length); }
/** * Resolves a key for the given subject * @param subject * @param conf * @return a key for the given subject * @throws IOException if the key is not found */ public static Key getSecretKeyForSubject(String subject, Configuration conf) throws IOException { KeyProvider provider = getKeyProvider(conf); if (provider != null) try { Key[] keys = provider.getKeys(new String[] { subject }); if (keys != null && keys.length > 0) { return keys[0]; } } catch (Exception e) { throw new IOException(e); } throw new IOException("No key found for subject '" + subject + "'"); }
/** * Resolves a key for the given subject * @param subject * @param conf * @return a key for the given subject * @throws IOException if the key is not found */ public static Key getSecretKeyForSubject(String subject, Configuration conf) throws IOException { KeyProvider provider = getKeyProvider(conf); if (provider != null) try { Key[] keys = provider.getKeys(new String[] { subject }); if (keys != null && keys.length > 0) { return keys[0]; } } catch (Exception e) { throw new IOException(e); } throw new IOException("No key found for subject '" + subject + "'"); }
/** * Check that the configured key provider can be loaded and initialized, or * throw an exception. * * @param conf * @throws IOException */ public static void testKeyProvider(final Configuration conf) throws IOException { String providerClassName = conf.get(HConstants.CRYPTO_KEYPROVIDER_CONF_KEY, KeyStoreKeyProvider.class.getName()); Boolean result = keyProviderResults.get(providerClassName); if (result == null) { try { Encryption.getKeyProvider(conf); keyProviderResults.put(providerClassName, true); } catch (Exception e) { // most likely a RuntimeException keyProviderResults.put(providerClassName, false); throw new IOException("Key provider " + providerClassName + " failed test: " + e.getMessage(), e); } } else if (result.booleanValue() == false) { throw new IOException("Key provider " + providerClassName + " previously failed test"); } }
/** * Resolves a key for the given subject * @param subject * @param conf * @return a key for the given subject * @throws IOException if the key is not found */ public static Key getSecretKeyForSubject(String subject, Configuration conf) throws IOException { KeyProvider provider = (KeyProvider)getKeyProvider(conf); if (provider != null) try { Key[] keys = provider.getKeys(new String[] { subject }); if (keys != null && keys.length > 0) { return keys[0]; } } catch (Exception e) { throw new IOException(e); } throw new IOException("No key found for subject '" + subject + "'"); }
@Test public void testTestProvider() { Configuration conf = HBaseConfiguration.create(); conf.set(HConstants.CRYPTO_KEYPROVIDER_CONF_KEY, KeyProviderForTesting.class.getName()); KeyProvider provider = Encryption.getKeyProvider(conf); assertNotNull("Null returned for provider", provider); assertTrue("Provider is not the expected type", provider instanceof KeyProviderForTesting); Key key = provider.getKey("foo"); assertNotNull("Test provider did not return a key as expected", key); assertEquals("Test provider did not create a key for AES", "AES", key.getAlgorithm()); assertEquals("Test provider did not create a key of adequate length", AES.KEY_LENGTH, key.getEncoded().length); }
@Test public void testTestProvider() { Configuration conf = HBaseConfiguration.create(); conf.set(HConstants.CRYPTO_KEYPROVIDER_CONF_KEY, KeyProviderForTesting.class.getName()); KeyProvider provider = Encryption.getKeyProvider(conf); assertNotNull("Null returned for provider", provider); assertTrue("Provider is not the expected type", provider instanceof KeyProviderForTesting); Key key = provider.getKey("foo"); assertNotNull("Test provider did not return a key as expected", key); assertEquals("Test provider did not create a key for AES", "AES", key.getAlgorithm()); assertEquals("Test provider did not create a key of adequate length", AES.KEY_LENGTH, key.getEncoded().length); }