org.apache.hadoop.crypto.Encryptor Java Examples

The following examples show how to use org.apache.hadoop.crypto.Encryptor. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: FanOutOneBlockAsyncDFSOutput.java    From hbase with Apache License 2.0 6 votes vote down vote up
FanOutOneBlockAsyncDFSOutput(Configuration conf,DistributedFileSystem dfs,
    DFSClient client, ClientProtocol namenode, String clientName, String src, long fileId,
    LocatedBlock locatedBlock, Encryptor encryptor, List<Channel> datanodeList,
    DataChecksum summer, ByteBufAllocator alloc) {
  this.conf = conf;
  this.dfs = dfs;
  this.client = client;
  this.namenode = namenode;
  this.fileId = fileId;
  this.clientName = clientName;
  this.src = src;
  this.block = locatedBlock.getBlock();
  this.locations = locatedBlock.getLocations();
  this.encryptor = encryptor;
  this.datanodeList = datanodeList;
  this.summer = summer;
  this.maxDataLen = MAX_DATA_LEN - (MAX_DATA_LEN % summer.getBytesPerChecksum());
  this.alloc = alloc;
  this.buf = alloc.directBuffer(sendBufSizePRedictor.initialSize());
  this.state = State.STREAMING;
  setupReceiver(conf.getInt(DFS_CLIENT_SOCKET_TIMEOUT_KEY, READ_TIMEOUT));
}
 
Example #2
Source File: KeyProviderCryptoExtension.java    From hadoop with Apache License 2.0 5 votes vote down vote up
@Override
public EncryptedKeyVersion generateEncryptedKey(String encryptionKeyName)
    throws IOException, GeneralSecurityException {
  // Fetch the encryption key
  KeyVersion encryptionKey = keyProvider.getCurrentKey(encryptionKeyName);
  Preconditions.checkNotNull(encryptionKey,
      "No KeyVersion exists for key '%s' ", encryptionKeyName);
  // Generate random bytes for new key and IV

  CryptoCodec cc = CryptoCodec.getInstance(keyProvider.getConf());
  final byte[] newKey = new byte[encryptionKey.getMaterial().length];
  cc.generateSecureRandom(newKey);
  final byte[] iv = new byte[cc.getCipherSuite().getAlgorithmBlockSize()];
  cc.generateSecureRandom(iv);
  // Encryption key IV is derived from new key's IV
  final byte[] encryptionIV = EncryptedKeyVersion.deriveIV(iv);
  Encryptor encryptor = cc.createEncryptor();
  encryptor.init(encryptionKey.getMaterial(), encryptionIV);
  int keyLen = newKey.length;
  ByteBuffer bbIn = ByteBuffer.allocateDirect(keyLen);
  ByteBuffer bbOut = ByteBuffer.allocateDirect(keyLen);
  bbIn.put(newKey);
  bbIn.flip();
  encryptor.encrypt(bbIn, bbOut);
  bbOut.flip();
  byte[] encryptedKey = new byte[keyLen];
  bbOut.get(encryptedKey);    
  return new EncryptedKeyVersion(encryptionKeyName,
      encryptionKey.getVersionName(), iv,
      new KeyVersion(encryptionKey.getName(), EEK, encryptedKey));
}
 
Example #3
Source File: KeyProviderCryptoExtension.java    From big-c with Apache License 2.0 5 votes vote down vote up
@Override
public EncryptedKeyVersion generateEncryptedKey(String encryptionKeyName)
    throws IOException, GeneralSecurityException {
  // Fetch the encryption key
  KeyVersion encryptionKey = keyProvider.getCurrentKey(encryptionKeyName);
  Preconditions.checkNotNull(encryptionKey,
      "No KeyVersion exists for key '%s' ", encryptionKeyName);
  // Generate random bytes for new key and IV

  CryptoCodec cc = CryptoCodec.getInstance(keyProvider.getConf());
  final byte[] newKey = new byte[encryptionKey.getMaterial().length];
  cc.generateSecureRandom(newKey);
  final byte[] iv = new byte[cc.getCipherSuite().getAlgorithmBlockSize()];
  cc.generateSecureRandom(iv);
  // Encryption key IV is derived from new key's IV
  final byte[] encryptionIV = EncryptedKeyVersion.deriveIV(iv);
  Encryptor encryptor = cc.createEncryptor();
  encryptor.init(encryptionKey.getMaterial(), encryptionIV);
  int keyLen = newKey.length;
  ByteBuffer bbIn = ByteBuffer.allocateDirect(keyLen);
  ByteBuffer bbOut = ByteBuffer.allocateDirect(keyLen);
  bbIn.put(newKey);
  bbIn.flip();
  encryptor.encrypt(bbIn, bbOut);
  bbOut.flip();
  byte[] encryptedKey = new byte[keyLen];
  bbOut.get(encryptedKey);    
  return new EncryptedKeyVersion(encryptionKeyName,
      encryptionKey.getVersionName(), iv,
      new KeyVersion(encryptionKey.getName(), EEK, encryptedKey));
}
 
Example #4
Source File: FanOutOneBlockAsyncDFSOutputSaslHelper.java    From hbase with Apache License 2.0 5 votes vote down vote up
static Encryptor createEncryptor(Configuration conf, HdfsFileStatus stat, DFSClient client)
    throws IOException {
  FileEncryptionInfo feInfo = stat.getFileEncryptionInfo();
  if (feInfo == null) {
    return null;
  }
  return TRANSPARENT_CRYPTO_HELPER.createEncryptor(conf, feInfo, client);
}
 
Example #5
Source File: FanOutOneBlockAsyncDFSOutputSaslHelper.java    From hbase with Apache License 2.0 4 votes vote down vote up
Encryptor createEncryptor(Configuration conf, FileEncryptionInfo feInfo, DFSClient client)
throws IOException;