org.apache.hadoop.crypto.CipherSuite Java Examples

The following examples show how to use org.apache.hadoop.crypto.CipherSuite. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: ProxiedDFSClient.java    From spliceengine with GNU Affero General Public License v3.0 6 votes vote down vote up
/**
 * O
 * btain a CryptoCodec based on the CipherSuite set in a FileEncryptionInfo
 * and the available CryptoCodecs configured in the Configuration.
 *
 * @param conf   Configuration
 * @param feInfo FileEncryptionInfo
 * @return CryptoCodec
 * @throws IOException if no suitable CryptoCodec for the CipherSuite is
 *                     available.
 */
private static CryptoCodec getCryptoCodec(Configuration conf,
                                          FileEncryptionInfo feInfo) throws IOException {
    final CipherSuite suite = feInfo.getCipherSuite();
    if (suite.equals(CipherSuite.UNKNOWN)) {
        throw new IOException("NameNode specified unknown CipherSuite with ID "
                + suite.getUnknownValue() + ", cannot instantiate CryptoCodec.");
    }
    final CryptoCodec codec = CryptoCodec.getInstance(conf, suite);
    if (codec == null) {
        throw new UnknownCipherSuiteException(
                "No configuration found for the cipher suite "
                        + suite.getConfigSuffix() + " prefixed with "
                        + HADOOP_SECURITY_CRYPTO_CODEC_CLASSES_KEY_PREFIX
                        + ". Please see the example configuration "
                        + "hadoop.security.crypto.codec.classes.EXAMPLECIPHERSUITE "
                        + "at core-default.xml for details.");
    }
    return codec;
}
 
Example #2
Source File: FileEncryptionInfo.java    From big-c with Apache License 2.0 6 votes vote down vote up
/**
 * Create a FileEncryptionInfo.
 *
 * @param suite CipherSuite used to encrypt the file
 * @param edek encrypted data encryption key (EDEK) of the file
 * @param iv initialization vector (IV) used to encrypt the file
 * @param keyName name of the key used for the encryption zone
 * @param ezKeyVersionName name of the KeyVersion used to encrypt the
 *                         encrypted data encryption key.
 */
public FileEncryptionInfo(final CipherSuite suite,
    final CryptoProtocolVersion version, final byte[] edek,
    final byte[] iv, final String keyName, final String ezKeyVersionName) {
  checkNotNull(suite);
  checkNotNull(version);
  checkNotNull(edek);
  checkNotNull(iv);
  checkNotNull(keyName);
  checkNotNull(ezKeyVersionName);
  checkArgument(iv.length == suite.getAlgorithmBlockSize(),
      "Unexpected IV length");
  this.cipherSuite = suite;
  this.version = version;
  this.edek = edek;
  this.iv = iv;
  this.keyName = keyName;
  this.ezKeyVersionName = ezKeyVersionName;
}
 
Example #3
Source File: TestEncryptionZones.java    From big-c with Apache License 2.0 6 votes vote down vote up
@SuppressWarnings("unchecked")
private static void mockCreate(ClientProtocol mcp,
    CipherSuite suite, CryptoProtocolVersion version) throws Exception {
  Mockito.doReturn(
      new HdfsFileStatus(0, false, 1, 1024, 0, 0, new FsPermission(
          (short) 777), "owner", "group", new byte[0], new byte[0],
          1010, 0, new FileEncryptionInfo(suite,
          version, new byte[suite.getAlgorithmBlockSize()],
          new byte[suite.getAlgorithmBlockSize()],
          "fakeKey", "fakeVersion"),
          (byte) 0))
      .when(mcp)
      .create(anyString(), (FsPermission) anyObject(), anyString(),
          (EnumSetWritable<CreateFlag>) anyObject(), anyBoolean(),
          anyShort(), anyLong(), (CryptoProtocolVersion[]) anyObject());
}
 
Example #4
Source File: PBHelper.java    From hadoop with Apache License 2.0 6 votes vote down vote up
public static CipherOption convert(CipherOptionProto proto) {
  if (proto != null) {
    CipherSuite suite = null;
    if (proto.getSuite() != null) {
      suite = convert(proto.getSuite());
    }
    byte[] inKey = null;
    if (proto.getInKey() != null) {
      inKey = proto.getInKey().toByteArray();
    }
    byte[] inIv = null;
    if (proto.getInIv() != null) {
      inIv = proto.getInIv().toByteArray();
    }
    byte[] outKey = null;
    if (proto.getOutKey() != null) {
      outKey = proto.getOutKey().toByteArray();
    }
    byte[] outIv = null;
    if (proto.getOutIv() != null) {
      outIv = proto.getOutIv().toByteArray();
    }
    return new CipherOption(suite, inKey, inIv, outKey, outIv);
  }
  return null;
}
 
Example #5
Source File: OzoneKMSUtil.java    From hadoop-ozone with Apache License 2.0 6 votes vote down vote up
public static CryptoCodec getCryptoCodec(ConfigurationSource conf,
    FileEncryptionInfo feInfo) throws IOException {
  CipherSuite suite = feInfo.getCipherSuite();
  if (suite.equals(CipherSuite.UNKNOWN)) {
    throw new IOException("NameNode specified unknown CipherSuite with ID " +
            suite.getUnknownValue() + ", cannot instantiate CryptoCodec.");
  } else {
    Configuration hadoopConfig =
        LegacyHadoopConfigurationSource.asHadoopConfiguration(conf);
    CryptoCodec codec = CryptoCodec.getInstance(hadoopConfig, suite);
    if (codec == null) {
      throw new OMException("No configuration found for the cipher suite " +
              suite.getConfigSuffix() + " prefixed with " +
              "hadoop.security.crypto.codec.classes. Please see the" +
              " example configuration hadoop.security.crypto.codec.classes." +
              "EXAMPLE CIPHER SUITE at core-default.xml for details.",
              OMException.ResultCodes.UNKNOWN_CIPHER_SUITE);
    } else {
      return codec;
    }
  }
}
 
Example #6
Source File: TestEncryptionZones.java    From hadoop with Apache License 2.0 6 votes vote down vote up
@SuppressWarnings("unchecked")
private static void mockCreate(ClientProtocol mcp,
    CipherSuite suite, CryptoProtocolVersion version) throws Exception {
  Mockito.doReturn(
      new HdfsFileStatus(0, false, 1, 1024, 0, 0, new FsPermission(
          (short) 777), "owner", "group", new byte[0], new byte[0],
          1010, 0, new FileEncryptionInfo(suite,
          version, new byte[suite.getAlgorithmBlockSize()],
          new byte[suite.getAlgorithmBlockSize()],
          "fakeKey", "fakeVersion"),
          (byte) 0))
      .when(mcp)
      .create(anyString(), (FsPermission) anyObject(), anyString(),
          (EnumSetWritable<CreateFlag>) anyObject(), anyBoolean(),
          anyShort(), anyLong(), (CryptoProtocolVersion[]) anyObject());
}
 
Example #7
Source File: FileEncryptionInfo.java    From hadoop with Apache License 2.0 6 votes vote down vote up
/**
 * Create a FileEncryptionInfo.
 *
 * @param suite CipherSuite used to encrypt the file
 * @param edek encrypted data encryption key (EDEK) of the file
 * @param iv initialization vector (IV) used to encrypt the file
 * @param keyName name of the key used for the encryption zone
 * @param ezKeyVersionName name of the KeyVersion used to encrypt the
 *                         encrypted data encryption key.
 */
public FileEncryptionInfo(final CipherSuite suite,
    final CryptoProtocolVersion version, final byte[] edek,
    final byte[] iv, final String keyName, final String ezKeyVersionName) {
  checkNotNull(suite);
  checkNotNull(version);
  checkNotNull(edek);
  checkNotNull(iv);
  checkNotNull(keyName);
  checkNotNull(ezKeyVersionName);
  checkArgument(iv.length == suite.getAlgorithmBlockSize(),
      "Unexpected IV length");
  this.cipherSuite = suite;
  this.version = version;
  this.edek = edek;
  this.iv = iv;
  this.keyName = keyName;
  this.ezKeyVersionName = ezKeyVersionName;
}
 
Example #8
Source File: PBHelper.java    From big-c with Apache License 2.0 6 votes vote down vote up
public static CipherOption convert(CipherOptionProto proto) {
  if (proto != null) {
    CipherSuite suite = null;
    if (proto.getSuite() != null) {
      suite = convert(proto.getSuite());
    }
    byte[] inKey = null;
    if (proto.getInKey() != null) {
      inKey = proto.getInKey().toByteArray();
    }
    byte[] inIv = null;
    if (proto.getInIv() != null) {
      inIv = proto.getInIv().toByteArray();
    }
    byte[] outKey = null;
    if (proto.getOutKey() != null) {
      outKey = proto.getOutKey().toByteArray();
    }
    byte[] outIv = null;
    if (proto.getOutIv() != null) {
      outIv = proto.getOutIv().toByteArray();
    }
    return new CipherOption(suite, inKey, inIv, outKey, outIv);
  }
  return null;
}
 
Example #9
Source File: DFSClient.java    From big-c with Apache License 2.0 6 votes vote down vote up
/**
 * Obtain a CryptoCodec based on the CipherSuite set in a FileEncryptionInfo
 * and the available CryptoCodecs configured in the Configuration.
 *
 * @param conf   Configuration
 * @param feInfo FileEncryptionInfo
 * @return CryptoCodec
 * @throws IOException if no suitable CryptoCodec for the CipherSuite is
 *                     available.
 */
private static CryptoCodec getCryptoCodec(Configuration conf,
    FileEncryptionInfo feInfo) throws IOException {
  final CipherSuite suite = feInfo.getCipherSuite();
  if (suite.equals(CipherSuite.UNKNOWN)) {
    throw new IOException("NameNode specified unknown CipherSuite with ID "
        + suite.getUnknownValue() + ", cannot instantiate CryptoCodec.");
  }
  final CryptoCodec codec = CryptoCodec.getInstance(conf, suite);
  if (codec == null) {
    throw new UnknownCipherSuiteException(
        "No configuration found for the cipher suite "
        + suite.getConfigSuffix() + " prefixed with "
        + HADOOP_SECURITY_CRYPTO_CODEC_CLASSES_KEY_PREFIX
        + ". Please see the example configuration "
        + "hadoop.security.crypto.codec.classes.EXAMPLECIPHERSUITE "
        + "at core-default.xml for details.");
  }
  return codec;
}
 
Example #10
Source File: DFSClient.java    From hadoop with Apache License 2.0 6 votes vote down vote up
/**
 * Obtain a CryptoCodec based on the CipherSuite set in a FileEncryptionInfo
 * and the available CryptoCodecs configured in the Configuration.
 *
 * @param conf   Configuration
 * @param feInfo FileEncryptionInfo
 * @return CryptoCodec
 * @throws IOException if no suitable CryptoCodec for the CipherSuite is
 *                     available.
 */
private static CryptoCodec getCryptoCodec(Configuration conf,
    FileEncryptionInfo feInfo) throws IOException {
  final CipherSuite suite = feInfo.getCipherSuite();
  if (suite.equals(CipherSuite.UNKNOWN)) {
    throw new IOException("NameNode specified unknown CipherSuite with ID "
        + suite.getUnknownValue() + ", cannot instantiate CryptoCodec.");
  }
  final CryptoCodec codec = CryptoCodec.getInstance(conf, suite);
  if (codec == null) {
    throw new UnknownCipherSuiteException(
        "No configuration found for the cipher suite "
        + suite.getConfigSuffix() + " prefixed with "
        + HADOOP_SECURITY_CRYPTO_CODEC_CLASSES_KEY_PREFIX
        + ". Please see the example configuration "
        + "hadoop.security.crypto.codec.classes.EXAMPLECIPHERSUITE "
        + "at core-default.xml for details.");
  }
  return codec;
}
 
Example #11
Source File: PBHelper.java    From hadoop with Apache License 2.0 5 votes vote down vote up
public static HdfsProtos.ZoneEncryptionInfoProto convert(
    CipherSuite suite, CryptoProtocolVersion version, String keyName) {
  if (suite == null || version == null || keyName == null) {
    return null;
  }
  return HdfsProtos.ZoneEncryptionInfoProto.newBuilder()
      .setSuite(convert(suite))
      .setCryptoProtocolVersion(convert(version))
      .setKeyName(keyName)
      .build();
}
 
Example #12
Source File: PBHelper.java    From hadoop with Apache License 2.0 5 votes vote down vote up
public static FileEncryptionInfo convert(
    HdfsProtos.PerFileEncryptionInfoProto fileProto,
    CipherSuite suite, CryptoProtocolVersion version, String keyName) {
  if (fileProto == null || suite == null || version == null ||
      keyName == null) {
    return null;
  }
  byte[] key = fileProto.getKey().toByteArray();
  byte[] iv = fileProto.getIv().toByteArray();
  String ezKeyVersionName = fileProto.getEzKeyVersionName();
  return new FileEncryptionInfo(suite, version, key, iv, keyName,
      ezKeyVersionName);
}
 
Example #13
Source File: PBHelper.java    From hadoop with Apache License 2.0 5 votes vote down vote up
public static FileEncryptionInfo convert(
    HdfsProtos.FileEncryptionInfoProto proto) {
  if (proto == null) {
    return null;
  }
  CipherSuite suite = convert(proto.getSuite());
  CryptoProtocolVersion version = convert(proto.getCryptoProtocolVersion());
  byte[] key = proto.getKey().toByteArray();
  byte[] iv = proto.getIv().toByteArray();
  String ezKeyVersionName = proto.getEzKeyVersionName();
  String keyName = proto.getKeyName();
  return new FileEncryptionInfo(suite, version, key, iv, keyName,
      ezKeyVersionName);
}
 
Example #14
Source File: DataTransferSaslUtil.java    From big-c with Apache License 2.0 5 votes vote down vote up
/**
 * Negotiate a cipher option which server supports.
 * 
 * @param conf the configuration
 * @param options the cipher options which client supports
 * @return CipherOption negotiated cipher option
 */
public static CipherOption negotiateCipherOption(Configuration conf,
    List<CipherOption> options) throws IOException {
  // Negotiate cipher suites if configured.  Currently, the only supported
  // cipher suite is AES/CTR/NoPadding, but the protocol allows multiple
  // values for future expansion.
  String cipherSuites = conf.get(DFS_ENCRYPT_DATA_TRANSFER_CIPHER_SUITES_KEY);
  if (cipherSuites == null || cipherSuites.isEmpty()) {
    return null;
  }
  if (!cipherSuites.equals(CipherSuite.AES_CTR_NOPADDING.getName())) {
    throw new IOException(String.format("Invalid cipher suite, %s=%s",
        DFS_ENCRYPT_DATA_TRANSFER_CIPHER_SUITES_KEY, cipherSuites));
  }
  if (options != null) {
    for (CipherOption option : options) {
      CipherSuite suite = option.getCipherSuite();
      if (suite == CipherSuite.AES_CTR_NOPADDING) {
        int keyLen = conf.getInt(
            DFS_ENCRYPT_DATA_TRANSFER_CIPHER_KEY_BITLENGTH_KEY,
            DFS_ENCRYPT_DATA_TRANSFER_CIPHER_KEY_BITLENGTH_DEFAULT) / 8;
        CryptoCodec codec = CryptoCodec.getInstance(conf, suite);
        byte[] inKey = new byte[keyLen];
        byte[] inIv = new byte[suite.getAlgorithmBlockSize()];
        byte[] outKey = new byte[keyLen];
        byte[] outIv = new byte[suite.getAlgorithmBlockSize()];
        codec.generateSecureRandom(inKey);
        codec.generateSecureRandom(inIv);
        codec.generateSecureRandom(outKey);
        codec.generateSecureRandom(outIv);
        return new CipherOption(suite, inKey, inIv, outKey, outIv);
      }
    }
  }
  return null;
}
 
Example #15
Source File: EncryptionZone.java    From big-c with Apache License 2.0 5 votes vote down vote up
public EncryptionZone(long id, String path, CipherSuite suite,
    CryptoProtocolVersion version, String keyName) {
  this.id = id;
  this.path = path;
  this.suite = suite;
  this.version = version;
  this.keyName = keyName;
}
 
Example #16
Source File: FSDirectory.java    From big-c with Apache License 2.0 5 votes vote down vote up
XAttr createEncryptionZone(String src, CipherSuite suite,
    CryptoProtocolVersion version, String keyName)
  throws IOException {
  writeLock();
  try {
    return ezManager.createEncryptionZone(src, suite, version, keyName);
  } finally {
    writeUnlock();
  }
}
 
Example #17
Source File: EncryptionZoneManager.java    From big-c with Apache License 2.0 5 votes vote down vote up
EncryptionZoneInt(long inodeId, CipherSuite suite,
    CryptoProtocolVersion version, String keyName) {
  Preconditions.checkArgument(suite != CipherSuite.UNKNOWN);
  Preconditions.checkArgument(version != CryptoProtocolVersion.UNKNOWN);
  this.inodeId = inodeId;
  this.suite = suite;
  this.version = version;
  this.keyName = keyName;
}
 
Example #18
Source File: EncryptionZoneManager.java    From big-c with Apache License 2.0 5 votes vote down vote up
/**
 * Create a new encryption zone.
 * <p/>
 * Called while holding the FSDirectory lock.
 */
XAttr createEncryptionZone(String src, CipherSuite suite,
    CryptoProtocolVersion version, String keyName)
    throws IOException {
  assert dir.hasWriteLock();
  final INodesInPath srcIIP = dir.getINodesInPath4Write(src, false);
  if (dir.isNonEmptyDirectory(srcIIP)) {
    throw new IOException(
        "Attempt to create an encryption zone for a non-empty directory.");
  }

  if (srcIIP != null &&
      srcIIP.getLastINode() != null &&
      !srcIIP.getLastINode().isDirectory()) {
    throw new IOException("Attempt to create an encryption zone for a file.");
  }
  EncryptionZoneInt ezi = getEncryptionZoneForPath(srcIIP);
  if (ezi != null) {
    throw new IOException("Directory " + src + " is already in an " +
        "encryption zone. (" + getFullPathName(ezi) + ")");
  }

  final HdfsProtos.ZoneEncryptionInfoProto proto =
      PBHelper.convert(suite, version, keyName);
  final XAttr ezXAttr = XAttrHelper
      .buildXAttr(CRYPTO_XATTR_ENCRYPTION_ZONE, proto.toByteArray());

  final List<XAttr> xattrs = Lists.newArrayListWithCapacity(1);
  xattrs.add(ezXAttr);
  // updating the xattr will call addEncryptionZone,
  // done this way to handle edit log loading
  FSDirXAttrOp.unprotectedSetXAttrs(dir, src, xattrs,
                                    EnumSet.of(XAttrSetFlag.CREATE));
  return ezXAttr;
}
 
Example #19
Source File: PBHelper.java    From big-c with Apache License 2.0 5 votes vote down vote up
public static CipherSuiteProto convert(CipherSuite suite) {
  switch (suite) {
  case UNKNOWN:
    return CipherSuiteProto.UNKNOWN;
  case AES_CTR_NOPADDING:
    return CipherSuiteProto.AES_CTR_NOPADDING;
  default:
    return null;
  }
}
 
Example #20
Source File: PBHelper.java    From big-c with Apache License 2.0 5 votes vote down vote up
public static CipherSuite convert(CipherSuiteProto proto) {
  switch (proto) {
  case AES_CTR_NOPADDING:
    return CipherSuite.AES_CTR_NOPADDING;
  default:
    // Set to UNKNOWN and stash the unknown enum value
    CipherSuite suite = CipherSuite.UNKNOWN;
    suite.setUnknownValue(proto.getNumber());
    return suite;
  }
}
 
Example #21
Source File: PBHelper.java    From big-c with Apache License 2.0 5 votes vote down vote up
public static HdfsProtos.ZoneEncryptionInfoProto convert(
    CipherSuite suite, CryptoProtocolVersion version, String keyName) {
  if (suite == null || version == null || keyName == null) {
    return null;
  }
  return HdfsProtos.ZoneEncryptionInfoProto.newBuilder()
      .setSuite(convert(suite))
      .setCryptoProtocolVersion(convert(version))
      .setKeyName(keyName)
      .build();
}
 
Example #22
Source File: PBHelper.java    From big-c with Apache License 2.0 5 votes vote down vote up
public static FileEncryptionInfo convert(
    HdfsProtos.FileEncryptionInfoProto proto) {
  if (proto == null) {
    return null;
  }
  CipherSuite suite = convert(proto.getSuite());
  CryptoProtocolVersion version = convert(proto.getCryptoProtocolVersion());
  byte[] key = proto.getKey().toByteArray();
  byte[] iv = proto.getIv().toByteArray();
  String ezKeyVersionName = proto.getEzKeyVersionName();
  String keyName = proto.getKeyName();
  return new FileEncryptionInfo(suite, version, key, iv, keyName,
      ezKeyVersionName);
}
 
Example #23
Source File: PBHelper.java    From big-c with Apache License 2.0 5 votes vote down vote up
public static FileEncryptionInfo convert(
    HdfsProtos.PerFileEncryptionInfoProto fileProto,
    CipherSuite suite, CryptoProtocolVersion version, String keyName) {
  if (fileProto == null || suite == null || version == null ||
      keyName == null) {
    return null;
  }
  byte[] key = fileProto.getKey().toByteArray();
  byte[] iv = fileProto.getIv().toByteArray();
  String ezKeyVersionName = fileProto.getEzKeyVersionName();
  return new FileEncryptionInfo(suite, version, key, iv, keyName,
      ezKeyVersionName);
}
 
Example #24
Source File: FanOutOneBlockAsyncDFSOutputSaslHelper.java    From hbase with Apache License 2.0 5 votes vote down vote up
private List<CipherOption> getCipherOptions() throws IOException {
  // Negotiate cipher suites if configured. Currently, the only supported
  // cipher suite is AES/CTR/NoPadding, but the protocol allows multiple
  // values for future expansion.
  String cipherSuites = conf.get(DFS_ENCRYPT_DATA_TRANSFER_CIPHER_SUITES_KEY);
  if (StringUtils.isBlank(cipherSuites)) {
    return null;
  }
  if (!cipherSuites.equals(CipherSuite.AES_CTR_NOPADDING.getName())) {
    throw new IOException(String.format("Invalid cipher suite, %s=%s",
      DFS_ENCRYPT_DATA_TRANSFER_CIPHER_SUITES_KEY, cipherSuites));
  }
  return Collections.singletonList(new CipherOption(CipherSuite.AES_CTR_NOPADDING));
}
 
Example #25
Source File: TestSaslFanOutOneBlockAsyncDFSOutput.java    From hbase with Apache License 2.0 5 votes vote down vote up
@Parameters(name = "{index}: protection={0}, encryption={1}, cipherSuite={2}")
public static Iterable<Object[]> data() {
  List<Object[]> params = new ArrayList<>();
  for (String protection : Arrays.asList("authentication", "integrity", "privacy")) {
    for (String encryptionAlgorithm : Arrays.asList("", "3des", "rc4")) {
      for (String cipherSuite : Arrays.asList("", CipherSuite.AES_CTR_NOPADDING.getName())) {
        params.add(new Object[] { protection, encryptionAlgorithm, cipherSuite });
      }
    }
  }
  return params;
}
 
Example #26
Source File: PBHelper.java    From hadoop with Apache License 2.0 5 votes vote down vote up
public static CipherSuiteProto convert(CipherSuite suite) {
  switch (suite) {
  case UNKNOWN:
    return CipherSuiteProto.UNKNOWN;
  case AES_CTR_NOPADDING:
    return CipherSuiteProto.AES_CTR_NOPADDING;
  default:
    return null;
  }
}
 
Example #27
Source File: EncryptionBucketInfo.java    From hadoop-ozone with Apache License 2.0 5 votes vote down vote up
public EncryptionBucketInfo(long id, String path, CipherSuite suite,
                      CryptoProtocolVersion version, String keyName) {
  this.id = id;
  this.path = path;
  this.suite = suite;
  this.version = version;
  this.keyName = keyName;
}
 
Example #28
Source File: BucketEncryptionKeyInfo.java    From hadoop-ozone with Apache License 2.0 5 votes vote down vote up
public BucketEncryptionKeyInfo(
    CryptoProtocolVersion version, CipherSuite suite,
    String keyName) {
  this.version = version;
  this.suite = suite;
  this.keyName = keyName;
}
 
Example #29
Source File: OMPBHelper.java    From hadoop-ozone with Apache License 2.0 5 votes vote down vote up
public static FileEncryptionInfo convert(FileEncryptionInfoProto proto) {
  if (proto == null) {
    return null;
  }
  CipherSuite suite = convert(proto.getSuite());
  CryptoProtocolVersion version = convert(proto.getCryptoProtocolVersion());
  byte[] key = proto.getKey().toByteArray();
  byte[] iv = proto.getIv().toByteArray();
  String ezKeyVersionName = proto.getEzKeyVersionName();
  String keyName = proto.getKeyName();
  return new FileEncryptionInfo(suite, version, key, iv, keyName,
      ezKeyVersionName);
}
 
Example #30
Source File: OMPBHelper.java    From hadoop-ozone with Apache License 2.0 5 votes vote down vote up
public static CipherSuite convert(CipherSuiteProto proto) {
  switch(proto) {
  case AES_CTR_NOPADDING:
    return CipherSuite.AES_CTR_NOPADDING;
  default:
    // Set to UNKNOWN and stash the unknown enum value
    CipherSuite suite = CipherSuite.UNKNOWN;
    suite.setUnknownValue(proto.getNumber());
    return suite;
  }
}