use of java.security.Key in project hbase by apache.
the class TestEncryption method checkTransformSymmetry.
private void checkTransformSymmetry(byte[] keyBytes, byte[] iv, byte[] plaintext) throws Exception {
LOG.info("checkTransformSymmetry: AES, plaintext length = " + plaintext.length);
Configuration conf = HBaseConfiguration.create();
String algorithm = conf.get(HConstants.CRYPTO_KEY_ALGORITHM_CONF_KEY, HConstants.CIPHER_AES);
Cipher aes = Encryption.getCipher(conf, algorithm);
Key key = new SecretKeySpec(keyBytes, algorithm);
Encryptor e = aes.getEncryptor();
e.setKey(key);
e.setIv(iv);
e.reset();
ByteArrayOutputStream encOut = new ByteArrayOutputStream();
Encryption.encrypt(encOut, plaintext, 0, plaintext.length, e);
byte[] encrypted = encOut.toByteArray();
Decryptor d = aes.getDecryptor();
d.setKey(key);
d.setIv(iv);
d.reset();
ByteArrayInputStream encIn = new ByteArrayInputStream(encrypted);
ByteArrayOutputStream decOut = new ByteArrayOutputStream();
Encryption.decrypt(decOut, encIn, plaintext.length, d);
byte[] result = decOut.toByteArray();
assertEquals("Decrypted result has different length than plaintext", result.length, plaintext.length);
assertTrue("Transformation was not symmetric", Bytes.equals(result, plaintext));
}
use of java.security.Key in project hbase by apache.
the class TestKeyProvider method testTestProvider.
@Test
public void testTestProvider() {
Configuration conf = HBaseConfiguration.create();
conf.set(HConstants.CRYPTO_KEYPROVIDER_CONF_KEY, KeyProviderForTesting.class.getName());
KeyProvider provider = Encryption.getKeyProvider(conf);
assertNotNull("Null returned for provider", provider);
assertTrue("Provider is not the expected type", provider instanceof KeyProviderForTesting);
Key key = provider.getKey("foo");
assertNotNull("Test provider did not return a key as expected", key);
assertEquals("Test provider did not create a key for AES", key.getAlgorithm(), "AES");
assertEquals("Test provider did not create a key of adequate length", key.getEncoded().length, AES.KEY_LENGTH);
}
use of java.security.Key in project hbase by apache.
the class TestMobCompactor method testMajorCompactionFromAdmin.
@Test(timeout = 300000)
public void testMajorCompactionFromAdmin() throws Exception {
resetConf();
int mergeSize = 5000;
// change the mob compaction merge size
conf.setLong(MobConstants.MOB_COMPACTION_MERGEABLE_THRESHOLD, mergeSize);
SecureRandom rng = new SecureRandom();
byte[] keyBytes = new byte[AES.KEY_LENGTH];
rng.nextBytes(keyBytes);
String algorithm = conf.get(HConstants.CRYPTO_KEY_ALGORITHM_CONF_KEY, HConstants.CIPHER_AES);
Key cfKey = new SecretKeySpec(keyBytes, algorithm);
byte[] encryptionKey = EncryptionUtil.wrapKey(conf, conf.get(HConstants.CRYPTO_MASTERKEY_NAME_CONF_KEY, User.getCurrent().getShortName()), cfKey);
final TableName tableName = TableName.valueOf(name.getMethodName());
HTableDescriptor desc = new HTableDescriptor(tableName);
HColumnDescriptor hcd1 = new HColumnDescriptor(family1);
hcd1.setMobEnabled(true);
hcd1.setMobThreshold(0);
hcd1.setEncryptionType(algorithm);
hcd1.setEncryptionKey(encryptionKey);
HColumnDescriptor hcd2 = new HColumnDescriptor(family2);
hcd2.setMobEnabled(true);
hcd2.setMobThreshold(0);
desc.addFamily(hcd1);
desc.addFamily(hcd2);
admin.createTable(desc, getSplitKeys());
Table table = conn.getTable(tableName);
BufferedMutator bufMut = conn.getBufferedMutator(tableName);
int count = 4;
// generate mob files
loadData(admin, bufMut, tableName, count, rowNumPerFile);
int rowNumPerRegion = count * rowNumPerFile;
assertEquals("Before deleting: mob rows count", regionNum * rowNumPerRegion, countMobRows(table));
assertEquals("Before deleting: mob cells count", regionNum * cellNumPerRow * rowNumPerRegion, countMobCells(table));
assertEquals("Before deleting: mob file count", regionNum * count, countFiles(tableName, true, family1));
createDelFile(table, tableName, Bytes.toBytes(family1), Bytes.toBytes(qf1));
assertEquals("Before compaction: mob rows count", regionNum * (rowNumPerRegion - delRowNum), countMobRows(table));
assertEquals("Before compaction: mob cells count", regionNum * (cellNumPerRow * rowNumPerRegion - delCellNum), countMobCells(table));
assertEquals("Before compaction: family1 mob file count", regionNum * count, countFiles(tableName, true, family1));
assertEquals("Before compaction: family2 mob file count", regionNum * count, countFiles(tableName, true, family2));
assertEquals("Before compaction: family1 del file count", regionNum, countFiles(tableName, false, family1));
assertEquals("Before compaction: family2 del file count", regionNum, countFiles(tableName, false, family2));
// do the major mob compaction, it will force all files to compaction
admin.majorCompact(tableName, hcd1.getName(), CompactType.MOB);
waitUntilMobCompactionFinished(tableName);
assertEquals("After compaction: mob rows count", regionNum * (rowNumPerRegion - delRowNum), countMobRows(table));
assertEquals("After compaction: mob cells count", regionNum * (cellNumPerRow * rowNumPerRegion - delCellNum), countMobCells(table));
assertEquals("After compaction: family1 mob file count", regionNum, countFiles(tableName, true, family1));
assertEquals("After compaction: family2 mob file count", regionNum * count, countFiles(tableName, true, family2));
assertEquals("After compaction: family1 del file count", 0, countFiles(tableName, false, family1));
assertEquals("After compaction: family2 del file count", regionNum, countFiles(tableName, false, family2));
Assert.assertTrue(verifyEncryption(tableName, family1));
table.close();
}
use of java.security.Key in project zeppelin by apache.
the class Authentication method decrypt.
private String decrypt(String value, String initVector) {
LOG.debug("IV is {}, IV length is {}", initVector, initVector.length());
if (StringUtils.isBlank(value) || StringUtils.isBlank(initVector)) {
LOG.error("String to decode or salt is not provided");
return StringUtils.EMPTY;
}
try {
IvParameterSpec iv = generateIV(initVector);
Key key = generateKey();
Cipher cipher = Cipher.getInstance(CIPHER_MODE);
cipher.init(Cipher.DECRYPT_MODE, key, iv);
byte[] decryptedString = Base64.decodeBase64(toBytes(value));
decryptedString = cipher.doFinal(decryptedString);
return new String(decryptedString);
} catch (GeneralSecurityException e) {
LOG.error("Error when decrypting", e);
return StringUtils.EMPTY;
}
}
use of java.security.Key in project buck by facebook.
the class ApkBuilderStep method createKeystoreProperties.
private PrivateKeyAndCertificate createKeystoreProperties() throws IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
KeyStore keystore = KeyStore.getInstance(JARSIGNER_KEY_STORE_TYPE);
KeystoreProperties keystoreProperties = keystorePropertiesSupplier.get();
InputStream inputStream = filesystem.getInputStreamForRelativePath(pathToKeystore);
char[] keystorePassword = keystoreProperties.getStorepass().toCharArray();
try {
keystore.load(inputStream, keystorePassword);
} catch (IOException | NoSuchAlgorithmException | CertificateException e) {
throw new HumanReadableException(e, "%s is an invalid keystore.", pathToKeystore);
}
String alias = keystoreProperties.getAlias();
char[] keyPassword = keystoreProperties.getKeypass().toCharArray();
Key key = keystore.getKey(alias, keyPassword);
// key can be null if alias/password is incorrect.
if (key == null) {
throw new HumanReadableException("The keystore [%s] key.alias [%s] does not exist or does not identify a key-related " + "entry", pathToKeystore, alias);
}
Certificate certificate = keystore.getCertificate(alias);
return new PrivateKeyAndCertificate((PrivateKey) key, (X509Certificate) certificate);
}
Aggregations