use of org.apache.accumulo.core.security.crypto.DefaultCryptoModule in project accumulo by apache.
the class DfsLogger method readHeaderAndReturnStream.
public static DFSLoggerInputStreams readHeaderAndReturnStream(FSDataInputStream input, AccumuloConfiguration conf) throws IOException {
DataInputStream decryptingInput = null;
byte[] magic = DfsLogger.LOG_FILE_HEADER_V3.getBytes(UTF_8);
byte[] magicBuffer = new byte[magic.length];
try {
input.readFully(magicBuffer);
if (Arrays.equals(magicBuffer, magic)) {
// additional parameters it needs from the underlying stream.
String cryptoModuleClassname = input.readUTF();
CryptoModule cryptoModule = CryptoModuleFactory.getCryptoModule(cryptoModuleClassname);
// Create the parameters and set the input stream into those parameters
CryptoModuleParameters params = CryptoModuleFactory.createParamsObjectFromAccumuloConfiguration(conf);
params.setEncryptedInputStream(input);
// Create the plaintext input stream from the encrypted one
params = cryptoModule.getDecryptingInputStream(params);
if (params.getPlaintextInputStream() instanceof DataInputStream) {
decryptingInput = (DataInputStream) params.getPlaintextInputStream();
} else {
decryptingInput = new DataInputStream(params.getPlaintextInputStream());
}
} else {
input.seek(0);
byte[] magicV2 = DfsLogger.LOG_FILE_HEADER_V2.getBytes(UTF_8);
byte[] magicBufferV2 = new byte[magicV2.length];
input.readFully(magicBufferV2);
if (Arrays.equals(magicBufferV2, magicV2)) {
// Log files from 1.5 dump their options in raw to the logger files. Since we don't know the class
// that needs to read those files, we can make a couple of basic assumptions. Either it's going to be
// the NullCryptoModule (no crypto) or the DefaultCryptoModule.
// If it's null, we won't have any parameters whatsoever. First, let's attempt to read
// parameters
Map<String, String> opts = new HashMap<>();
int count = input.readInt();
for (int i = 0; i < count; i++) {
String key = input.readUTF();
String value = input.readUTF();
opts.put(key, value);
}
if (opts.size() == 0) {
// NullCryptoModule, we're done
decryptingInput = input;
} else {
// The DefaultCryptoModule will want to read the parameters from the underlying file, so we will put the file back to that spot.
org.apache.accumulo.core.security.crypto.CryptoModule cryptoModule = org.apache.accumulo.core.security.crypto.CryptoModuleFactory.getCryptoModule(DefaultCryptoModule.class.getName());
CryptoModuleParameters params = CryptoModuleFactory.createParamsObjectFromAccumuloConfiguration(conf);
// go back to the beginning, but skip over magicV2 already checked earlier
input.seek(magicV2.length);
params.setEncryptedInputStream(input);
params = cryptoModule.getDecryptingInputStream(params);
if (params.getPlaintextInputStream() instanceof DataInputStream) {
decryptingInput = (DataInputStream) params.getPlaintextInputStream();
} else {
decryptingInput = new DataInputStream(params.getPlaintextInputStream());
}
}
} else {
input.seek(0);
decryptingInput = input;
}
}
} catch (EOFException e) {
log.warn("Got EOFException trying to read WAL header information, assuming the rest of the file has no data.");
// A TabletServer might have died before the (complete) header was written
throw new LogHeaderIncompleteException(e);
}
return new DFSLoggerInputStreams(input, decryptingInput);
}
Aggregations