Search in sources :

Example 1 with NoCryptoService

use of org.apache.accumulo.core.spi.crypto.NoCryptoService in project accumulo by apache.

the class CryptoServiceFactory method newInstance.

public static CryptoService newInstance(AccumuloConfiguration conf, ClassloaderType ct) {
    CryptoService newCryptoService;
    if (ct == ClassloaderType.ACCUMULO) {
        newCryptoService = Property.createInstanceFromPropertyName(conf, Property.INSTANCE_CRYPTO_SERVICE, CryptoService.class, new NoCryptoService());
    } else if (ct == ClassloaderType.JAVA) {
        String clazzName = conf.get(Property.INSTANCE_CRYPTO_SERVICE);
        if (clazzName == null || clazzName.trim().isEmpty()) {
            newCryptoService = new NoCryptoService();
        } else {
            try {
                newCryptoService = CryptoServiceFactory.class.getClassLoader().loadClass(clazzName).asSubclass(CryptoService.class).getDeclaredConstructor().newInstance();
            } catch (ReflectiveOperationException e) {
                throw new RuntimeException(e);
            }
        }
    } else {
        throw new IllegalArgumentException();
    }
    newCryptoService.init(conf.getAllPropertiesWithPrefix(Property.INSTANCE_CRYPTO_PREFIX));
    return newCryptoService;
}
Also used : NoCryptoService(org.apache.accumulo.core.spi.crypto.NoCryptoService) CryptoService(org.apache.accumulo.core.spi.crypto.CryptoService) NoCryptoService(org.apache.accumulo.core.spi.crypto.NoCryptoService)

Example 2 with NoCryptoService

use of org.apache.accumulo.core.spi.crypto.NoCryptoService in project accumulo by apache.

the class DfsLogger method getDecryptingStream.

/**
 * Reads the WAL file header, and returns a decrypting stream which wraps the original stream. If
 * the file is not encrypted, the original stream is returned.
 *
 * @throws LogHeaderIncompleteException
 *           if the header cannot be fully read (can happen if the tserver died before finishing)
 */
public static DataInputStream getDecryptingStream(FSDataInputStream input, AccumuloConfiguration conf) throws LogHeaderIncompleteException, IOException {
    DataInputStream decryptingInput;
    byte[] magic4 = DfsLogger.LOG_FILE_HEADER_V4.getBytes(UTF_8);
    byte[] magic3 = DfsLogger.LOG_FILE_HEADER_V3.getBytes(UTF_8);
    if (magic4.length != magic3.length)
        throw new AssertionError("Always expect log file headers to be same length : " + magic4.length + " != " + magic3.length);
    byte[] magicBuffer = new byte[magic4.length];
    try {
        input.readFully(magicBuffer);
        if (Arrays.equals(magicBuffer, magic4)) {
            CryptoService cryptoService = CryptoServiceFactory.newInstance(conf, ClassloaderType.ACCUMULO);
            FileDecrypter decrypter = CryptoUtils.getFileDecrypter(cryptoService, Scope.WAL, input);
            log.debug("Using {} for decrypting WAL", cryptoService.getClass().getSimpleName());
            decryptingInput = cryptoService instanceof NoCryptoService ? input : new DataInputStream(decrypter.decryptStream(input));
        } else if (Arrays.equals(magicBuffer, magic3)) {
            // Read logs files from Accumulo 1.9
            String cryptoModuleClassname = input.readUTF();
            if (!cryptoModuleClassname.equals("NullCryptoModule")) {
                throw new IllegalArgumentException("Old encryption modules not supported at this time.  Unsupported module : " + cryptoModuleClassname);
            }
            decryptingInput = input;
        } else {
            throw new IllegalArgumentException("Unsupported write ahead log version " + new String(magicBuffer));
        }
    } catch (EOFException e) {
        // A TabletServer might have died before the (complete) header was written
        throw new LogHeaderIncompleteException(e);
    }
    return decryptingInput;
}
Also used : NoCryptoService(org.apache.accumulo.core.spi.crypto.NoCryptoService) CryptoService(org.apache.accumulo.core.spi.crypto.CryptoService) NoCryptoService(org.apache.accumulo.core.spi.crypto.NoCryptoService) FileDecrypter(org.apache.accumulo.core.spi.crypto.FileDecrypter) EOFException(java.io.EOFException) FSDataInputStream(org.apache.hadoop.fs.FSDataInputStream) DataInputStream(java.io.DataInputStream)

Aggregations

CryptoService (org.apache.accumulo.core.spi.crypto.CryptoService)2 NoCryptoService (org.apache.accumulo.core.spi.crypto.NoCryptoService)2 DataInputStream (java.io.DataInputStream)1 EOFException (java.io.EOFException)1 FileDecrypter (org.apache.accumulo.core.spi.crypto.FileDecrypter)1 FSDataInputStream (org.apache.hadoop.fs.FSDataInputStream)1