Example 1 with EncryptionContext
use of org.apache.cassandra.security.EncryptionContext in project cassandra by apache.
the class CommitLogDescriptor method fromFileName.
public static CommitLogDescriptor fromFileName(String name) {
Matcher matcher;
if (!(matcher = COMMIT_LOG_FILE_PATTERN.matcher(name)).matches())
throw new RuntimeException("Cannot parse the version of the file: " + name);
if (matcher.group(3) == null)
throw new UnsupportedOperationException("Commitlog segment is too old to open; upgrade to 1.2.5+ first");
long id = Long.parseLong(matcher.group(3).split(SEPARATOR)[1]);
return new CommitLogDescriptor(Integer.parseInt(matcher.group(2)), id, null, new EncryptionContext());
}
Also used :
EncryptionContext(org.apache.cassandra.security.EncryptionContext)
Matcher(java.util.regex.Matcher)
Example 2 with EncryptionContext
use of org.apache.cassandra.security.EncryptionContext in project cassandra by apache.
the class SegmentReaderTest method underlyingEncryptedSegmenterTest.
public void underlyingEncryptedSegmenterTest(BiFunction<FileDataInput, Integer, ByteBuffer> readFun) throws IOException {
EncryptionContext context = EncryptionContextGenerator.createContext(true);
CipherFactory cipherFactory = new CipherFactory(context.getTransparentDataEncryptionOptions());
int plainTextLength = (1 << 13) - 137;
ByteBuffer plainTextBuffer = ByteBuffer.allocate(plainTextLength);
random.nextBytes(plainTextBuffer.array());
ByteBuffer compressedBuffer = EncryptionUtils.compress(plainTextBuffer, null, true, context.getCompressor());
Cipher cipher = cipherFactory.getEncryptor(context.getTransparentDataEncryptionOptions().cipher, context.getTransparentDataEncryptionOptions().key_alias);
File encryptedFile = File.createTempFile("encrypted-segment-", ".log");
encryptedFile.deleteOnExit();
FileChannel channel = new RandomAccessFile(encryptedFile, "rw").getChannel();
channel.write(ByteBufferUtil.bytes(plainTextLength));
EncryptionUtils.encryptAndWrite(compressedBuffer, channel, true, cipher);
channel.close();
try (RandomAccessReader reader = RandomAccessReader.open(encryptedFile)) {
context = EncryptionContextGenerator.createContext(cipher.getIV(), true);
EncryptedSegmenter segmenter = new EncryptedSegmenter(reader, context);
SyncSegment syncSegment = segmenter.nextSegment(0, (int) reader.length());
// EncryptedSegmenter includes the Sync header length in the syncSegment.endPosition (value)
Assert.assertEquals(plainTextLength, syncSegment.endPosition - CommitLogSegment.SYNC_MARKER_SIZE);
ByteBuffer fileBuffer = readFun.apply(syncSegment.input, plainTextLength);
plainTextBuffer.position(0);
Assert.assertEquals(plainTextBuffer, fileBuffer);
}
}
Also used :
EncryptionContext(org.apache.cassandra.security.EncryptionContext)
RandomAccessFile(java.io.RandomAccessFile)
RandomAccessReader(org.apache.cassandra.io.util.RandomAccessReader)
FileChannel(java.nio.channels.FileChannel)
EncryptedSegmenter(org.apache.cassandra.db.commitlog.CommitLogSegmentReader.EncryptedSegmenter)
CipherFactory(org.apache.cassandra.security.CipherFactory)
Cipher(javax.crypto.Cipher)
ByteBuffer(java.nio.ByteBuffer)
RandomAccessFile(java.io.RandomAccessFile)
File(java.io.File)
SyncSegment(org.apache.cassandra.db.commitlog.CommitLogSegmentReader.SyncSegment)
Example 3 with EncryptionContext
use of org.apache.cassandra.security.EncryptionContext in project cassandra by apache.
the class CommitLogTest method tmpFile.
/**
* Create a temporary commit log file with an appropriate descriptor at the head.
*
* @return the commit log file reference and the first position after the descriptor in the file
* (so that subsequent writes happen at the correct file location).
*/
protected Pair<File, Integer> tmpFile() throws IOException {
EncryptionContext encryptionContext = DatabaseDescriptor.getEncryptionContext();
CommitLogDescriptor desc = new CommitLogDescriptor(CommitLogDescriptor.current_version, CommitLogSegment.getNextId(), DatabaseDescriptor.getCommitLogCompression(), encryptionContext);
ByteBuffer buf = ByteBuffer.allocate(1024);
CommitLogDescriptor.writeHeader(buf, desc, getAdditionalHeaders(encryptionContext));
buf.flip();
int positionAfterHeader = buf.limit() + 1;
File logFile = new File(DatabaseDescriptor.getCommitLogLocation(), desc.fileName());
try (OutputStream lout = new FileOutputStream(logFile)) {
lout.write(buf.array(), 0, buf.limit());
}
return Pair.create(logFile, positionAfterHeader);
}
Also used :
EncryptionContext(org.apache.cassandra.security.EncryptionContext)
ByteBuffer(java.nio.ByteBuffer)
Example 4 with EncryptionContext
use of org.apache.cassandra.security.EncryptionContext in project cassandra by apache.
the class CommitLogTest method testRecovery.
protected void testRecovery(final byte[] logData, Class<?> expected) throws Exception {
ParameterizedClass commitLogCompression = DatabaseDescriptor.getCommitLogCompression();
EncryptionContext encryptionContext = DatabaseDescriptor.getEncryptionContext();
runExpecting(() -> testRecovery(logData, CommitLogDescriptor.current_version), expected);
}
Also used :
EncryptionContext(org.apache.cassandra.security.EncryptionContext)
ParameterizedClass(org.apache.cassandra.config.ParameterizedClass)
Example 5 with EncryptionContext
use of org.apache.cassandra.security.EncryptionContext in project cassandra by apache.
the class CommitLogDescriptorTest method setup.
@Before
public void setup() {
Map<String, String> params = new HashMap<>();
compression = new ParameterizedClass(LZ4Compressor.class.getName(), params);
enabledTdeOptions = EncryptionContextGenerator.createEncryptionOptions();
enabledEncryption = new EncryptionContext(enabledTdeOptions, iv, false);
neverEnabledEncryption = EncryptionContextGenerator.createDisabledContext();
TransparentDataEncryptionOptions disaabledTdeOptions = new TransparentDataEncryptionOptions(false, enabledTdeOptions.cipher, enabledTdeOptions.key_alias, enabledTdeOptions.key_provider);
previouslyEnabledEncryption = new EncryptionContext(disaabledTdeOptions);
}
Also used :
EncryptionContext(org.apache.cassandra.security.EncryptionContext)
HashMap(java.util.HashMap)
ParameterizedClass(org.apache.cassandra.config.ParameterizedClass)
TransparentDataEncryptionOptions(org.apache.cassandra.config.TransparentDataEncryptionOptions)
Before(org.junit.Before)
Aggregations
EncryptionContext (org.apache.cassandra.security.EncryptionContext)6
ByteBuffer (java.nio.ByteBuffer)2
HashMap (java.util.HashMap)2
Cipher (javax.crypto.Cipher)2
ParameterizedClass (org.apache.cassandra.config.ParameterizedClass)2
ImmutableMap (com.google.common.collect.ImmutableMap)1
File (java.io.File)1
IOException (java.io.IOException)1
RandomAccessFile (java.io.RandomAccessFile)1
FileChannel (java.nio.channels.FileChannel)1
Map (java.util.Map)1
Matcher (java.util.regex.Matcher)1
TransparentDataEncryptionOptions (org.apache.cassandra.config.TransparentDataEncryptionOptions)1
EncryptedSegmenter (org.apache.cassandra.db.commitlog.CommitLogSegmentReader.EncryptedSegmenter)1
SyncSegment (org.apache.cassandra.db.commitlog.CommitLogSegmentReader.SyncSegment)1
RandomAccessReader (org.apache.cassandra.io.util.RandomAccessReader)1
CipherFactory (org.apache.cassandra.security.CipherFactory)1
Before (org.junit.Before)1
