Examples with EncryptionContext - org.apache.cassandra.security.EncryptionContext

Example 6 with EncryptionContext

use of org.apache.cassandra.security.EncryptionContext in project cassandra by apache.

the class HintsDescriptor method createEncryption.

/**
     * Create, if necessary, the required encryption components (for either decrpyt or encrypt operations).
     * Note that in the case of encyption (this is, when writing out a new hints file), we need to write
     * the cipher's IV out to the header so it can be used when decrypting. Thus, we need to add an additional
     * entry to the {@code params} map.
     *
     * @param params the base parameters into the descriptor.
     * @return null if not using encryption; else, the initialized {@link Cipher} and a possibly updated version
     * of the {@code params} map.
     */
@SuppressWarnings("unchecked")
static EncryptionData createEncryption(ImmutableMap<String, Object> params) {
    if (params.containsKey(ENCRYPTION)) {
        Map<?, ?> encryptionConfig = (Map<?, ?>) params.get(ENCRYPTION);
        EncryptionContext encryptionContext = EncryptionContext.createFromMap(encryptionConfig, DatabaseDescriptor.getEncryptionContext());
        try {
            Cipher cipher;
            if (encryptionConfig.containsKey(EncryptionContext.ENCRYPTION_IV)) {
                cipher = encryptionContext.getDecryptor();
            } else {
                cipher = encryptionContext.getEncryptor();
                ImmutableMap<String, Object> encParams = ImmutableMap.<String, Object>builder().putAll(encryptionContext.toHeaderParameters()).put(EncryptionContext.ENCRYPTION_IV, Hex.bytesToHex(cipher.getIV())).build();
                Map<String, Object> map = new HashMap<>(params);
                map.put(ENCRYPTION, encParams);
                params = ImmutableMap.<String, Object>builder().putAll(map).build();
            }
            return new EncryptionData(cipher, encryptionContext.getCompressor(), params);
        } catch (IOException ioe) {
            logger.warn("failed to create encyption context for hints file. ignoring encryption for hints.", ioe);
            return null;
        }
    } else {
        return null;
    }
}

Also used : EncryptionContext(org.apache.cassandra.security.EncryptionContext) HashMap(java.util.HashMap) Cipher(javax.crypto.Cipher) IOException(java.io.IOException) HashMap(java.util.HashMap) Map(java.util.Map) ImmutableMap(com.google.common.collect.ImmutableMap)

Aggregations

EncryptionContext (org.apache.cassandra.security.EncryptionContext)6 ByteBuffer (java.nio.ByteBuffer)2 HashMap (java.util.HashMap)2 Cipher (javax.crypto.Cipher)2 ParameterizedClass (org.apache.cassandra.config.ParameterizedClass)2 ImmutableMap (com.google.common.collect.ImmutableMap)1 File (java.io.File)1 IOException (java.io.IOException)1 RandomAccessFile (java.io.RandomAccessFile)1 FileChannel (java.nio.channels.FileChannel)1 Map (java.util.Map)1 Matcher (java.util.regex.Matcher)1 TransparentDataEncryptionOptions (org.apache.cassandra.config.TransparentDataEncryptionOptions)1 EncryptedSegmenter (org.apache.cassandra.db.commitlog.CommitLogSegmentReader.EncryptedSegmenter)1 SyncSegment (org.apache.cassandra.db.commitlog.CommitLogSegmentReader.SyncSegment)1 RandomAccessReader (org.apache.cassandra.io.util.RandomAccessReader)1 CipherFactory (org.apache.cassandra.security.CipherFactory)1 Before (org.junit.Before)1