Examples with KeyVersion org.apache.hadoop.crypto.key.KeyProvider.KeyVersion used on opensource projects

Search in sources :

Example 16 with KeyVersion

use of org.apache.hadoop.crypto.key.KeyProvider.KeyVersion in project hadoop by apache.

the class KMS method getKeyVersions.

@GET
@Path(KMSRESTConstants.KEY_RESOURCE + "/{name:.*}/" + KMSRESTConstants.VERSIONS_SUB_RESOURCE)
@Produces(MediaType.APPLICATION_JSON + "; " + JettyUtils.UTF_8)
public Response getKeyVersions(@PathParam("name") final String name) throws Exception {
    try {
        LOG.trace("Entering getKeyVersions method.");
        UserGroupInformation user = HttpUserGroupInformation.get();
        KMSClientProvider.checkNotEmpty(name, "name");
        KMSWebApp.getKeyCallsMeter().mark();
        assertAccess(KMSACLs.Type.GET, user, KMSOp.GET_KEY_VERSIONS, name);
        LOG.debug("Getting key versions for key {}", name);
        List<KeyVersion> ret = user.doAs(new PrivilegedExceptionAction<List<KeyVersion>>() {

            @Override
            public List<KeyVersion> run() throws Exception {
                return provider.getKeyVersions(name);
            }
        });
        Object json = KMSServerJSONUtils.toJSON(ret);
        kmsAudit.ok(user, KMSOp.GET_KEY_VERSIONS, name, "");
        LOG.trace("Exiting getKeyVersions method.");
        return Response.ok().type(MediaType.APPLICATION_JSON).entity(json).build();
    } catch (Exception e) {
        LOG.debug("Exception in getKeyVersions.", e);
        throw e;
    }
}
Also used : KeyVersion(org.apache.hadoop.crypto.key.KeyProvider.KeyVersion) EncryptedKeyVersion(org.apache.hadoop.crypto.key.KeyProviderCryptoExtension.EncryptedKeyVersion) ArrayList(java.util.ArrayList) LinkedList(java.util.LinkedList) List(java.util.List) IOException(java.io.IOException) AccessControlException(org.apache.hadoop.security.AccessControlException) UserGroupInformation(org.apache.hadoop.security.UserGroupInformation) HttpUserGroupInformation(org.apache.hadoop.security.token.delegation.web.HttpUserGroupInformation) Path(javax.ws.rs.Path) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET)

Example 17 with KeyVersion

use of org.apache.hadoop.crypto.key.KeyProvider.KeyVersion in project hadoop by apache.

the class KMS method getCurrentVersion.

@GET
@Path(KMSRESTConstants.KEY_RESOURCE + "/{name:.*}/" + KMSRESTConstants.CURRENT_VERSION_SUB_RESOURCE)
@Produces(MediaType.APPLICATION_JSON + "; " + JettyUtils.UTF_8)
public Response getCurrentVersion(@PathParam("name") final String name) throws Exception {
    try {
        LOG.trace("Entering getCurrentVersion method.");
        UserGroupInformation user = HttpUserGroupInformation.get();
        KMSClientProvider.checkNotEmpty(name, "name");
        KMSWebApp.getKeyCallsMeter().mark();
        assertAccess(KMSACLs.Type.GET, user, KMSOp.GET_CURRENT_KEY, name);
        LOG.debug("Getting key version for key with name {}.", name);
        KeyVersion keyVersion = user.doAs(new PrivilegedExceptionAction<KeyVersion>() {

            @Override
            public KeyVersion run() throws Exception {
                return provider.getCurrentKey(name);
            }
        });
        Object json = KMSServerJSONUtils.toJSON(keyVersion);
        kmsAudit.ok(user, KMSOp.GET_CURRENT_KEY, name, "");
        LOG.trace("Exiting getCurrentVersion method.");
        return Response.ok().type(MediaType.APPLICATION_JSON).entity(json).build();
    } catch (Exception e) {
        LOG.debug("Exception in getCurrentVersion.", e);
        throw e;
    }
}
Also used : KeyVersion(org.apache.hadoop.crypto.key.KeyProvider.KeyVersion) EncryptedKeyVersion(org.apache.hadoop.crypto.key.KeyProviderCryptoExtension.EncryptedKeyVersion) IOException(java.io.IOException) AccessControlException(org.apache.hadoop.security.AccessControlException) UserGroupInformation(org.apache.hadoop.security.UserGroupInformation) HttpUserGroupInformation(org.apache.hadoop.security.token.delegation.web.HttpUserGroupInformation) Path(javax.ws.rs.Path) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET)

Example 18 with KeyVersion

use of org.apache.hadoop.crypto.key.KeyProvider.KeyVersion in project hadoop by apache.

the class KMS method createKey.

@POST
@Path(KMSRESTConstants.KEYS_RESOURCE)
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON + "; " + JettyUtils.UTF_8)
@SuppressWarnings("unchecked")
public Response createKey(Map jsonKey) throws Exception {
    try {
        LOG.trace("Entering createKey Method.");
        KMSWebApp.getAdminCallsMeter().mark();
        UserGroupInformation user = HttpUserGroupInformation.get();
        final String name = (String) jsonKey.get(KMSRESTConstants.NAME_FIELD);
        KMSClientProvider.checkNotEmpty(name, KMSRESTConstants.NAME_FIELD);
        assertAccess(KMSACLs.Type.CREATE, user, KMSOp.CREATE_KEY, name);
        String cipher = (String) jsonKey.get(KMSRESTConstants.CIPHER_FIELD);
        final String material;
        material = (String) jsonKey.get(KMSRESTConstants.MATERIAL_FIELD);
        int length = (jsonKey.containsKey(KMSRESTConstants.LENGTH_FIELD)) ? (Integer) jsonKey.get(KMSRESTConstants.LENGTH_FIELD) : 0;
        String description = (String) jsonKey.get(KMSRESTConstants.DESCRIPTION_FIELD);
        LOG.debug("Creating key with name {}, cipher being used{}, " + "length of key {}, description of key {}", name, cipher, length, description);
        Map<String, String> attributes = (Map<String, String>) jsonKey.get(KMSRESTConstants.ATTRIBUTES_FIELD);
        if (material != null) {
            assertAccess(KMSACLs.Type.SET_KEY_MATERIAL, user, KMSOp.CREATE_KEY, name);
        }
        final KeyProvider.Options options = new KeyProvider.Options(KMSWebApp.getConfiguration());
        if (cipher != null) {
            options.setCipher(cipher);
        }
        if (length != 0) {
            options.setBitLength(length);
        }
        options.setDescription(description);
        options.setAttributes(attributes);
        KeyProvider.KeyVersion keyVersion = user.doAs(new PrivilegedExceptionAction<KeyVersion>() {

            @Override
            public KeyVersion run() throws Exception {
                KeyProvider.KeyVersion keyVersion = (material != null) ? provider.createKey(name, Base64.decodeBase64(material), options) : provider.createKey(name, options);
                provider.flush();
                return keyVersion;
            }
        });
        kmsAudit.ok(user, KMSOp.CREATE_KEY, name, "UserProvidedMaterial:" + (material != null) + " Description:" + description);
        if (!KMSWebApp.getACLs().hasAccess(KMSACLs.Type.GET, user)) {
            keyVersion = removeKeyMaterial(keyVersion);
        }
        Map json = KMSServerJSONUtils.toJSON(keyVersion);
        String requestURL = KMSMDCFilter.getURL();
        int idx = requestURL.lastIndexOf(KMSRESTConstants.KEYS_RESOURCE);
        requestURL = requestURL.substring(0, idx);
        LOG.trace("Exiting createKey Method.");
        return Response.created(getKeyURI(KMSRESTConstants.SERVICE_VERSION, name)).type(MediaType.APPLICATION_JSON).header("Location", getKeyURI(requestURL, name)).entity(json).build();
    } catch (Exception e) {
        LOG.debug("Exception in createKey.", e);
        throw e;
    }
}
Also used : KeyProvider(org.apache.hadoop.crypto.key.KeyProvider) KeyVersion(org.apache.hadoop.crypto.key.KeyProvider.KeyVersion) EncryptedKeyVersion(org.apache.hadoop.crypto.key.KeyProviderCryptoExtension.EncryptedKeyVersion) IOException(java.io.IOException) AccessControlException(org.apache.hadoop.security.AccessControlException) KeyVersion(org.apache.hadoop.crypto.key.KeyProvider.KeyVersion) Map(java.util.Map) UserGroupInformation(org.apache.hadoop.security.UserGroupInformation) HttpUserGroupInformation(org.apache.hadoop.security.token.delegation.web.HttpUserGroupInformation) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST) Consumes(javax.ws.rs.Consumes) Produces(javax.ws.rs.Produces)

Example 19 with KeyVersion

use of org.apache.hadoop.crypto.key.KeyProvider.KeyVersion in project hadoop by apache.

the class KMS method getKeyVersion.

@GET
@Path(KMSRESTConstants.KEY_VERSION_RESOURCE + "/{versionName:.*}")
@Produces(MediaType.APPLICATION_JSON + "; " + JettyUtils.UTF_8)
public Response getKeyVersion(@PathParam("versionName") final String versionName) throws Exception {
    try {
        LOG.trace("Entering getKeyVersion method.");
        UserGroupInformation user = HttpUserGroupInformation.get();
        KMSClientProvider.checkNotEmpty(versionName, "versionName");
        KMSWebApp.getKeyCallsMeter().mark();
        assertAccess(KMSACLs.Type.GET, user, KMSOp.GET_KEY_VERSION);
        LOG.debug("Getting key with version name {}.", versionName);
        KeyVersion keyVersion = user.doAs(new PrivilegedExceptionAction<KeyVersion>() {

            @Override
            public KeyVersion run() throws Exception {
                return provider.getKeyVersion(versionName);
            }
        });
        if (keyVersion != null) {
            kmsAudit.ok(user, KMSOp.GET_KEY_VERSION, keyVersion.getName(), "");
        }
        Object json = KMSServerJSONUtils.toJSON(keyVersion);
        LOG.trace("Exiting getKeyVersion method.");
        return Response.ok().type(MediaType.APPLICATION_JSON).entity(json).build();
    } catch (Exception e) {
        LOG.debug("Exception in getKeyVersion.", e);
        throw e;
    }
}
Also used : KeyVersion(org.apache.hadoop.crypto.key.KeyProvider.KeyVersion) EncryptedKeyVersion(org.apache.hadoop.crypto.key.KeyProviderCryptoExtension.EncryptedKeyVersion) IOException(java.io.IOException) AccessControlException(org.apache.hadoop.security.AccessControlException) UserGroupInformation(org.apache.hadoop.security.UserGroupInformation) HttpUserGroupInformation(org.apache.hadoop.security.token.delegation.web.HttpUserGroupInformation) Path(javax.ws.rs.Path) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET)

Aggregations

KeyVersion (org.apache.hadoop.crypto.key.KeyProvider.KeyVersion)19 EncryptedKeyVersion (org.apache.hadoop.crypto.key.KeyProviderCryptoExtension.EncryptedKeyVersion)17 IOException (java.io.IOException)13 Test (org.junit.Test)9 KeyProvider (org.apache.hadoop.crypto.key.KeyProvider)8 UserGroupInformation (org.apache.hadoop.security.UserGroupInformation)8 Configuration (org.apache.hadoop.conf.Configuration)7 Path (javax.ws.rs.Path)6 Produces (javax.ws.rs.Produces)6 AccessControlException (org.apache.hadoop.security.AccessControlException)6 HttpUserGroupInformation (org.apache.hadoop.security.token.delegation.web.HttpUserGroupInformation)6 URI (java.net.URI)5 Map (java.util.Map)5 Options (org.apache.hadoop.crypto.key.KeyProvider.Options)5 KeyProviderCryptoExtension (org.apache.hadoop.crypto.key.KeyProviderCryptoExtension)5 HashMap (java.util.HashMap)4 File (java.io.File)3 SocketTimeoutException (java.net.SocketTimeoutException)3 PrivilegedExceptionAction (java.security.PrivilegedExceptionAction)3 GET (javax.ws.rs.GET)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial