Examples with FileEncryptionInfo org.apache.hadoop.fs.FileEncryptionInfo used on opensource projects

Search in sources :

Example 11 with FileEncryptionInfo

use of org.apache.hadoop.fs.FileEncryptionInfo in project hadoop by apache.

the class TestEncryptionZones method testVersionAndSuiteNegotiation.

@Test
public void testVersionAndSuiteNegotiation() throws Exception {
    final HdfsAdmin dfsAdmin = new HdfsAdmin(FileSystem.getDefaultUri(conf), conf);
    final Path zone = new Path("/zone");
    fs.mkdirs(zone);
    dfsAdmin.createEncryptionZone(zone, TEST_KEY, NO_TRASH);
    // Create a file in an EZ, which should succeed
    DFSTestUtil.createFile(fs, new Path(zone, "success1"), 0, (short) 1, 0xFEED);
    // Pass no supported versions, fail
    DFSOutputStream.SUPPORTED_CRYPTO_VERSIONS = new CryptoProtocolVersion[] {};
    try {
        DFSTestUtil.createFile(fs, new Path(zone, "fail"), 0, (short) 1, 0xFEED);
        fail("Created a file without specifying a crypto protocol version");
    } catch (UnknownCryptoProtocolVersionException e) {
        assertExceptionContains("No crypto protocol versions", e);
    }
    // Pass some unknown versions, fail
    DFSOutputStream.SUPPORTED_CRYPTO_VERSIONS = new CryptoProtocolVersion[] { CryptoProtocolVersion.UNKNOWN, CryptoProtocolVersion.UNKNOWN };
    try {
        DFSTestUtil.createFile(fs, new Path(zone, "fail"), 0, (short) 1, 0xFEED);
        fail("Created a file without specifying a known crypto protocol version");
    } catch (UnknownCryptoProtocolVersionException e) {
        assertExceptionContains("No crypto protocol versions", e);
    }
    // Pass some unknown and a good cipherSuites, success
    DFSOutputStream.SUPPORTED_CRYPTO_VERSIONS = new CryptoProtocolVersion[] { CryptoProtocolVersion.UNKNOWN, CryptoProtocolVersion.UNKNOWN, CryptoProtocolVersion.ENCRYPTION_ZONES };
    DFSTestUtil.createFile(fs, new Path(zone, "success2"), 0, (short) 1, 0xFEED);
    DFSOutputStream.SUPPORTED_CRYPTO_VERSIONS = new CryptoProtocolVersion[] { CryptoProtocolVersion.ENCRYPTION_ZONES, CryptoProtocolVersion.UNKNOWN, CryptoProtocolVersion.UNKNOWN };
    DFSTestUtil.createFile(fs, new Path(zone, "success3"), 4096, (short) 1, 0xFEED);
    // Check KeyProvider state
    // Flushing the KP on the NN, since it caches, and init a test one
    cluster.getNamesystem().getProvider().flush();
    KeyProvider provider = KeyProviderFactory.get(new URI(conf.getTrimmed(CommonConfigurationKeysPublic.HADOOP_SECURITY_KEY_PROVIDER_PATH)), conf);
    List<String> keys = provider.getKeys();
    assertEquals("Expected NN to have created one key per zone", 1, keys.size());
    List<KeyProvider.KeyVersion> allVersions = Lists.newArrayList();
    for (String key : keys) {
        List<KeyProvider.KeyVersion> versions = provider.getKeyVersions(key);
        assertEquals("Should only have one key version per key", 1, versions.size());
        allVersions.addAll(versions);
    }
    // Check that the specified CipherSuite was correctly saved on the NN
    for (int i = 2; i <= 3; i++) {
        FileEncryptionInfo feInfo = getFileEncryptionInfo(new Path(zone.toString() + "/success" + i));
        assertEquals(feInfo.getCipherSuite(), CipherSuite.AES_CTR_NOPADDING);
    }
    DFSClient old = fs.dfs;
    try {
        testCipherSuiteNegotiation(fs, conf);
    } finally {
        fs.dfs = old;
    }
}
Also used : Path(org.apache.hadoop.fs.Path) KeyProvider(org.apache.hadoop.crypto.key.KeyProvider) HdfsAdmin(org.apache.hadoop.hdfs.client.HdfsAdmin) Mockito.anyString(org.mockito.Mockito.anyString) FileEncryptionInfo(org.apache.hadoop.fs.FileEncryptionInfo) URI(java.net.URI) Test(org.junit.Test)

Aggregations

FileEncryptionInfo (org.apache.hadoop.fs.FileEncryptionInfo)11 CryptoCodec (org.apache.hadoop.crypto.CryptoCodec)3 KeyVersion (org.apache.hadoop.crypto.key.KeyProvider.KeyVersion)3 ByteString (com.google.protobuf.ByteString)2 IOException (java.io.IOException)2 EncryptedKeyVersion (org.apache.hadoop.crypto.key.KeyProviderCryptoExtension.EncryptedKeyVersion)2 Path (org.apache.hadoop.fs.Path)2 HdfsAdmin (org.apache.hadoop.hdfs.client.HdfsAdmin)2 ErasureCodingPolicy (org.apache.hadoop.hdfs.protocol.ErasureCodingPolicy)2 LocatedBlocks (org.apache.hadoop.hdfs.protocol.LocatedBlocks)2 Test (org.junit.Test)2 Mockito.anyString (org.mockito.Mockito.anyString)2 InvocationTargetException (java.lang.reflect.InvocationTargetException)1 Method (java.lang.reflect.Method)1 URI (java.net.URI)1 GeneralSecurityException (java.security.GeneralSecurityException)1 Configuration (org.apache.hadoop.conf.Configuration)1 CipherSuite (org.apache.hadoop.crypto.CipherSuite)1 CryptoInputStream (org.apache.hadoop.crypto.CryptoInputStream)1 CryptoOutputStream (org.apache.hadoop.crypto.CryptoOutputStream)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial