use of org.apache.pulsar.common.api.EncryptionContext in project pulsar by apache.
the class UtilsTest method createRecord.
private Record<byte[]> createRecord(byte[] data, String algo, String[] keyNames, byte[][] keyValues, byte[] param, Map<String, String> metadata1, Map<String, String> metadata2, int batchSize, int compressionMsgSize, Map<String, String> properties, boolean isEncryption) {
EncryptionContext ctx = null;
if (isEncryption) {
ctx = new EncryptionContext();
ctx.setAlgorithm(algo);
ctx.setBatchSize(Optional.of(batchSize));
ctx.setCompressionType(CompressionType.LZ4);
ctx.setUncompressedMessageSize(compressionMsgSize);
Map<String, EncryptionKey> keys = Maps.newHashMap();
EncryptionKey encKeyVal = new EncryptionKey();
encKeyVal.setKeyValue(keyValues[0]);
encKeyVal.setMetadata(metadata1);
EncryptionKey encKeyVal2 = new EncryptionKey();
encKeyVal2.setKeyValue(keyValues[1]);
encKeyVal2.setMetadata(metadata2);
keys.put(keyNames[0], encKeyVal);
keys.put(keyNames[1], encKeyVal2);
ctx.setKeys(keys);
ctx.setParam(param);
}
return new RecordImpl(data, properties, Optional.ofNullable(ctx));
}
use of org.apache.pulsar.common.api.EncryptionContext in project pulsar by apache.
the class Utils method serializeRecordToJson.
/**
* Serializes sink-record into json format. It encodes encryption-keys, encryption-param and payload in base64
* format so, it can be sent in json.
*
* @param record
* @return
*/
public static String serializeRecordToJson(Record<byte[]> record) {
checkNotNull(record, "record can't be null");
JsonObject result = new JsonObject();
result.addProperty(PAYLOAD_FIELD, getEncoder().encodeToString(record.getValue()));
if (record.getProperties() != null) {
JsonObject properties = new JsonObject();
record.getProperties().entrySet().forEach(e -> properties.addProperty(e.getKey(), e.getValue()));
result.add(PROPERTIES_FIELD, properties);
}
Optional<EncryptionContext> optEncryptionCtx = (record instanceof RecordWithEncryptionContext) ? ((RecordWithEncryptionContext<byte[]>) record).getEncryptionCtx() : Optional.empty();
if (optEncryptionCtx.isPresent()) {
EncryptionContext encryptionCtx = optEncryptionCtx.get();
JsonObject encryptionCtxJson = new JsonObject();
JsonObject keyBase64Map = new JsonObject();
JsonObject keyMetadataMap = new JsonObject();
encryptionCtx.getKeys().entrySet().forEach(entry -> {
keyBase64Map.addProperty(entry.getKey(), getEncoder().encodeToString(entry.getValue().getKeyValue()));
Map<String, String> keyMetadata = entry.getValue().getMetadata();
if (keyMetadata != null && !keyMetadata.isEmpty()) {
JsonObject metadata = new JsonObject();
entry.getValue().getMetadata().entrySet().forEach(m -> metadata.addProperty(m.getKey(), m.getValue()));
keyMetadataMap.add(entry.getKey(), metadata);
}
});
encryptionCtxJson.add(KEY_MAP_FIELD, keyBase64Map);
encryptionCtxJson.add(KEY_METADATA_MAP_FIELD, keyMetadataMap);
encryptionCtxJson.addProperty(ENCRYPTION_PARAM_FIELD, getEncoder().encodeToString(encryptionCtx.getParam()));
encryptionCtxJson.addProperty(ALGO_FIELD, encryptionCtx.getAlgorithm());
if (encryptionCtx.getCompressionType() != null) {
encryptionCtxJson.addProperty(COMPRESSION_TYPE_FIELD, encryptionCtx.getCompressionType().name());
encryptionCtxJson.addProperty(UNCPRESSED_MSG_SIZE_FIELD, encryptionCtx.getUncompressedMessageSize());
}
if (encryptionCtx.getBatchSize().isPresent()) {
encryptionCtxJson.addProperty(BATCH_SIZE_FIELD, encryptionCtx.getBatchSize().get());
}
result.add(ENCRYPTION_CTX_FIELD, encryptionCtxJson);
}
return result.toString();
}
use of org.apache.pulsar.common.api.EncryptionContext in project pulsar by apache.
the class SimpleProducerConsumerTest method decryptMessage.
private String decryptMessage(TopicMessageImpl<byte[]> msg, String encryptionKeyName, CryptoKeyReader reader) throws Exception {
Optional<EncryptionContext> ctx = msg.getEncryptionCtx();
assertTrue(ctx.isPresent());
EncryptionContext encryptionCtx = ctx.orElseThrow(() -> new IllegalStateException("encryption-ctx not present for encrypted message"));
Map<String, EncryptionContext.EncryptionKey> keys = encryptionCtx.getKeys();
assertEquals(keys.size(), 1);
EncryptionContext.EncryptionKey encryptionKey = keys.get(encryptionKeyName);
byte[] dataKey = encryptionKey.getKeyValue();
Map<String, String> metadata = encryptionKey.getMetadata();
String version = metadata.get("version");
assertEquals(version, "1.0");
CompressionType compressionType = encryptionCtx.getCompressionType();
int uncompressedSize = encryptionCtx.getUncompressedMessageSize();
byte[] encrParam = encryptionCtx.getParam();
String encAlgo = encryptionCtx.getAlgorithm();
int batchSize = encryptionCtx.getBatchSize().orElse(0);
ByteBuffer payloadBuf = ByteBuffer.wrap(msg.getData());
// try to decrypt use default MessageCryptoBc
MessageCrypto crypto = new MessageCryptoBc("test", false);
MessageMetadata msgMetadata = new MessageMetadata().setEncryptionParam(encrParam).setProducerName("test").setSequenceId(123).setPublishTime(12333453454L).setCompression(CompressionCodecProvider.convertToWireProtocol(compressionType)).setUncompressedSize(uncompressedSize);
if (encAlgo != null) {
msgMetadata.setEncryptionAlgo(encAlgo);
}
msgMetadata.addEncryptionKey().setKey(encryptionKeyName).setValue(dataKey);
ByteBuffer decryptedPayload = ByteBuffer.allocate(crypto.getMaxOutputSize(payloadBuf.remaining()));
crypto.decrypt(() -> msgMetadata, payloadBuf, decryptedPayload, reader);
// try to uncompress
CompressionCodec codec = CompressionCodecProvider.getCompressionCodec(compressionType);
ByteBuf uncompressedPayload = codec.decode(Unpooled.wrappedBuffer(decryptedPayload), uncompressedSize);
if (batchSize > 0) {
SingleMessageMetadata singleMessageMetadata = new SingleMessageMetadata();
uncompressedPayload = Commands.deSerializeSingleMessageInBatch(uncompressedPayload, singleMessageMetadata, 0, batchSize);
}
byte[] data = new byte[uncompressedPayload.readableBytes()];
uncompressedPayload.readBytes(data);
uncompressedPayload.release();
return new String(data);
}
use of org.apache.pulsar.common.api.EncryptionContext in project pulsar by yahoo.
the class ConsumerImpl method createEncryptionContext.
/**
* Create EncryptionContext if message payload is encrypted.
*
* @param msgMetadata
* @return {@link Optional}<{@link EncryptionContext}>
*/
private Optional<EncryptionContext> createEncryptionContext(MessageMetadata msgMetadata) {
EncryptionContext encryptionCtx = null;
if (msgMetadata.getEncryptionKeysCount() > 0) {
encryptionCtx = new EncryptionContext();
Map<String, EncryptionKey> keys = msgMetadata.getEncryptionKeysList().stream().collect(Collectors.toMap(EncryptionKeys::getKey, e -> new EncryptionKey(e.getValue(), e.getMetadatasList().stream().collect(Collectors.toMap(KeyValue::getKey, KeyValue::getValue)))));
byte[] encParam = msgMetadata.getEncryptionParam();
Optional<Integer> batchSize = Optional.ofNullable(msgMetadata.hasNumMessagesInBatch() ? msgMetadata.getNumMessagesInBatch() : null);
encryptionCtx.setKeys(keys);
encryptionCtx.setParam(encParam);
if (msgMetadata.hasEncryptionAlgo()) {
encryptionCtx.setAlgorithm(msgMetadata.getEncryptionAlgo());
}
encryptionCtx.setCompressionType(CompressionCodecProvider.convertFromWireProtocol(msgMetadata.getCompression()));
encryptionCtx.setUncompressedMessageSize(msgMetadata.getUncompressedSize());
encryptionCtx.setBatchSize(batchSize);
}
return Optional.ofNullable(encryptionCtx);
}
use of org.apache.pulsar.common.api.EncryptionContext in project pulsar by yahoo.
the class UtilsTest method createRecord.
private Record<GenericObject> createRecord(byte[] data, String algo, String[] keyNames, byte[][] keyValues, byte[] param, Map<String, String> metadata1, Map<String, String> metadata2, int batchSize, int compressionMsgSize, Map<String, String> properties, boolean isEncryption) {
EncryptionContext ctx = null;
if (isEncryption) {
ctx = new EncryptionContext();
ctx.setAlgorithm(algo);
ctx.setBatchSize(Optional.of(batchSize));
ctx.setCompressionType(CompressionType.LZ4);
ctx.setUncompressedMessageSize(compressionMsgSize);
Map<String, EncryptionKey> keys = Maps.newHashMap();
EncryptionKey encKeyVal = new EncryptionKey();
encKeyVal.setKeyValue(keyValues[0]);
encKeyVal.setMetadata(metadata1);
EncryptionKey encKeyVal2 = new EncryptionKey();
encKeyVal2.setKeyValue(keyValues[1]);
encKeyVal2.setMetadata(metadata2);
keys.put(keyNames[0], encKeyVal);
keys.put(keyNames[1], encKeyVal2);
ctx.setKeys(keys);
ctx.setParam(param);
}
org.apache.pulsar.client.api.Message<GenericObject> message = mock(org.apache.pulsar.client.api.Message.class);
when(message.getData()).thenReturn(data);
when(message.getProperties()).thenReturn(properties);
when(message.getEncryptionCtx()).thenReturn(Optional.ofNullable(ctx));
return PulsarRecord.<GenericObject>builder().message(message).build();
}
Aggregations