use of org.apache.pulsar.common.api.EncryptionContext.EncryptionKey in project pulsar by apache.
the class UtilsTest method createRecord.
private Record<byte[]> createRecord(byte[] data, String algo, String[] keyNames, byte[][] keyValues, byte[] param, Map<String, String> metadata1, Map<String, String> metadata2, int batchSize, int compressionMsgSize, Map<String, String> properties, boolean isEncryption) {
EncryptionContext ctx = null;
if (isEncryption) {
ctx = new EncryptionContext();
ctx.setAlgorithm(algo);
ctx.setBatchSize(Optional.of(batchSize));
ctx.setCompressionType(CompressionType.LZ4);
ctx.setUncompressedMessageSize(compressionMsgSize);
Map<String, EncryptionKey> keys = Maps.newHashMap();
EncryptionKey encKeyVal = new EncryptionKey();
encKeyVal.setKeyValue(keyValues[0]);
encKeyVal.setMetadata(metadata1);
EncryptionKey encKeyVal2 = new EncryptionKey();
encKeyVal2.setKeyValue(keyValues[1]);
encKeyVal2.setMetadata(metadata2);
keys.put(keyNames[0], encKeyVal);
keys.put(keyNames[1], encKeyVal2);
ctx.setKeys(keys);
ctx.setParam(param);
}
return new RecordImpl(data, properties, Optional.ofNullable(ctx));
}
use of org.apache.pulsar.common.api.EncryptionContext.EncryptionKey in project pulsar by yahoo.
the class ConsumerImpl method createEncryptionContext.
/**
* Create EncryptionContext if message payload is encrypted.
*
* @param msgMetadata
* @return {@link Optional}<{@link EncryptionContext}>
*/
private Optional<EncryptionContext> createEncryptionContext(MessageMetadata msgMetadata) {
EncryptionContext encryptionCtx = null;
if (msgMetadata.getEncryptionKeysCount() > 0) {
encryptionCtx = new EncryptionContext();
Map<String, EncryptionKey> keys = msgMetadata.getEncryptionKeysList().stream().collect(Collectors.toMap(EncryptionKeys::getKey, e -> new EncryptionKey(e.getValue(), e.getMetadatasList().stream().collect(Collectors.toMap(KeyValue::getKey, KeyValue::getValue)))));
byte[] encParam = msgMetadata.getEncryptionParam();
Optional<Integer> batchSize = Optional.ofNullable(msgMetadata.hasNumMessagesInBatch() ? msgMetadata.getNumMessagesInBatch() : null);
encryptionCtx.setKeys(keys);
encryptionCtx.setParam(encParam);
if (msgMetadata.hasEncryptionAlgo()) {
encryptionCtx.setAlgorithm(msgMetadata.getEncryptionAlgo());
}
encryptionCtx.setCompressionType(CompressionCodecProvider.convertFromWireProtocol(msgMetadata.getCompression()));
encryptionCtx.setUncompressedMessageSize(msgMetadata.getUncompressedSize());
encryptionCtx.setBatchSize(batchSize);
}
return Optional.ofNullable(encryptionCtx);
}
use of org.apache.pulsar.common.api.EncryptionContext.EncryptionKey in project pulsar by yahoo.
the class UtilsTest method createRecord.
private Record<GenericObject> createRecord(byte[] data, String algo, String[] keyNames, byte[][] keyValues, byte[] param, Map<String, String> metadata1, Map<String, String> metadata2, int batchSize, int compressionMsgSize, Map<String, String> properties, boolean isEncryption) {
EncryptionContext ctx = null;
if (isEncryption) {
ctx = new EncryptionContext();
ctx.setAlgorithm(algo);
ctx.setBatchSize(Optional.of(batchSize));
ctx.setCompressionType(CompressionType.LZ4);
ctx.setUncompressedMessageSize(compressionMsgSize);
Map<String, EncryptionKey> keys = Maps.newHashMap();
EncryptionKey encKeyVal = new EncryptionKey();
encKeyVal.setKeyValue(keyValues[0]);
encKeyVal.setMetadata(metadata1);
EncryptionKey encKeyVal2 = new EncryptionKey();
encKeyVal2.setKeyValue(keyValues[1]);
encKeyVal2.setMetadata(metadata2);
keys.put(keyNames[0], encKeyVal);
keys.put(keyNames[1], encKeyVal2);
ctx.setKeys(keys);
ctx.setParam(param);
}
org.apache.pulsar.client.api.Message<GenericObject> message = mock(org.apache.pulsar.client.api.Message.class);
when(message.getData()).thenReturn(data);
when(message.getProperties()).thenReturn(properties);
when(message.getEncryptionCtx()).thenReturn(Optional.ofNullable(ctx));
return PulsarRecord.<GenericObject>builder().message(message).build();
}
use of org.apache.pulsar.common.api.EncryptionContext.EncryptionKey in project incubator-pulsar by apache.
the class ConsumerImpl method createEncryptionContext.
/**
* Create EncryptionContext if message payload is encrypted.
*
* @param msgMetadata
* @return {@link Optional}<{@link EncryptionContext}>
*/
private Optional<EncryptionContext> createEncryptionContext(MessageMetadata msgMetadata) {
EncryptionContext encryptionCtx = null;
if (msgMetadata.getEncryptionKeysCount() > 0) {
encryptionCtx = new EncryptionContext();
Map<String, EncryptionKey> keys = msgMetadata.getEncryptionKeysList().stream().collect(Collectors.toMap(EncryptionKeys::getKey, e -> new EncryptionKey(e.getValue(), e.getMetadatasList().stream().collect(Collectors.toMap(KeyValue::getKey, KeyValue::getValue)))));
byte[] encParam = msgMetadata.getEncryptionParam();
Optional<Integer> batchSize = Optional.ofNullable(msgMetadata.hasNumMessagesInBatch() ? msgMetadata.getNumMessagesInBatch() : null);
encryptionCtx.setKeys(keys);
encryptionCtx.setParam(encParam);
if (msgMetadata.hasEncryptionAlgo()) {
encryptionCtx.setAlgorithm(msgMetadata.getEncryptionAlgo());
}
encryptionCtx.setCompressionType(CompressionCodecProvider.convertFromWireProtocol(msgMetadata.getCompression()));
encryptionCtx.setUncompressedMessageSize(msgMetadata.getUncompressedSize());
encryptionCtx.setBatchSize(batchSize);
}
return Optional.ofNullable(encryptionCtx);
}
use of org.apache.pulsar.common.api.EncryptionContext.EncryptionKey in project incubator-pulsar by apache.
the class SimpleProducerConsumerTest method decryptMessage.
private String decryptMessage(TopicMessageImpl<byte[]> msg, String encryptionKeyName, CryptoKeyReader reader) throws Exception {
Optional<EncryptionContext> ctx = msg.getEncryptionCtx();
Assert.assertTrue(ctx.isPresent());
EncryptionContext encryptionCtx = ctx.orElseThrow(() -> new IllegalStateException("encryption-ctx not present for encrypted message"));
Map<String, EncryptionKey> keys = encryptionCtx.getKeys();
assertEquals(keys.size(), 1);
EncryptionKey encryptionKey = keys.get(encryptionKeyName);
byte[] dataKey = encryptionKey.getKeyValue();
Map<String, String> metadata = encryptionKey.getMetadata();
String version = metadata.get("version");
assertEquals(version, "1.0");
CompressionType compressionType = encryptionCtx.getCompressionType();
int uncompressedSize = encryptionCtx.getUncompressedMessageSize();
byte[] encrParam = encryptionCtx.getParam();
String encAlgo = encryptionCtx.getAlgorithm();
int batchSize = encryptionCtx.getBatchSize().orElse(0);
ByteBuffer payloadBuf = ByteBuffer.wrap(msg.getData());
// try to decrypt use default MessageCryptoBc
MessageCrypto<MessageMetadata, MessageMetadata> crypto = new MessageCryptoBc("test", false);
MessageMetadata messageMetadata = new MessageMetadata().setEncryptionParam(encrParam).setProducerName("test").setSequenceId(123).setPublishTime(12333453454L).setCompression(CompressionCodecProvider.convertToWireProtocol(compressionType)).setUncompressedSize(uncompressedSize);
messageMetadata.addEncryptionKey().setKey(encryptionKeyName).setValue(dataKey);
if (encAlgo != null) {
messageMetadata.setEncryptionAlgo(encAlgo);
}
ByteBuffer decryptedPayload = ByteBuffer.allocate(crypto.getMaxOutputSize(payloadBuf.remaining()));
crypto.decrypt(() -> messageMetadata, payloadBuf, decryptedPayload, reader);
// try to uncompress
CompressionCodec codec = CompressionCodecProvider.getCompressionCodec(compressionType);
ByteBuf uncompressedPayload = codec.decode(Unpooled.wrappedBuffer(decryptedPayload), uncompressedSize);
if (batchSize > 0) {
SingleMessageMetadata singleMessageMetadata = new SingleMessageMetadata();
uncompressedPayload = Commands.deSerializeSingleMessageInBatch(uncompressedPayload, singleMessageMetadata, 0, batchSize);
}
byte[] data = new byte[uncompressedPayload.readableBytes()];
uncompressedPayload.readBytes(data);
uncompressedPayload.release();
return new String(data);
}
Aggregations