Examples with DaoManager org.apache.ranger.kms.dao.DaoManager used on opensource projects

Search in sources :

Example 6 with DaoManager

use of org.apache.ranger.kms.dao.DaoManager in project ranger by apache.

the class VerifyIsHSMMasterkeyCorrect method getHSMMasterkey.

public void getHSMMasterkey(String hsmType, String partitionName) {
    char[] partitionPassword = null;
    try {
        partitionPassword = ConsoleUtil.getPasswordFromConsole("Enter Password for the Partition " + partitionName + " : ");
        Configuration conf = RangerKeyStoreProvider.getDBKSConf();
        conf.set(HSM_TYPE, hsmType);
        conf.set(PARTITION_NAME, partitionName);
        conf.set(PARTITION_PASSWORD, String.valueOf(partitionPassword));
        String password = conf.get(ENCRYPTION_KEY);
        RangerKMSDB rangerkmsDb = new RangerKMSDB(conf);
        DaoManager daoManager = rangerkmsDb.getDaoManager();
        RangerKeyStore dbStore = new RangerKeyStore(daoManager);
        // Get Master Key from HSM
        RangerHSM rangerHSM = new RangerHSM(conf);
        String hsmMasterKey = rangerHSM.getMasterKey(password);
        if (hsmMasterKey == null) {
            // Master Key does not exists
            throw new IOException("Ranger MasterKey does not exists in HSM!!!");
        }
        dbStore.engineLoad(null, hsmMasterKey.toCharArray());
        System.out.println("KMS keystore engine loaded successfully.");
    } catch (Throwable t) {
        throw new RuntimeException("Unable to load keystore engine with given password or Masterkey was tampered.", t);
    }
}
Also used : Configuration(org.apache.hadoop.conf.Configuration) IOException(java.io.IOException) DaoManager(org.apache.ranger.kms.dao.DaoManager)

Example 7 with DaoManager

use of org.apache.ranger.kms.dao.DaoManager in project ranger by apache.

the class TestRangerKeyStore method testInvalidKey1.

@Test(expected = IOException.class)
public void testInvalidKey1() throws NoSuchAlgorithmException, CertificateException, IOException, KeyStoreException {
    DaoManager daoManager = Mockito.mock(DaoManager.class);
    RangerKeyStore rangerKeyStore = new RangerKeyStore(daoManager);
    String keyValue = "enckey:1";
    InputStream inputStream = generateKeyStoreFile(keyValue);
    rangerKeyStore.engineLoadKeyStoreFile(inputStream, storePass, keyPass, masterKey, fileFormat);
    inputStream.close();
}
Also used : FileInputStream(java.io.FileInputStream) InputStream(java.io.InputStream) RangerKeyStore(org.apache.hadoop.crypto.key.RangerKeyStore) DaoManager(org.apache.ranger.kms.dao.DaoManager) Test(org.junit.Test)

Example 8 with DaoManager

use of org.apache.ranger.kms.dao.DaoManager in project ranger by apache.

the class TestRangerKeyStore method testInvalidKey2.

@Test(expected = IOException.class)
public void testInvalidKey2() throws NoSuchAlgorithmException, CertificateException, IOException, KeyStoreException {
    DaoManager daoManager = Mockito.mock(DaoManager.class);
    RangerKeyStore rangerKeyStore = new RangerKeyStore(daoManager);
    String keyValue = "1%enckey";
    InputStream inputStream = generateKeyStoreFile(keyValue);
    rangerKeyStore.engineLoadKeyStoreFile(inputStream, storePass, keyPass, masterKey, fileFormat);
    inputStream.close();
}
Also used : FileInputStream(java.io.FileInputStream) InputStream(java.io.InputStream) RangerKeyStore(org.apache.hadoop.crypto.key.RangerKeyStore) DaoManager(org.apache.ranger.kms.dao.DaoManager) Test(org.junit.Test)

Example 9 with DaoManager

use of org.apache.ranger.kms.dao.DaoManager in project ranger by apache.

the class TestRangerKeyStore method testValidKey2.

@Test
public void testValidKey2() throws NoSuchAlgorithmException, CertificateException, IOException, KeyStoreException {
    DaoManager daoManager = Mockito.mock(DaoManager.class);
    RangerKeyStore rangerKeyStore = new RangerKeyStore(daoManager);
    String keyValue = "1-enckey_test";
    InputStream inputStream = generateKeyStoreFile(keyValue);
    rangerKeyStore.engineLoadKeyStoreFile(inputStream, storePass, keyPass, masterKey, fileFormat);
    inputStream.close();
}
Also used : FileInputStream(java.io.FileInputStream) InputStream(java.io.InputStream) RangerKeyStore(org.apache.hadoop.crypto.key.RangerKeyStore) DaoManager(org.apache.ranger.kms.dao.DaoManager) Test(org.junit.Test)

Example 10 with DaoManager

use of org.apache.ranger.kms.dao.DaoManager in project ranger by apache.

the class DB2HSMMKUtil method doExportMKToHSM.

private boolean doExportMKToHSM(String hsmType, String partitionName) {
    char[] partitionPassword = null;
    try {
        partitionPassword = ConsoleUtil.getPasswordFromConsole("Enter Password for the Partition " + partitionName + " : ");
        Configuration conf = RangerKeyStoreProvider.getDBKSConf();
        conf.set(HSM_TYPE, hsmType);
        conf.set(PARTITION_NAME, partitionName);
        conf.set(PARTITION_PASSWORD, String.valueOf(partitionPassword));
        RangerKMSDB rangerkmsDb = new RangerKMSDB(conf);
        DaoManager daoManager = rangerkmsDb.getDaoManager();
        String password = conf.get(ENCRYPTION_KEY);
        // Get Master Key from Ranger DB
        RangerMasterKey rangerMasterKey = new RangerMasterKey(daoManager);
        String mkey = rangerMasterKey.getMasterKey(password);
        byte[] key = Base64.decode(mkey);
        // Put Master Key in HSM
        RangerHSM rangerHSM = new RangerHSM(conf);
        return rangerHSM.setMasterKey(password, key);
    } catch (Throwable t) {
        throw new RuntimeException("Unable to import Master key from Ranger DB to HSM ", t);
    } finally {
        Arrays.fill(partitionPassword, ' ');
    }
}
Also used : Configuration(org.apache.hadoop.conf.Configuration) DaoManager(org.apache.ranger.kms.dao.DaoManager)

Aggregations

DaoManager (org.apache.ranger.kms.dao.DaoManager)18 FileInputStream (java.io.FileInputStream)7 InputStream (java.io.InputStream)7 Test (org.junit.Test)7 Configuration (org.apache.hadoop.conf.Configuration)6 RangerKeyStore (org.apache.hadoop.crypto.key.RangerKeyStore)6 IOException (java.io.IOException)5 KeyVaultClient (com.microsoft.azure.keyvault.KeyVaultClient)3 File (java.io.File)2 Path (java.nio.file.Path)2 Key (java.security.Key)2 KeyStoreException (java.security.KeyStoreException)2 ArrayList (java.util.ArrayList)2 RangerKMSDB (org.apache.hadoop.crypto.key.RangerKMSDB)2 RangerMasterKey (org.apache.hadoop.crypto.key.RangerMasterKey)2 XXRangerKeyStore (org.apache.ranger.entity.XXRangerKeyStore)2 FileOutputStream (java.io.FileOutputStream)1 OutputStream (java.io.OutputStream)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial