accumulo-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Josh Elser (JIRA)" <>
Subject [jira] [Commented] (ACCUMULO-958) Support pluggable encryption in walogs
Date Sat, 26 Jan 2013 03:11:14 GMT


Josh Elser commented on ACCUMULO-958:

A few notes:

* Would be great to see some sort of test cases, even illustrating trivial cases
* Javadoc on SecretKeyEncryptionStrategy would be nice
* Move the log.debug to trace (or just remove) for things that are no outwardly useful to
a user/administrator (e.g. DefaultCryptoModule:62, CryptoModuleFactory:85, DfsLogger:223,
* DefaultCryptoModule:52 comment probably isn't necessary :)
* Please nuke the ALL CAPS spam in CryptoModuleFactory:[63,79,88,93,118,134,143,147], if we
want the user to recognize and forcibly take action, we should propagate an Exception up instead
of falling back to the Null encryption classes.
* CryptoModuleFactory:123-131 could be replaced with:
boolean implementsSecretKeyStrategy = SecretKeyEncryptionStrategy.class.isAssignableFrom(keyEncryptionStrategyClazz);
* I won't really go deep into thoughts on CryptoModule because of your deprecation comments,
but I do want to say that there's probably some easy encapsulation you can do easily with
the crypto opts, params and properties.
* No argument checking in DefaultCryptoModule (NPE easy to arise). Again, tests here would
be good.

> Support pluggable encryption in walogs
> --------------------------------------
>                 Key: ACCUMULO-958
>                 URL:
>             Project: Accumulo
>          Issue Type: Improvement
>          Components: logger
>            Reporter: John Vines
>            Assignee: Michael Allen
>             Fix For: 1.5.0
>         Attachments: ACCUMULO-958-actual-changes.patch, accumulo-958.diff
> There are some cases where users want encryption at rest for the walogs. It should be
fairly trivial to implement it in such a way to insert a CipherOutputStream into the data
path (defaulting to using a NullCipher) and then making the Cipher pluggable to users can
insert the appropriate mechanisms for their use case.
> This also means swapping in CipherInputStream and putting in a check to make sure the
Cipher type's match at read and write time. Possibly a versioning mechanism so people can
migrate Ciphers.

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see:

View raw message