flume-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mpe...@apache.org
Subject git commit: FLUME-1563. FileChannel Encryption KeyProvider configuration properties should be more consistent.
Date Wed, 12 Sep 2012 17:59:22 GMT
Updated Branches:
  refs/heads/trunk 8f77db07c -> e6c64a8e3


FLUME-1563. FileChannel Encryption KeyProvider configuration properties should be more consistent.

(Brock Noland via Mike Percy)


Project: http://git-wip-us.apache.org/repos/asf/flume/repo
Commit: http://git-wip-us.apache.org/repos/asf/flume/commit/e6c64a8e
Tree: http://git-wip-us.apache.org/repos/asf/flume/tree/e6c64a8e
Diff: http://git-wip-us.apache.org/repos/asf/flume/diff/e6c64a8e

Branch: refs/heads/trunk
Commit: e6c64a8e3fd4d2ffe5d8505041738bdd4cc3f667
Parents: 8f77db0
Author: Mike Percy <mpercy@apache.org>
Authored: Wed Sep 12 10:57:52 2012 -0700
Committer: Mike Percy <mpercy@apache.org>
Committed: Wed Sep 12 10:57:52 2012 -0700

----------------------------------------------------------------------
 .../org/apache/flume/channel/file/FileChannel.java |   13 ++-
 .../file/encryption/EncryptionConfiguration.java   |    7 +-
 .../file/encryption/JCEFileKeyProvider.java        |   50 +++++++-----
 .../file/encryption/KeyProviderFactory.java        |    9 +-
 .../file/encryption/EncryptionTestUtils.java       |   27 ++++--
 .../file/encryption/TestFileChannelEncryption.java |   65 +++++++++++----
 .../file/encryption/TestJCEFileKeyProvider.java    |   20 +++--
 7 files changed, 130 insertions(+), 61 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/flume/blob/e6c64a8e/flume-ng-channels/flume-file-channel/src/main/java/org/apache/flume/channel/file/FileChannel.java
----------------------------------------------------------------------
diff --git a/flume-ng-channels/flume-file-channel/src/main/java/org/apache/flume/channel/file/FileChannel.java
b/flume-ng-channels/flume-file-channel/src/main/java/org/apache/flume/channel/file/FileChannel.java
index f2ccd3a..66f7536 100644
--- a/flume-ng-channels/flume-file-channel/src/main/java/org/apache/flume/channel/file/FileChannel.java
+++ b/flume-ng-channels/flume-file-channel/src/main/java/org/apache/flume/channel/file/FileChannel.java
@@ -40,7 +40,9 @@ import org.apache.flume.instrumentation.ChannelCounter;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import com.google.common.base.Joiner;
 import com.google.common.base.Preconditions;
+import com.google.common.base.Strings;
 
 /**
  * <p>
@@ -214,11 +216,16 @@ public class FileChannel extends BasicChannelSemantics {
     encryptionCipherProvider = encryptionContext.getString(
         EncryptionConfiguration.CIPHER_PROVIDER);
     if(encryptionKeyProviderName != null) {
-      Preconditions.checkNotNull(encryptionKeyAlias, "encryptionKeyAlias");
-      Preconditions.checkNotNull(encryptionCipherProvider,
+      Preconditions.checkState(!Strings.isNullOrEmpty(encryptionKeyAlias),
+          "encryptionKeyAlias");
+      Preconditions.checkState(!Strings.isNullOrEmpty(encryptionCipherProvider),
           "encryptionCipherProvider");
+      Context keyProviderContext = new Context(encryptionContext.
+          getSubProperties(Joiner.on(".").
+              join(EncryptionConfiguration.KEY_PROVIDER,
+                  encryptionKeyProviderName.trim(), "")));
       encryptionKeyProvider = KeyProviderFactory.
-          getInstance(encryptionKeyProviderName, encryptionContext);
+          getInstance(keyProviderContext);
     } else {
       Preconditions.checkState(encryptionKeyAlias == null, "encryptionKeyAlias");
       Preconditions.checkState(encryptionCipherProvider == null,

http://git-wip-us.apache.org/repos/asf/flume/blob/e6c64a8e/flume-ng-channels/flume-file-channel/src/main/java/org/apache/flume/channel/file/encryption/EncryptionConfiguration.java
----------------------------------------------------------------------
diff --git a/flume-ng-channels/flume-file-channel/src/main/java/org/apache/flume/channel/file/encryption/EncryptionConfiguration.java
b/flume-ng-channels/flume-file-channel/src/main/java/org/apache/flume/channel/file/encryption/EncryptionConfiguration.java
index 909d6bf..27716fc 100644
--- a/flume-ng-channels/flume-file-channel/src/main/java/org/apache/flume/channel/file/encryption/EncryptionConfiguration.java
+++ b/flume-ng-channels/flume-file-channel/src/main/java/org/apache/flume/channel/file/encryption/EncryptionConfiguration.java
@@ -28,6 +28,10 @@ public class EncryptionConfiguration {
    */
   public static final String KEY_PROVIDER = "keyProvider";
   /**
+   * Encryption key provider type, default is null.
+   */
+  public static final String KEY_PROVIDER_TYPE = "type";
+  /**
    * Encryption key alias, default is null.
    */
   public static final String KEY_ALIAS = "keyAlias";
@@ -40,8 +44,7 @@ public class EncryptionConfiguration {
    * Space separated list of keys which are needed for the current set of logs
    * plus the one specified in keyAlias
    */
-  public static final String KEYS = "keys";
-
+  public static final String JCE_FILE_KEYS = "keys";
   /**
    * Path to key password file is:
    * keys.aliasName.passwordFile

http://git-wip-us.apache.org/repos/asf/flume/blob/e6c64a8e/flume-ng-channels/flume-file-channel/src/main/java/org/apache/flume/channel/file/encryption/JCEFileKeyProvider.java
----------------------------------------------------------------------
diff --git a/flume-ng-channels/flume-file-channel/src/main/java/org/apache/flume/channel/file/encryption/JCEFileKeyProvider.java
b/flume-ng-channels/flume-file-channel/src/main/java/org/apache/flume/channel/file/encryption/JCEFileKeyProvider.java
index f814993..4c53df4 100644
--- a/flume-ng-channels/flume-file-channel/src/main/java/org/apache/flume/channel/file/encryption/JCEFileKeyProvider.java
+++ b/flume-ng-channels/flume-file-channel/src/main/java/org/apache/flume/channel/file/encryption/JCEFileKeyProvider.java
@@ -29,7 +29,9 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 import com.google.common.base.Charsets;
+import com.google.common.base.Joiner;
 import com.google.common.base.Preconditions;
+import com.google.common.base.Strings;
 import com.google.common.base.Throwables;
 import com.google.common.collect.Maps;
 import com.google.common.io.Files;
@@ -41,11 +43,13 @@ public class JCEFileKeyProvider extends KeyProvider {
   private Map<String, File> aliasPasswordFileMap;
   private KeyStore ks;
   private char[] keyStorePassword;
+  private File keyStorePasswordFile;
 
   public JCEFileKeyProvider(File keyStoreFile, File keyStorePasswordFile,
       Map<String, File> aliasPasswordFileMap) {
     super();
     this.aliasPasswordFileMap = aliasPasswordFileMap;
+    this.keyStorePasswordFile = keyStorePasswordFile;
     try {
       ks = KeyStore.getInstance("jceks");
       keyStorePassword = Files.toString(keyStorePasswordFile, Charsets.UTF_8)
@@ -58,16 +62,22 @@ public class JCEFileKeyProvider extends KeyProvider {
 
   @Override
   public Key getKey(String alias) {
+    String passwordFile = keyStorePasswordFile.getAbsolutePath();
     try {
       char[] keyPassword = keyStorePassword;
       if(aliasPasswordFileMap.containsKey(alias)) {
-        keyPassword = Files.toString(aliasPasswordFileMap.get(alias),
+        File keyPasswordFile = aliasPasswordFileMap.get(alias);
+        keyPassword = Files.toString(keyPasswordFile,
             Charsets.UTF_8).trim().toCharArray();
+        passwordFile = keyPasswordFile.getAbsolutePath();
       }
       Key key = ks.getKey(alias, keyPassword);
       return key;
     } catch (Exception e) {
-      throw Throwables.propagate(e);
+      String msg = e.getClass().getName() + ": " + e.getMessage() + ". " +
+          "Key = " + alias + ", passwordFile = " + passwordFile +": " +
+          e.getMessage();
+      throw new RuntimeException(msg, e);
     }
   }
 
@@ -78,26 +88,26 @@ public class JCEFileKeyProvider extends KeyProvider {
           EncryptionConfiguration.JCE_FILE_KEY_STORE_FILE);
       String keyStorePasswordFileName = context.getString(
           EncryptionConfiguration.JCE_FILE_KEY_STORE_PASSWORD_FILE);
-      Preconditions.checkNotNull(keyStoreFileName, "KeyStore file not specified");
-      Preconditions.checkNotNull(keyStorePasswordFileName, "KeyStore password " +
-             "file not specified");
+      Preconditions.checkState(!Strings.isNullOrEmpty(keyStoreFileName),
+          "KeyStore file not specified");
+      Preconditions.checkState(!Strings.isNullOrEmpty(keyStorePasswordFileName),
+          "KeyStore password  file not specified");
       Map<String, File> aliasPasswordFileMap = Maps.newHashMap();
       String passwordProtectedKeys = context.getString(
-          EncryptionConfiguration.KEYS);
-      if(passwordProtectedKeys != null) {
-        for(String passwordName : passwordProtectedKeys.trim().split("\\s+")) {
-          String propertyName = EncryptionConfiguration.KEYS + "." +
-              passwordName + "." +
-              EncryptionConfiguration.JCE_FILE_KEY_PASSWORD_FILE;
-          String passwordFileName = context.getString(propertyName,
-              keyStorePasswordFileName);
-          File passwordFile = new File(passwordFileName.trim());
-          if(passwordFile.isFile()) {
-            aliasPasswordFileMap.put(passwordName, passwordFile);
-          } else {
-            logger.warn("Password file for alias " + passwordName +
-                " does not exist");
-          }
+          EncryptionConfiguration.JCE_FILE_KEYS);
+      Preconditions.checkState(!Strings.isNullOrEmpty(passwordProtectedKeys),
+          "Keys available to KeyStore was not specified or empty");
+      for(String passwordName : passwordProtectedKeys.trim().split("\\s+")) {
+        String propertyName = Joiner.on(".").join(EncryptionConfiguration.JCE_FILE_KEYS,
+            passwordName, EncryptionConfiguration.JCE_FILE_KEY_PASSWORD_FILE);
+        String passwordFileName = context.getString(propertyName,
+            keyStorePasswordFileName);
+        File passwordFile = new File(passwordFileName.trim());
+        if(passwordFile.isFile()) {
+          aliasPasswordFileMap.put(passwordName, passwordFile);
+        } else {
+          logger.warn("Password file for alias " + passwordName +
+              " does not exist");
         }
       }
       File keyStoreFile = new File(keyStoreFileName.trim());

http://git-wip-us.apache.org/repos/asf/flume/blob/e6c64a8e/flume-ng-channels/flume-file-channel/src/main/java/org/apache/flume/channel/file/encryption/KeyProviderFactory.java
----------------------------------------------------------------------
diff --git a/flume-ng-channels/flume-file-channel/src/main/java/org/apache/flume/channel/file/encryption/KeyProviderFactory.java
b/flume-ng-channels/flume-file-channel/src/main/java/org/apache/flume/channel/file/encryption/KeyProviderFactory.java
index fef0367..f09c48b 100644
--- a/flume-ng-channels/flume-file-channel/src/main/java/org/apache/flume/channel/file/encryption/KeyProviderFactory.java
+++ b/flume-ng-channels/flume-file-channel/src/main/java/org/apache/flume/channel/file/encryption/KeyProviderFactory.java
@@ -30,10 +30,11 @@ public class KeyProviderFactory {
       LoggerFactory.getLogger(KeyProviderFactory.class);
 
   @SuppressWarnings({ "rawtypes", "unchecked" })
-  public static KeyProvider getInstance(String keyProviderType, Context context) {
-
+  public static KeyProvider getInstance(Context context) {
+    String keyProviderType = context.getString(
+        EncryptionConfiguration.KEY_PROVIDER_TYPE);
     Preconditions.checkNotNull(keyProviderType,
-        "provider type must not be null");
+        "key provider type must not be null");
 
     // try to find builder class in enum of known providers
     KeyProviderType type;
@@ -50,7 +51,7 @@ public class KeyProviderFactory {
     if (providerClass == null) {
       try {
         Class c = Class.forName(keyProviderType);
-        if (c != null && CipherProvider.class.isAssignableFrom(c)) {
+        if (c != null && KeyProvider.Builder.class.isAssignableFrom(c)) {
           providerClass = (Class<? extends KeyProvider.Builder>) c;
         } else {
           String errMessage = "Unable to instantiate Builder from " +

http://git-wip-us.apache.org/repos/asf/flume/blob/e6c64a8e/flume-ng-channels/flume-file-channel/src/test/java/org/apache/flume/channel/file/encryption/EncryptionTestUtils.java
----------------------------------------------------------------------
diff --git a/flume-ng-channels/flume-file-channel/src/test/java/org/apache/flume/channel/file/encryption/EncryptionTestUtils.java
b/flume-ng-channels/flume-file-channel/src/test/java/org/apache/flume/channel/file/encryption/EncryptionTestUtils.java
index a157661..fc617f5 100644
--- a/flume-ng-channels/flume-file-channel/src/test/java/org/apache/flume/channel/file/encryption/EncryptionTestUtils.java
+++ b/flume-ng-channels/flume-file-channel/src/test/java/org/apache/flume/channel/file/encryption/EncryptionTestUtils.java
@@ -95,30 +95,39 @@ public class EncryptionTestUtils {
     result.put("key-1", null);
     return result;
   }
-  public static Map<String,String> configureForKeyStore(File keyStoreFile,
-      File keyStorePasswordFile, Map<String, File> keyAliasPassword)
-          throws Exception {
+  public static Map<String,String> configureForKeyStore(String keyProviderName,
+      File keyStoreFile, File keyStorePasswordFile,
+      Map<String, File> keyAliasPassword) throws Exception {
     Map<String, String> context = Maps.newHashMap();
     List<String> keys = Lists.newArrayList();
+    Joiner joiner = Joiner.on(".");
     for(String alias : keyAliasPassword.keySet()) {
-      String propertyName = EncryptionConfiguration.KEYS + "." + alias + "." +
-          EncryptionConfiguration.JCE_FILE_KEY_PASSWORD_FILE;
       File passwordFile = keyAliasPassword.get(alias);
       if(passwordFile == null) {
         keys.add(alias);
-        context.put(propertyName, keyStorePasswordFile.getAbsolutePath());
       } else {
+        String propertyName = joiner.join(EncryptionConfiguration.KEY_PROVIDER,
+            keyProviderName, EncryptionConfiguration.JCE_FILE_KEYS, alias,
+            EncryptionConfiguration.JCE_FILE_KEY_PASSWORD_FILE);
         keys.add(alias);
         context.put(propertyName, passwordFile.getAbsolutePath());
       }
     }
-    context.put(EncryptionConfiguration.JCE_FILE_KEY_STORE_FILE,
+    context.put(EncryptionConfiguration.KEY_PROVIDER, keyProviderName);
+    context.put(joiner.join(EncryptionConfiguration.KEY_PROVIDER,
+        keyProviderName, EncryptionConfiguration.KEY_PROVIDER_TYPE),
+        KeyProviderType.JCEKSFILE.name());
+    context.put(joiner.join(EncryptionConfiguration.KEY_PROVIDER,
+        keyProviderName, EncryptionConfiguration.JCE_FILE_KEY_STORE_FILE),
         keyStoreFile.getAbsolutePath());
     if(keyStorePasswordFile != null) {
-      context.put(EncryptionConfiguration.JCE_FILE_KEY_STORE_PASSWORD_FILE,
+      context.put(joiner.join(EncryptionConfiguration.KEY_PROVIDER,
+          keyProviderName, EncryptionConfiguration.JCE_FILE_KEY_STORE_PASSWORD_FILE),
           keyStorePasswordFile.getAbsolutePath());
     }
-    context.put(EncryptionConfiguration.KEYS, Joiner.on(" ").join(keys));
+    context.put(joiner.join(EncryptionConfiguration.KEY_PROVIDER,
+        keyProviderName, EncryptionConfiguration.JCE_FILE_KEYS),
+        Joiner.on(" ").join(keys));
     return context;
   }
 }

http://git-wip-us.apache.org/repos/asf/flume/blob/e6c64a8e/flume-ng-channels/flume-file-channel/src/test/java/org/apache/flume/channel/file/encryption/TestFileChannelEncryption.java
----------------------------------------------------------------------
diff --git a/flume-ng-channels/flume-file-channel/src/test/java/org/apache/flume/channel/file/encryption/TestFileChannelEncryption.java
b/flume-ng-channels/flume-file-channel/src/test/java/org/apache/flume/channel/file/encryption/TestFileChannelEncryption.java
index 5f3a23d..44af4c9 100644
--- a/flume-ng-channels/flume-file-channel/src/test/java/org/apache/flume/channel/file/encryption/TestFileChannelEncryption.java
+++ b/flume-ng-channels/flume-file-channel/src/test/java/org/apache/flume/channel/file/encryption/TestFileChannelEncryption.java
@@ -37,12 +37,14 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 import com.google.common.base.Charsets;
+import com.google.common.base.Joiner;
 import com.google.common.collect.Maps;
 import com.google.common.io.Files;
 
 public class TestFileChannelEncryption extends TestFileChannelBase {
   protected static final Logger LOGGER =
       LoggerFactory.getLogger(TestFileChannelEncryption.class);
+  private static final String KEY_PROVIDER_NAME =  "myKeyProvider";
   private File keyStoreFile;
   private File keyStorePasswordFile;
   private Map<String, File> keyAliasPassword;
@@ -70,10 +72,8 @@ public class TestFileChannelEncryption extends TestFileChannelBase {
   private Map<String, String> getOverridesForEncryption() throws Exception {
     Map<String, String> overrides = getOverrides();
     Map<String, String> encryptionProps = EncryptionTestUtils.
-        configureForKeyStore(keyStoreFile, keyStorePasswordFile,
-            keyAliasPassword);
-    encryptionProps.put(EncryptionConfiguration.KEY_PROVIDER,
-        KeyProviderType.JCEKSFILE.name());
+        configureForKeyStore(KEY_PROVIDER_NAME, keyStoreFile,
+            keyStorePasswordFile, keyAliasPassword);
     encryptionProps.put(EncryptionConfiguration.CIPHER_PROVIDER,
         CipherProviderType.AESCTRNOPADDING.name());
     encryptionProps.put(EncryptionConfiguration.KEY_ALIAS, "key-1");
@@ -84,6 +84,32 @@ public class TestFileChannelEncryption extends TestFileChannelBase {
     return overrides;
   }
   @Test
+  public void testConfiguration() throws Exception {
+    Map<String, String> overrides = Maps.newHashMap();
+    overrides.put("encryption.keyAlias", "key-1");
+    overrides.put("encryption.cipherProvider", "AESCTRNOPADDING");
+    overrides.put("encryption.keyProvider", "myKeyProvider");
+    overrides.put("encryption.keyProvider.myKeyProvider.type", "JCEKSFILE");
+    overrides.put("encryption.keyProvider.myKeyProvider.keyStoreFile",
+        keyStoreFile.getAbsolutePath());
+    overrides.put("encryption.keyProvider.myKeyProvider.keyStorePasswordFile",
+        keyStorePasswordFile.getAbsolutePath());
+    overrides.put("encryption.keyProvider.myKeyProvider.keys", "key-0 key-1");
+    overrides.put("encryption.keyProvider.myKeyProvider.keys.key-0.passwordFile",
+        keyAliasPassword.get("key-0").getAbsolutePath());
+    channel = createFileChannel(overrides);
+    channel.start();
+    Assert.assertTrue(channel.isOpen());
+    Set<String> in = fillChannel(channel, "restart");
+    channel.stop();
+    channel = TestUtils.createFileChannel(checkpointDir.getAbsolutePath(),
+        dataDir, overrides);
+    channel.start();
+    Assert.assertTrue(channel.isOpen());
+    Set<String> out =  consumeChannel(channel);
+    compareInputAndOut(in, out);
+  }
+  @Test
   public void testBasicEncyrptionDecryption() throws Exception {
     Map<String, String> overrides = getOverridesForEncryption();
     channel = createFileChannel(overrides);
@@ -143,8 +169,9 @@ public class TestFileChannelEncryption extends TestFileChannelBase {
   @Test
   public void testBadKeyProviderInvalidValue() throws Exception {
     Map<String, String> overrides = getOverridesForEncryption();
-    overrides.put(EncryptionConfiguration.ENCRYPTION_PREFIX + "." +
-        EncryptionConfiguration.KEY_PROVIDER, "invalid");
+    overrides.put(Joiner.on(".").join(EncryptionConfiguration.ENCRYPTION_PREFIX,
+        EncryptionConfiguration.KEY_PROVIDER, KEY_PROVIDER_NAME,
+        EncryptionConfiguration.KEY_PROVIDER_TYPE), "invalid");
     try {
       channel = createFileChannel(overrides);
       Assert.fail();
@@ -156,8 +183,9 @@ public class TestFileChannelEncryption extends TestFileChannelBase {
   @Test
   public void testBadKeyProviderInvalidClass() throws Exception {
     Map<String, String> overrides = getOverridesForEncryption();
-    overrides.put(EncryptionConfiguration.ENCRYPTION_PREFIX + "." +
-        EncryptionConfiguration.KEY_PROVIDER, String.class.getName());
+    overrides.put(Joiner.on(".").join(EncryptionConfiguration.ENCRYPTION_PREFIX,
+        EncryptionConfiguration.KEY_PROVIDER, KEY_PROVIDER_NAME,
+        EncryptionConfiguration.KEY_PROVIDER_TYPE), String.class.getName());
     try {
       channel = createFileChannel(overrides);
       Assert.fail();
@@ -169,8 +197,8 @@ public class TestFileChannelEncryption extends TestFileChannelBase {
   @Test
   public void testBadCipherProviderInvalidValue() throws Exception {
     Map<String, String> overrides = getOverridesForEncryption();
-    overrides.put(EncryptionConfiguration.ENCRYPTION_PREFIX + "." +
-        EncryptionConfiguration.CIPHER_PROVIDER, "invalid");
+    overrides.put(Joiner.on(".").join(EncryptionConfiguration.ENCRYPTION_PREFIX,
+        EncryptionConfiguration.CIPHER_PROVIDER), "invalid");
     channel = createFileChannel(overrides);
     channel.start();
     Assert.assertFalse(channel.isOpen());
@@ -178,8 +206,8 @@ public class TestFileChannelEncryption extends TestFileChannelBase {
   @Test
   public void testBadCipherProviderInvalidClass() throws Exception {
     Map<String, String> overrides = getOverridesForEncryption();
-    overrides.put(EncryptionConfiguration.ENCRYPTION_PREFIX + "." +
-        EncryptionConfiguration.CIPHER_PROVIDER, String.class.getName());
+    overrides.put(Joiner.on(".").join(EncryptionConfiguration.ENCRYPTION_PREFIX,
+        EncryptionConfiguration.CIPHER_PROVIDER), String.class.getName());
     channel = createFileChannel(overrides);
     channel.start();
     Assert.assertFalse(channel.isOpen());
@@ -187,8 +215,10 @@ public class TestFileChannelEncryption extends TestFileChannelBase {
   @Test
   public void testMissingKeyStoreFile() throws Exception {
     Map<String, String> overrides = getOverridesForEncryption();
-    overrides.put(EncryptionConfiguration.ENCRYPTION_PREFIX + "." +
-        EncryptionConfiguration.JCE_FILE_KEY_STORE_FILE, "/path/does/not/exist");
+    overrides.put(Joiner.on(".").join(EncryptionConfiguration.ENCRYPTION_PREFIX,
+        EncryptionConfiguration.KEY_PROVIDER, KEY_PROVIDER_NAME,
+        EncryptionConfiguration.JCE_FILE_KEY_STORE_FILE),
+        "/path/does/not/exist");
     try {
       channel = createFileChannel(overrides);
       Assert.fail();
@@ -200,9 +230,10 @@ public class TestFileChannelEncryption extends TestFileChannelBase {
   @Test
   public void testMissingKeyStorePasswordFile() throws Exception {
     Map<String, String> overrides = getOverridesForEncryption();
-    overrides.put(EncryptionConfiguration.ENCRYPTION_PREFIX + "." +
-        EncryptionConfiguration.JCE_FILE_KEY_STORE_PASSWORD_FILE,
-          "/path/does/not/exist");
+    overrides.put(Joiner.on(".").join(EncryptionConfiguration.ENCRYPTION_PREFIX,
+        EncryptionConfiguration.KEY_PROVIDER, KEY_PROVIDER_NAME,
+        EncryptionConfiguration.JCE_FILE_KEY_STORE_PASSWORD_FILE),
+        "/path/does/not/exist");
     try {
       channel = createFileChannel(overrides);
       Assert.fail();

http://git-wip-us.apache.org/repos/asf/flume/blob/e6c64a8e/flume-ng-channels/flume-file-channel/src/test/java/org/apache/flume/channel/file/encryption/TestJCEFileKeyProvider.java
----------------------------------------------------------------------
diff --git a/flume-ng-channels/flume-file-channel/src/test/java/org/apache/flume/channel/file/encryption/TestJCEFileKeyProvider.java
b/flume-ng-channels/flume-file-channel/src/test/java/org/apache/flume/channel/file/encryption/TestJCEFileKeyProvider.java
index 519952e..14afaeb 100644
--- a/flume-ng-channels/flume-file-channel/src/test/java/org/apache/flume/channel/file/encryption/TestJCEFileKeyProvider.java
+++ b/flume-ng-channels/flume-file-channel/src/test/java/org/apache/flume/channel/file/encryption/TestJCEFileKeyProvider.java
@@ -32,10 +32,12 @@ import org.junit.Before;
 import org.junit.Test;
 
 import com.google.common.base.Charsets;
+import com.google.common.base.Joiner;
 import com.google.common.collect.Maps;
 import com.google.common.io.Files;
 
 public class TestJCEFileKeyProvider {
+  private static final String KEY_PROVIDER_NAME =  "myKeyProvider";
   private CipherProvider.Encryptor encryptor;
   private CipherProvider.Decryptor decryptor;
   private File baseDir;
@@ -70,10 +72,13 @@ public class TestJCEFileKeyProvider {
     EncryptionTestUtils.createKeyStore(keyStoreFile, keyStorePasswordFile,
         keyAliasPassword);
     Context context = new Context(EncryptionTestUtils.
-        configureForKeyStore(keyStoreFile, keyStorePasswordFile,
-            keyAliasPassword));
+        configureForKeyStore(KEY_PROVIDER_NAME, keyStoreFile,
+            keyStorePasswordFile, keyAliasPassword));
+    Context keyProviderContext = new Context(
+        context.getSubProperties(Joiner.on(".").join(
+            EncryptionConfiguration.KEY_PROVIDER, KEY_PROVIDER_NAME, "")));
     KeyProvider keyProvider = KeyProviderFactory.
-        getInstance(KeyProviderType.JCEKSFILE.name(), context);
+        getInstance(keyProviderContext);
     testKeyProvider(keyProvider);
   }
   @Test
@@ -81,10 +86,13 @@ public class TestJCEFileKeyProvider {
     keyAliasPassword.putAll(EncryptionTestUtils.
         configureTestKeyStore(baseDir, keyStoreFile));
     Context context = new Context(EncryptionTestUtils.
-        configureForKeyStore(keyStoreFile, keyStorePasswordFile,
-            keyAliasPassword));
+        configureForKeyStore(KEY_PROVIDER_NAME, keyStoreFile,
+            keyStorePasswordFile, keyAliasPassword));
+    Context keyProviderContext = new Context(
+        context.getSubProperties(Joiner.on(".").join(
+            EncryptionConfiguration.KEY_PROVIDER, KEY_PROVIDER_NAME, "")));
     KeyProvider keyProvider = KeyProviderFactory.
-        getInstance(KeyProviderType.JCEKSFILE.name(), context);
+        getInstance(keyProviderContext);
     testKeyProvider(keyProvider);
   }
   private void createNewKeyStore() throws Exception {


Mime
View raw message