hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alejandro Abdelnur (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-10720) KMS: Implement generateEncryptedKey and decryptEncryptedKey in the REST API
Date Thu, 10 Jul 2014 22:59:04 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-10720?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14058084#comment-14058084
] 

Alejandro Abdelnur commented on HADOOP-10720:
---------------------------------------------

*CommonConfigurationKeysPublic.java*:
* 80 char rule not being observed by the patch

*kms-acls.xml*: 
* it has 2 </configuration> elements at the end, should be one.

*KMS.java*:
* unused import for {{ExecutionException}}
* white space changes
* 80 char rule not being observed by the patch
* {{generateEncryptedKeys()}}, assert for numKeys > 0
* we should have 2 new meters, one for generateEEK calls and other for decryptEEK calls instead
using the {{getKeyCallsMeter()}} meter for both.

*KMSClientProvider.java*:
* white space changes
* unused import for {{SyncGenerationPolicy}}

*TestKMS.java*:
* white space changes
* 80 char rule not being observed by the patch

*TetValueQueue.java*:
* missing license header

*ValueQueue*:
* Instead having a periodic check for below watermark, wouldn’t be more efficient to check
 if below the watermark after getting an EEK and if so schedule an async filling? we should
 just take care of not scheduling additional fillings while one is scheduled/in-progress.

*KeyProviderCryptoExtension.java*:
* it does not expose the method  {{warmupEncryptedKeys}} which it should be wired, in the
case of the KMS client, to {{ValueQueue}}

> KMS: Implement generateEncryptedKey and decryptEncryptedKey in the REST API
> ---------------------------------------------------------------------------
>
>                 Key: HADOOP-10720
>                 URL: https://issues.apache.org/jira/browse/HADOOP-10720
>             Project: Hadoop Common
>          Issue Type: Improvement
>          Components: security
>    Affects Versions: 3.0.0
>            Reporter: Alejandro Abdelnur
>            Assignee: Arun Suresh
>         Attachments: COMBO.patch, COMBO.patch, COMBO.patch, COMBO.patch, COMBO.patch,
HADOOP-10720.1.patch, HADOOP-10720.2.patch, HADOOP-10720.3.patch, HADOOP-10720.4.patch, HADOOP-10720.5.patch,
HADOOP-10720.6.patch, HADOOP-10720.patch, HADOOP-10720.patch, HADOOP-10720.patch, HADOOP-10720.patch,
HADOOP-10720.patch
>
>
> KMS client/server should implement support for generating encrypted keys and decrypting
them via the REST API being introduced by HADOOP-10719.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message