hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Uma Maheswara Rao G (JIRA)" <j...@apache.org>
Subject [jira] [Comment Edited] (HADOOP-10853) Refactor get instance of CryptoCodec and support create via algorithm/mode/padding.
Date Mon, 21 Jul 2014 18:08:40 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-10853?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14068937#comment-14068937
] 

Uma Maheswara Rao G edited comment on HADOOP-10853 at 7/21/14 6:08 PM:
-----------------------------------------------------------------------

I like the idea of suffixing the algorithm/mode/padding with codec classes config.
Also now we are dealing with multiple claases configured. So do we need to make this configuration
as HADOOP_SECURITY_CRYPTO_CODEC_CLASSES_KEY_PREFIX?
{code}
import static org.apache.hadoop.fs.CommonConfigurationKeysPublic.HADOOP_SECURITY_CRYPTO_CODEC_CLASS_PREFIX;
{code}

Here we just told about the current configuration with AES/CTR/NoPadding. But where do we
mention that user can change the suffix to required algorithm/mode/padding to which it supports?
{code}
 Comma-separated list of crypto codec implementations for AES/CTR/NoPadding. 
+    The first implementation will be used if avaiable, others are fallbacks.
{code}

also a typo above : avaiable --> available



was (Author: umamaheswararao):
I like the idea of suffixing the algorithm/mode/padding with codec classes config.
Also now we are dealing with multiple cleaases configured. So do we need to make this configuration
as HADOOP_SECURITY_CRYPTO_CODEC_CLASSES_KEY_PREFIX?
{code}
import static org.apache.hadoop.fs.CommonConfigurationKeysPublic.HADOOP_SECURITY_CRYPTO_CODEC_CLASS_PREFIX;
{code}

Here we just told about the current configuration with AES/CTR/NoPadding. But where do we
mention that user can change the suffix to required algorithm/mode/padding to which it supports?
{code}
 Comma-separated list of crypto codec implementations for AES/CTR/NoPadding. 
+    The first implementation will be used if avaiable, others are fallbacks.
{code}


> Refactor get instance of CryptoCodec and support create via algorithm/mode/padding.
> -----------------------------------------------------------------------------------
>
>                 Key: HADOOP-10853
>                 URL: https://issues.apache.org/jira/browse/HADOOP-10853
>             Project: Hadoop Common
>          Issue Type: Sub-task
>          Components: security
>            Reporter: Yi Liu
>            Assignee: Yi Liu
>             Fix For: 3.0.0
>
>         Attachments: HADOOP-10853.001.patch, HADOOP-10853.002.patch, HADOOP-10853.003.patch
>
>
> We should be able to create instance of *CryptoCodec*:
> * via codec class name. (Applications may have config for different crypto codecs)
> * via algorithm/mode/padding. (For automatically decryption, we need to find correct
crypto codec and proper implementation)
> * a default crypto codec through specific config. 
> This JIRA is for
> * Create instance through cipher suite(algorithm/mode/padding)
> * Refactor create instance of {{CryptoCodec}} into {{CryptoCodecFactory}}
> We need to get all crypto codecs in system, this can be done via a Java ServiceLoader
+ hadoop.security.crypto.codecs config.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message