hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Yi Liu (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HADOOP-10853) Refactor create instance of CryptoCodec and add CryptoCodecFactory
Date Fri, 18 Jul 2014 05:43:04 GMT

     [ https://issues.apache.org/jira/browse/HADOOP-10853?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Yi Liu updated HADOOP-10853:
----------------------------

    Attachment: HADOOP-10853.002.patch

Have some discussion with [~cmccabe] offline. We decide to change the design a bit, we will
configure codec classes for every cipher suite(algorithm/mode/padding), and don’t add {{CryptoCodecFactory}}.
The configuration properties are:
{code}
hadoop.security.crypto.cipher.suite
hadoop.security.crypto.codec.class.aes.ctr.nopadding
…
{code}

In this way, user can specify algorithm/mode/padding in config value {{hadoop.security.crypto.cipher.suite}}
for encryption/decryption. CryptoCodec#getInstance can also accept an algorithm/mode/padding
from application.

> Refactor create instance of CryptoCodec and add CryptoCodecFactory
> ------------------------------------------------------------------
>
>                 Key: HADOOP-10853
>                 URL: https://issues.apache.org/jira/browse/HADOOP-10853
>             Project: Hadoop Common
>          Issue Type: Sub-task
>          Components: security
>            Reporter: Yi Liu
>            Assignee: Yi Liu
>             Fix For: 3.0.0
>
>         Attachments: HADOOP-10853.001.patch, HADOOP-10853.002.patch
>
>
> We should be able to create instance of *CryptoCodec*:
> * via codec class name. (Applications may have config for different crypto codecs)
> * via algorithm/mode/padding. (For automatically decryption, we need to find correct
crypto codec and proper implementation)
> * a default crypto codec through specific config. 
> This JIRA is for
> * Create instance through cipher suite(algorithm/mode/padding)
> * Refactor create instance of {{CryptoCodec}} into {{CryptoCodecFactory}}
> We need to get all crypto codecs in system, this can be done via a Java ServiceLoader
+ hadoop.security.crypto.codecs config.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message