hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Xiao Chen (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-14779) Refactor decryptEncryptedKey in KeyProviderCryptoExtension
Date Wed, 16 Aug 2017 18:50:00 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-14779?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16129260#comment-16129260
] 

Xiao Chen commented on HADOOP-14779:
------------------------------------

bq. Your concern is when to close the CryptoCodec unless we have a close on DefaultCryptoExtension.
Precisely. And it also goes to the mess about if we create encryptor/decryptor in the constructor,
we'd also need to change the signature of {{createKeyProviderCryptoExtension}} to throw GeneralSecurityException.
I don't think this isn't doable, but a lot of places to change - assuming the {{@InterfaceAudience.Private}}
is correct.... We can discuss this on a new jira if you're interested.

Thanks for the prompt review!

> Refactor decryptEncryptedKey in KeyProviderCryptoExtension
> ----------------------------------------------------------
>
>                 Key: HADOOP-14779
>                 URL: https://issues.apache.org/jira/browse/HADOOP-14779
>             Project: Hadoop Common
>          Issue Type: Improvement
>          Components: kms
>    Affects Versions: 2.6.0
>            Reporter: Xiao Chen
>            Assignee: Xiao Chen
>            Priority: Minor
>         Attachments: HADOOP-14779.01.patch
>
>
> We could separate out the actual decrypt logic from the {{decryptEncryptedKey}}. This
enables reencrypt calls to possibly reuse the codec.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org


Mime
View raw message