hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "huangyitian (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HDFS-8570) KMS restful API for Generating Encrypted Key with Current KeyVersion will roll keyversion
Date Thu, 11 Jun 2015 08:20:00 GMT

     [ https://issues.apache.org/jira/browse/HDFS-8570?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

huangyitian updated HDFS-8570:
------------------------------
    Summary: KMS restful API for Generating Encrypted Key with Current KeyVersion will roll
keyversion  (was: KMS restful API for Generating Encrypted Key with Current KeyVersion doesn't
work.)

> KMS restful API for Generating Encrypted Key with Current KeyVersion will roll keyversion
> -----------------------------------------------------------------------------------------
>
>                 Key: HDFS-8570
>                 URL: https://issues.apache.org/jira/browse/HDFS-8570
>             Project: Hadoop HDFS
>          Issue Type: Bug
>          Components: encryption
>    Affects Versions: 2.7.0
>            Reporter: huangyitian
>
> =======test step===========
> 1.create key and roll key
> 2.delete key
> 3.create the samename key 
> 4.then Generate Encrypted Key for Current KeyVersion with RESTFUL API,the keyversion
will be changed .normally it will not roll the keyversion
> =========create samename key==========
> curl -X POST -d '{"name":"key1"}' http://9.91.8.209:16000/kms/v1/keys?user.name=root
--header "Content-Type:application/json" -i
> -------------connect----OK-------------------
> HTTP/1.1 201 Created
> Server: Apache-Coyote/1.1
> Set-Cookie: hadoop.auth="u=root&p=root&t=simple-dt&e=1432264702658&s=54X6TTWiU5gjc3y7f0ZsH0uHpLo=";
Expires=Fri, 22-May-2015 03:18:22 GMT; HttpOnly
> Location: http://9.91.8.209:16000/kms/v1/keys/v1/key/key1
> Content-Type: application/json
> Content-Length: 90
> Date: Thu, 21 May 2015 17:18:22 GMT
> {
>   "name" : "key1",
>   "versionName" : "key1@0",
>   "material" : "3nw7ibS-wOHz0Ei3DYoMdg"
> }
> ExitCode:0
> ===========generate EK=========
> curl -X  GET "http://9.91.8.209:16000/kms/v1/key/key1/_eek?eek_op=generate&num_keys=1&user.name=root"
--header "Content-Type:application/json" -i
> -------------connect----OK-------------------
> HTTP/1.1 200 OK
> Server: Apache-Coyote/1.1
> Set-Cookie: hadoop.auth="u=root&p=root&t=simple-dt&e=1432264703060&s=q5KaeDdtswVBDqApLFGcYSsM4vQ=";
Expires=Fri, 22-May-2015 03:18:23 GMT; HttpOnly
> Content-Type: application/json
> Content-Length: 192
> Date: Thu, 21 May 2015 17:18:22 GMT
> [ {
>   "versionName" : "key1@1",
>   "iv" : "ZjSoqKO2-sTjGcV827JUxQ",
>   "encryptedKeyVersion" : {
>     "name" : "key1",
>     "versionName" : "EEK",
>     "material" : "8qwbP4XEyN0Khh5A8c_GQw"
>   }
> } ]
> ExitCode:0



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message