hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "zZtai (Jira)" <j...@apache.org>
Subject [jira] [Updated] (HDFS-15098) Add SM4 encryption method for HDFS
Date Thu, 02 Jul 2020 01:43:00 GMT

     [ https://issues.apache.org/jira/browse/HDFS-15098?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

zZtai updated HDFS-15098:
-------------------------
    Attachment: HDFS-15098.008.patch
        Status: Patch Available  (was: Open)

> Add SM4 encryption method for HDFS
> ----------------------------------
>
>                 Key: HDFS-15098
>                 URL: https://issues.apache.org/jira/browse/HDFS-15098
>             Project: Hadoop HDFS
>          Issue Type: New Feature
>    Affects Versions: 3.4.0
>            Reporter: liusheng
>            Assignee: zZtai
>            Priority: Major
>              Labels: sm4
>         Attachments: HDFS-15098.001.patch, HDFS-15098.002.patch, HDFS-15098.003.patch,
HDFS-15098.004.patch, HDFS-15098.005.patch, HDFS-15098.006.patch, HDFS-15098.007.patch, HDFS-15098.008.patch
>
>
> SM4 (formerly SMS4)is a block cipher used in the Chinese National Standard for Wireless
LAN WAPI (Wired Authentication and Privacy Infrastructure).
>  SM4 was a cipher proposed to for the IEEE 802.11i standard, but has so far been rejected
by ISO. One of the reasons for the rejection has been opposition to the WAPI fast-track proposal
by the IEEE. please see:
> [https://en.wikipedia.org/wiki/SM4_(cipher)]
>  
> *Use sm4 on hdfs as follows:*
> 1.download Bouncy Castle Crypto APIs from bouncycastle.org
> [https://bouncycastle.org/download/bcprov-ext-jdk15on-165.jar]
> 2.Configure JDK
> Place bcprov-ext-jdk15on-165.jar in $JAVA_HOME/jre/lib/ext directory,
> add "security.provider.10=org.bouncycastle.jce.provider.BouncyCastleProvider" to $JAVA_HOME/jre/lib/security/java.security
file
> 3.Configure Hadoop KMS
> 4.test HDFS sm4
> hadoop key create key1 -cipher 'SM4/CTR/NoPadding'
> hdfs dfs -mkdir /benchmarks
> hdfs crypto -createZone -keyName key1 -path /benchmarks
> *requires:*
> 1.openssl version >=1.1.1
> 2.configure Bouncy Castle Crypto on JDK



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-help@hadoop.apache.org


Mime
View raw message