[
https://issues.apache.org/jira/browse/HADOOP-13887?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15944913#comment-15944913
]
Igor Mazur commented on HADOOP-13887:
-------------------------------------
Documentation related:
1) You need to install "Java Cryptography Extension (JCE) Unlimited Strength
Jurisdiction Policy Files"
http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html
or
http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html
com.amazonaws.SdkClientException: Unable to build cipher: Illegal key size
Make sure you have the JCE unlimited strength policy files installed and
configured for your JVM
at
com.amazonaws.services.s3.internal.crypto.ContentCryptoScheme.createCipherLite(ContentCryptoScheme.java:194)
at
com.amazonaws.services.s3.internal.crypto.ContentCryptoMaterial.wrap(ContentCryptoMaterial.java:830)
at
com.amazonaws.services.s3.internal.crypto.S3CryptoModuleBase.buildContentCryptoMaterial(S3CryptoModuleBase.java:544)
at
com.amazonaws.services.s3.internal.crypto.S3CryptoModuleBase.newContentCryptoMaterial(S3CryptoModuleBase.java:490)
at
com.amazonaws.services.s3.internal.crypto.S3CryptoModuleBase.createContentCryptoMaterial(S3CryptoModuleBase.java:456)
at
com.amazonaws.services.s3.internal.crypto.S3CryptoModuleBase.putObjectUsingMetadata(S3CryptoModuleBase.java:165)
at
com.amazonaws.services.s3.internal.crypto.S3CryptoModuleBase.putObjectSecurely(S3CryptoModuleBase.java:161)
at
com.amazonaws.services.s3.internal.crypto.CryptoModuleDispatcher.putObjectSecurely(CryptoModuleDispatcher.java:109)
at
com.amazonaws.services.s3.AmazonS3EncryptionClient.putObject(AmazonS3EncryptionClient.java:566)
at
com.amazonaws.services.s3.transfer.internal.UploadCallable.uploadInOneChunk(UploadCallable.java:133)
at
com.amazonaws.services.s3.transfer.internal.UploadCallable.call(UploadCallable.java:125)
at
com.amazonaws.services.s3.transfer.internal.UploadMonitor.call(UploadMonitor.java:139)
at
com.amazonaws.services.s3.transfer.internal.UploadMonitor.call(UploadMonitor.java:47)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Caused by: java.security.InvalidKeyException: Illegal key size
at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1039)
at javax.crypto.Cipher.init(Cipher.java:1393)
at javax.crypto.Cipher.init(Cipher.java:1327)
at
com.amazonaws.services.s3.internal.crypto.ContentCryptoScheme.createCipherLite(ContentCryptoScheme.java:187)
at
com.amazonaws.services.s3.internal.crypto.ContentCryptoMaterial.wrap(ContentCryptoMaterial.java:830)
at
com.amazonaws.services.s3.internal.crypto.S3CryptoModuleBase.buildContentCryptoMaterial(S3CryptoModuleBase.java:544)
at
com.amazonaws.services.s3.internal.crypto.S3CryptoModuleBase.newContentCryptoMaterial(S3CryptoModuleBase.java:490)
at
com.amazonaws.services.s3.internal.crypto.S3CryptoModuleBase.createContentCryptoMaterial(S3CryptoModuleBase.java:456)
at
com.amazonaws.services.s3.internal.crypto.S3CryptoModuleBase.putObjectUsingMetadata(S3CryptoModuleBase.java:165)
at
com.amazonaws.services.s3.internal.crypto.S3CryptoModuleBase.putObjectSecurely(S3CryptoModuleBase.java:161)
at
com.amazonaws.services.s3.internal.crypto.CryptoModuleDispatcher.putObjectSecurely(CryptoModuleDispatcher.java:109)
at
com.amazonaws.services.s3.AmazonS3EncryptionClient.putObject(AmazonS3EncryptionClient.java:566)
at
com.amazonaws.services.s3.transfer.internal.UploadCallable.uploadInOneChunk(UploadCallable.java:133)
at
com.amazonaws.services.s3.transfer.internal.UploadCallable.call(UploadCallable.java:125)
at
com.amazonaws.services.s3.transfer.internal.UploadMonitor.call(UploadMonitor.java:139)
at
com.amazonaws.services.s3.transfer.internal.UploadMonitor.call(UploadMonitor.java:47)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
> Support for client-side encryption in S3A file system
> -----------------------------------------------------
>
> Key: HADOOP-13887
> URL: https://issues.apache.org/jira/browse/HADOOP-13887
> Project: Hadoop Common
> Issue Type: Sub-task
> Components: fs/s3
> Affects Versions: 2.8.0
> Reporter: Jeeyoung Kim
> Assignee: Igor Mazur
> Priority: Minor
> Attachments: HADOOP-13887-002.patch, HADOOP-13887-007.patch,
> HADOOP-13887-branch-2-003.patch, HADOOP-13897-branch-2-004.patch,
> HADOOP-13897-branch-2-005.patch, HADOOP-13897-branch-2-006.patch,
> HADOOP-13897-branch-2-008.patch, HADOOP-13897-branch-2-009.patch,
> HADOOP-13897-branch-2-010.patch, HADOOP-13897-branch-2-012.patch,
> HADOOP-13897-trunk-011.patch, HADOOP-14171-001.patch
>
>
> Expose the client-side encryption option documented in Amazon S3
> documentation -
> http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingClientSideEncryption.html
> Currently this is not exposed in Hadoop but it is exposed as an option in AWS
> Java SDK, which Hadoop currently includes. It should be trivial to propagate
> this as a parameter passed to the S3client used in S3AFileSystem.java
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
