[
https://issues.apache.org/jira/browse/HADOOP-14779?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16129260#comment-16129260
]
Xiao Chen commented on HADOOP-14779:
------------------------------------
bq. Your concern is when to close the CryptoCodec unless we have a close on
DefaultCryptoExtension.
Precisely. And it also goes to the mess about if we create encryptor/decryptor
in the constructor, we'd also need to change the signature of
{{createKeyProviderCryptoExtension}} to throw GeneralSecurityException.
I don't think this isn't doable, but a lot of places to change - assuming the
{{@InterfaceAudience.Private}} is correct.... We can discuss this on a new jira
if you're interested.
Thanks for the prompt review!
> Refactor decryptEncryptedKey in KeyProviderCryptoExtension
> ----------------------------------------------------------
>
> Key: HADOOP-14779
> URL: https://issues.apache.org/jira/browse/HADOOP-14779
> Project: Hadoop Common
> Issue Type: Improvement
> Components: kms
> Affects Versions: 2.6.0
> Reporter: Xiao Chen
> Assignee: Xiao Chen
> Priority: Minor
> Attachments: HADOOP-14779.01.patch
>
>
> We could separate out the actual decrypt logic from the
> {{decryptEncryptedKey}}. This enables reencrypt calls to possibly reuse the
> codec.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
