shameersss1 commented on code in PR #6884:
URL: https://github.com/apache/hadoop/pull/6884#discussion_r1675610735
##########
hadoop-tools/hadoop-aws/src/test/java/org/apache/hadoop/fs/s3a/ITestS3AClientSideEncryption.java:
##########
@@ -266,6 +288,100 @@ public void testEncryptionEnabledAndDisabledFS() throws
Exception {
}
}
+ /**
+ * Testing how file name with suffix ".instruction" is ignored when CSE is
enabled
+ * based on configurations.
+ * @throws IOException
+ */
+ @Test
+ public void testEncryptionWithInstructionFile() throws IOException {
+ maybeSkipTest();
+ S3AFileSystem cseDisabledFS = new S3AFileSystem();
+ Configuration cseDisabledConf = getConfiguration();
+ S3AFileSystem cseEnabledFS = getFileSystem();
+ Path unEncryptedFilePath = path(getMethodName());
+ Path unEncryptedFile = new Path(unEncryptedFilePath,
+ "file" + S3_ENCRYPTION_CSE_INSTRUCTION_FILE_SUFFIX);
+
+ // Initialize a CSE disabled FS.
+ removeBaseAndBucketOverrides(getTestBucketName(cseDisabledConf),
+ cseDisabledConf,
+ S3_ENCRYPTION_ALGORITHM,
+ S3_ENCRYPTION_KEY,
+ SERVER_SIDE_ENCRYPTION_ALGORITHM,
+ SERVER_SIDE_ENCRYPTION_KEY);
+ cseDisabledFS.initialize(getFileSystem().getUri(),
+ cseDisabledConf);
+
+ // Unencrypted data written to a path.
+ try (FSDataOutputStream out = cseDisabledFS.create(unEncryptedFile)) {
+ out.write(new byte[SMALL_FILE_SIZE]);
+ }
+
+ // list from cse disabled FS
+ assertEquals("number of files didn't match", 1,
+ cseDisabledFS.listStatus(unEncryptedFilePath).length);
+
+ // list from cse enabled fs with skipping of instruction file
+ cseEnabledFS.getConf().setBoolean(S3_ENCRYPTION_CSE_SKIP_INSTRUCTION_FILE,
true);
+ cseEnabledFS.initialize(getFileSystem().getUri(), cseEnabledFS.getConf());
+ assertEquals("number of files didn't match", 0,
+ cseEnabledFS.listStatus(unEncryptedFilePath).length);
+
+ // disable skipping cse instruction file.
+ cseEnabledFS.getConf().setBoolean(S3_ENCRYPTION_CSE_SKIP_INSTRUCTION_FILE,
false);
+ cseEnabledFS.initialize(getFileSystem().getUri(), cseEnabledFS.getConf());
+ assertEquals("number of files didn't match", 1,
+ cseEnabledFS.listStatus(unEncryptedFilePath).length);
+ }
+
+ /**
+ * Testing how unencrypted length is calculated/fetched under different
circumstances
+ * when CSE is enabled.
+ * @throws IOException
+ */
+ @Test
+ public void testEncryptionWithDifferentWaysForCalculatingUnencryptedLength()
throws IOException {
+ maybeSkipTest();
+ S3AFileSystem cseEnabledFS = getFileSystem();
+ Path filePath = path(getMethodName());
+ String key = cseEnabledFS.pathToKey(filePath);
+
+ // write object with unencrypted with random content length header
+ Map<String, String> metadata = new HashMap<>();
+ metadata.put(AWSHeaders.UNENCRYPTED_CONTENT_LENGTH, "10");
+ try (AuditSpan span = span()) {
+ PutObjectRequest request = PutObjectRequest.builder()
Review Comment:
ack
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
