[ https://issues.apache.org/jira/browse/HADOOP-10719?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14050904#comment-14050904 ]
Arun Suresh commented on HADOOP-10719: -------------------------------------- That would make things simple. Additionally, maybe we should make the constructors of {{KPExtensionA}} and {{KPExtensionB}} private and allow them to be created only via a factory.. this way, we can probably cache instances of it and control the actual number of instances. > Add generateEncryptedKey and decryptEncryptedKey methods to KeyProvider > ----------------------------------------------------------------------- > > Key: HADOOP-10719 > URL: https://issues.apache.org/jira/browse/HADOOP-10719 > Project: Hadoop Common > Issue Type: Improvement > Components: security > Affects Versions: 3.0.0 > Reporter: Alejandro Abdelnur > Assignee: Arun Suresh > Attachments: HADOOP-10719.1.patch, HADOOP-10719.2.patch, > HADOOP-10719.patch, HADOOP-10719.patch, HADOOP-10719.patch, > HADOOP-10719.patch, HADOOP-10719.patch > > > This is a follow up on > [HDFS-6134|https://issues.apache.org/jira/browse/HDFS-6134?focusedCommentId=14036044&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-14036044] > KeyProvider API should have 2 new methods: > * KeyVersion generateEncryptedKey(String keyVersionName, byte[] iv) > * KeyVersion decryptEncryptedKey(String keyVersionName, byte[] iv, KeyVersion > encryptedKey) > The implementation would do a known transformation on the IV (i.e.: xor with > 0xff the original IV). -- This message was sent by Atlassian JIRA (v6.2#6252)