[
https://issues.apache.org/jira/browse/FLUME-1424?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13445332#comment-13445332
]
Brock Noland commented on FLUME-1424:
-------------------------------------
FLUME-1487 (FileChannel format needs to be extensible) is progressing well.
I think mike's design makes sense, a few notes:
-We will have to call doFinal() on every event as we need the exact
byte offset of the start of the next event for retrievals.
-I also think we should use CTR instead of CBC as CBC requires the
decryption of previous blocks before decrypting the current block.
This will cause us problems as we pull the events out of the file in
somewhat of a random order and there is no guarantee we will have
previously decrypted the previous block. Because of a
(http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6634037) CTR
must use no padding.
-I see a few interfaces here, one to provide KeyStores, one to provide
Encryptor/Decryptor, and the Encryptor/Decryptors themselves.
The KeyStore interface is important because some users may not use a
file based key store but use a centralized key management
infrastructure.
I've made some progress on this so I'd like to take this over.
> File Channel should support encryption
> --------------------------------------
>
> Key: FLUME-1424
> URL: https://issues.apache.org/jira/browse/FLUME-1424
> Project: Flume
> Issue Type: Bug
> Reporter: Arvind Prabhakar
> Assignee: Arvind Prabhakar
>
> When persisting the data to disk, the File Channel should allow some form of
> encryption to ensure safety of data.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
