[jira] [Commented] (HDDS-100) SCM CA: generate public/private key pair for SCM/OM/DNs

Thu, 31 May 2018 20:35:14 -0700 


    [ 
https://issues.apache.org/jira/browse/HDDS-100?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16497510#comment-16497510
 ] 

Xiaoyu Yao commented on HDDS-100:
---------------------------------

Thanks [~ajayydv] for the patch. It looks good to me overall. I just have a few 
minor comments:

 

Pom.xml

 

This brought in the bouncycastle which other sub-project poms exclude to avoid 
transitive dependency. (E.g., hadoop-auth and hadoop-common). Can you confirm 
if bcprov-jdk15on is a safe dependency to add here?

 

HddsConfigKeys.java

Line 28: typo: HDDFS_DEFAULT => HDDS_DEFAULT

Line 29/30: NIT: HDDS_KEY_ALGO=>HDDS_KEY_ALGORITHM

 

Line 38: should we name it consistent with Line 33/34 using a relative dir name?

Line 39-41: NIT: HDDS_PRI->HDDS_PRIVATE

 

HDDSKeyGenerator.java

package-info.java

Suggest put it under /hdds/*security*/x509/HDDSKeyGenerator.java, similar files 
should put under hdds/security package namespace as well.

 

HDDSKeyPEMWriter.java

Line 154: miss basePath javadoc

Line 173:  should we check permission and set only if it is different? Do we 
expect the caller to handle the permission change failures? Can we add a 
LOG.error here and throw more specific IOE like other places?

 

Line 204-207: do we support password protected PKCS#8 or other format?

Line 207/213: define const for "PRIVATE KEY" and "PUBLIC KEY"

 

SecurityConfig.java

Line 99: NIT: we can synchronize on SecurityConfig.class without the SYNC 
object.

 

 

*ozone-default.xml*

Line 1137/1145: please elaborate if this is for absolute path or relative path 
to the metadata root?

 

Line 1153: private key file

Line 1161: public key file

> SCM CA: generate public/private key pair for SCM/OM/DNs
> -------------------------------------------------------
>
>                 Key: HDDS-100
>                 URL: https://issues.apache.org/jira/browse/HDDS-100
>             Project: Hadoop Distributed Data Store
>          Issue Type: Sub-task
>            Reporter: Xiaoyu Yao
>            Assignee: Ajay Kumar
>            Priority: Major
>             Fix For: 0.3.0
>
>         Attachments: HDDS-100-HDDS-4.00.patch
>
>




--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to