[
https://issues.apache.org/jira/browse/HDDS-580?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16659873#comment-16659873
]
Ajay Kumar commented on HDDS-580:
---------------------------------
[~xyao] thanks for review.
{quote}SecurityUtil.java
Line 68: when bootstrap SCM, should we special handling if there are key exist?
In the normal non-bootstrap case, it is fine to read keys if they exist. I
think we need to define what to expect wrt. bootstrap. If there are key exist,
I think we can throw exception for now and assume no existing key. We should
move existing key to another dir to support rotate key, which will be needed
later.{quote}
Good suggestion. Repurposed bootstrap method to create keypair only if it
doesn't exist. Added to more util functions to read and rotate keys.
{quote}SecurityConfig.java
Line 150: should we check and enforce component!=null to avoid key overwritten
and simplify the logic?{quote}
Added the check to SecurityConfig constructor.
{quote}Line 72/108/189/190/196/211: NIT: incorrect global replace from x509->x,
please check other places. Let's just skip the unnecessary variable name change
x509SignatureAlgo.{quote}
Done
{quote}StorageContainerManager.java
Line 152/210: keyPair should be assigned in the non-bootstrap case when
ozone_security is enabled. In other words, we should detect if scm security
boot-strap has not been done and return proper message.{quote}
Done
{quote}Line 493: we should init_security when --init scm when security is
invoked.{quote}
Added call to bootstrap security if security is enabled. Separate call to
INIT_SECURITY is still required in case security is enabled later.
{quote}Line 509: should we terminate after the init_security like init.{quote}
Not sure what we benefit we get with this terminate call but added this change
in latest patch. With terminate call we can't test this initialization so
removed corresponding test case in {{TestStorageContainerManager}}.
{quote}OMConfigKeys.java
Line 87: unnecessary change that will break the secure docker-compose. To be
consistent, let's just keep the .file for now in the key name.{quote}
Actually in ozone-default.xml and ozonesecure/docker-config it is
{{ozone.om.http.kerberos.keytab}}. Removing file resolves the bug, let me know
if you think this should be done in seperate jira.
{quote}HDDSKeyPEMWriter.java
Line 66: Filename should be HDDSKeyPEMHandler.java after changing the class
name.{quote}
Already done in last patch.
{quote}Line 89: let's remove the cstor without component so that each component
is guaranteed to have their separate key location.{quote}
Done
{quote}Line 309: suggest using DFSUtil.bytes2String for byte->String
conversion.{quote}
I think you meant DFSUtil.string2Byte. Using it throws InvalidKeyException
exception as encoding is different.
{quote}Line 320: we need to call KeyFactor.getInstance with "BC" as provider.
Otherwise, the default one from JDK will be used. (Similarly apply to
readPublicKeyFromFile){quote}
Doing so for readPublicKeyFromFile results in {{InvalidKeySpecException:
encoded key spec not recognized}}. Changed it for readPrivateKeyFromFile. (Test
case in {{TestHDDSKeyPEMHandler}} also uses same approach for public key.)
{quote}TestHDDSKeyPEMWriter.java
File needs to be renamed.{quote}
Handled in last patch.
{quote}TestHDDSKeyGenerator.java
Line 46: please use "test" as the component for test keys.
TestRootCertificate.java
Line 63: please use "test" as the component for test keys.{quote}
Done
> Bootstrap OM/SCM with private/public key pair
> ---------------------------------------------
>
> Key: HDDS-580
> URL: https://issues.apache.org/jira/browse/HDDS-580
> Project: Hadoop Distributed Data Store
> Issue Type: Sub-task
> Reporter: Xiaoyu Yao
> Assignee: Ajay Kumar
> Priority: Major
> Attachments: HDDS-4-HDDS-580.00.patch, HDDS-580-HDDS-4.00.patch,
> HDDS-580-HDDS-4.01.patch, HDDS-580-HDDS-4.02.patch, HDDS-580-HDDS-4.03.patch
>
>
> We will need to add API that leverage the key generator from HDDS-100 to
> generate public/private key pair for OM/SCM, this will be called by the
> scm/om admin cli with "-init" cmd.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
