[jira] [Updated] (HDDS-2247) Delete FileEncryptionInfo from KeyInfo when a Key is deleted

Fri, 15 Nov 2019 22:12:16 -0800 


     [ 
https://issues.apache.org/jira/browse/HDDS-2247?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

ASF GitHub Bot updated HDDS-2247:
---------------------------------
    Labels: pull-request-available  (was: )

> Delete FileEncryptionInfo from KeyInfo when a Key is deleted
> ------------------------------------------------------------
>
>                 Key: HDDS-2247
>                 URL: https://issues.apache.org/jira/browse/HDDS-2247
>             Project: Hadoop Distributed Data Store
>          Issue Type: Sub-task
>            Reporter: Dinesh Chitlangia
>            Assignee: Dinesh Chitlangia
>            Priority: Major
>              Labels: pull-request-available
>
> As part of HDDS-2174 we are deleting GDPR Encryption Key on delete file 
> operation.
> However, if KMS is enabled, we are skipping GDPR Encryption Key approach when 
> writing file in a GDPR enforced Bucket.
> {code:java}
> final FileEncryptionInfo feInfo = keyOutputStream.getFileEncryptionInfo();
>     if (feInfo != null) {
>       KeyProvider.KeyVersion decrypted = getDEK(feInfo);
>       final CryptoOutputStream cryptoOut =
>           new CryptoOutputStream(keyOutputStream,
>               OzoneKMSUtil.getCryptoCodec(conf, feInfo),
>               decrypted.getMaterial(), feInfo.getIV());
>       return new OzoneOutputStream(cryptoOut);
>     } else {
>       try{
>         GDPRSymmetricKey gk;
>         Map<String, String> openKeyMetadata =
>             openKey.getKeyInfo().getMetadata();
>         if(Boolean.valueOf(openKeyMetadata.get(OzoneConsts.GDPR_FLAG))){
>           gk = new GDPRSymmetricKey(
>               openKeyMetadata.get(OzoneConsts.GDPR_SECRET),
>               openKeyMetadata.get(OzoneConsts.GDPR_ALGORITHM)
>           );
>           gk.getCipher().init(Cipher.ENCRYPT_MODE, gk.getSecretKey());
>           return new OzoneOutputStream(
>               new CipherOutputStream(keyOutputStream, gk.getCipher()));
>         }
>       }catch (Exception ex){
>         throw new IOException(ex);
>       }
> {code}
> In such scenario, when KMS is enabled & GDPR enforced on a bucket, if user 
> deletes a file, we should delete the {{FileEncryptionInfo}} from KeyInfo, 
> before moving it to deletedTable, else we cannot guarantee Right to Erasure.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to