[
https://issues.apache.org/jira/browse/HDFS-6391?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14039459#comment-14039459
]
Andrew Wang commented on HDFS-6391:
-----------------------------------
I'm starting on this JIRA, and was wondering about how we should handle
compatibility with regard to cipher types. I'm planning to add a
FileEncryptionInfo class, which will incorporate a key, iv, and CipherType
enum. Currently, our only CipherType is AES/CTR/NoPadding, but there were some
plans in the works to use other CipherTypes as well.
The question here relates to CryptoCodec. Right now, the factory is determined
based on the client's conf, but for reading an encrypted file, it should be
determined by the CipherType of the file. On the read-side, we also need to
pass the CipherType from the client to the NN so it's stored correctly.
[~hitliuyi], any thoughts on the best way of doing this? From my initial
investigation, it looks like the strings used by javax.crypto.Cipher are the
standard way of specifying a cipher type. If I provided a mapping from
CipherType -> javax.crypto.Cipher-style string, would that be sufficient?
I'm also wondering about how the client and server will agree on which cipher
to use. The NN needs to interpret the CipherType to know what KeyProvider
operations are required. I think it could go something like this on the
write-side:
* Client specifies the list of CipherTypes it supports
* NN filters the list by which it supports
* Client chooses a CipherType, or errors out saying "desired CipherType not
supported"
* Client specifies its chosen CipherType with future commands.
Read-side seems pretty trivial:
* Client opens a file
* NN returns the CipherType for the file
* Client either has support for it and reads it, or can't
Any thoughts here?
> Get the Key/IV from the NameNode for encrypted files in DFSClient
> -----------------------------------------------------------------
>
> Key: HDFS-6391
> URL: https://issues.apache.org/jira/browse/HDFS-6391
> Project: Hadoop HDFS
> Issue Type: Sub-task
> Components: namenode, security
> Reporter: Alejandro Abdelnur
> Assignee: Andrew Wang
> Attachments: HDFS-6391.1.patch
>
>
> When creating/opening and encrypted file, the DFSClient should get the
> encryption key material and the IV for the file in the create/open RPC call.
> HDFS admin users would never get key material/IV on encrypted files
> create/open.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
