[jira] [Commented] (HDFS-6391) Get the Key/IV from the NameNode for encrypted files in DFSClient

Thu, 26 Jun 2014 09:18:49 -0700 

    [ 
https://issues.apache.org/jira/browse/HDFS-6391?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14044813#comment-14044813
 ] 

Charles Lamb commented on HDFS-6391:
------------------------------------

[~andrew.wang]

Nice work. This is a relatively straightforward set of diffs and they LGTM. I 
have a handful of nits:

DFSClient.java:

rename cbos to cos in createWrappedOutputStream. Ditto cbis to cis in 
createWrappedInputStream.

DistributedFileSystem.java:

unrelated whitespace change in initialize.

PBHelper.java:

In convert(HdfsProtos.FileEncryptionInfoProto proto), I suppose it's not 
possible for there to be only a subset of {type,key,iv} being not present. Is a 
check of all three the way to go or should you just check one of them and leave 
the other 2 as Preconditions?

HdfsServerConstants:

There's an unrelated whitespace change.

FSDirectory.java:

Shouldn't both of the 'import static's for CRYPTO_XATTR_FILE constants be 
co-located in the code?

Unrelated whitespace change in getFileInfo().

createLocatedFileStatus, second decl of feInfo could benefit from a final.

setFileEncryptionInfo. proto, protoBytes, and xAttrs could benefit from finals 
like fileEncryptionAttr already has. ditto getFileEncryptionInfo

isUserVisible: unrelated whitespace change

FSNamesystem.java:

The import for CipherSuite should be moved up to just before the import for 
CryptoCodec. The import for FileEncryptionInfo should be moved to be between 
FileAlreadyExistsException and FileStatus.

I think there's an unrelated whitespace change in getBlockLocationsInt. Ditto 
getFileInfo.

createNewKey: it's unfortunate that there's the impedance mismatch between bits 
and bytes there. Such is life.


> Get the Key/IV from the NameNode for encrypted files in DFSClient
> -----------------------------------------------------------------
>
>                 Key: HDFS-6391
>                 URL: https://issues.apache.org/jira/browse/HDFS-6391
>             Project: Hadoop HDFS
>          Issue Type: Sub-task
>          Components: namenode, security
>            Reporter: Alejandro Abdelnur
>            Assignee: Andrew Wang
>         Attachments: HDFS-6391.1.patch, hdfs-6391.002.patch
>
>
> When creating/opening and encrypted file, the DFSClient should get the 
> encryption key material and the IV for the file in the create/open RPC call.
> HDFS admin users would never get key material/IV on encrypted files 
> create/open.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Reply via email to