ramkrishna.s.vasudevan commented on HBASE-16463:

I think this change looks harmless in terms of impl as it is implementing 
existing interfaces. No new protocol needed like the other JIRA where we deal 
with RPCClient and server.
Just wanted to know
This version is the updated stable release version available? 
Things to be confirmed is that,
What is the procedure if the cluster has to be upgraded from AES to the new 
commons cryto?  Major compaction should be run before using the new algo? 
 public static final String RNG_ALGORITHM_KEY = "hbase.crypto.algorithm.rng";
60        public static final String RNG_PROVIDER_KEY = 
these config keys can be moved to the Cipher abstract class if the existing AES 
cipher also uses the same key. Same with IV_LENGTH, BLOCK_SIZE etc.
[~apurtell], [~apurt...@yahoo.com], [~ghelmling]
Want to have a look at this patch?

> Improve transparent table/CF encryption with Commons Crypto
> -----------------------------------------------------------
>                 Key: HBASE-16463
>                 URL: https://issues.apache.org/jira/browse/HBASE-16463
>             Project: HBase
>          Issue Type: New Feature
>          Components: encryption
>    Affects Versions: 2.0.0
>            Reporter: Dapeng Sun
>         Attachments: HBASE-16463.001.patch, HBASE-16463.002.patch, 
> HBASE-16463.003.patch
> Apache Commons Crypto 
> (https://commons.apache.org/proper/commons-crypto/index.html) is a 
> cryptographic library optimized with AES-NI.
> HBASE-7544 introduces a framework for transparent encryption feature for 
> protecting HFile and WAL data at rest. Currently JCE cipher is used bu 
> default, the improvement will use Commons Crypto to accelerate the 
> transparent encryption of HBase. new crypto provider with Commons CRYPTO will 
> be provided for Transparent encryption.

This message was sent by Atlassian JIRA

Reply via email to