rdblue commented on a change in pull request #80: Introduce metadata for encrypting table data files URL: https://github.com/apache/incubator-iceberg/pull/80#discussion_r249968153
########## File path: api/src/main/java/com/netflix/iceberg/encryption/EncryptionKeyMetadata.java ########## @@ -0,0 +1,61 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package com.netflix.iceberg.encryption; + +import com.netflix.iceberg.Schema; +import com.netflix.iceberg.types.Types; + +import java.nio.ByteBuffer; + +/** + * Metadata stored in Iceberg that points to an encryption key in some key store implementation. + * <p> + * Note that under any circumstances, the encryption key used to decrypt the file itself + * should NEVER be stored in this blob. + */ +public interface EncryptionKeyMetadata { + + Schema SCHEMA = new Schema( + Types.NestedField.required(10000, "key_metadata", Types.BinaryType.get()), + Types.NestedField.required(10001, "cipher_algorithm", Types.StringType.get()), + Types.NestedField.required(10002, "key_algorithm", Types.StringType.get())); + + static Schema schema() { + return SCHEMA; + } + + /** + * Header description of the key. + */ + ByteBuffer keyMetadata(); + + /** + * Cipher algorithm used to decrypt the file with this file's encryption key. + */ + String cipherAlgorithm(); + + /** + * Algorithm to use when converting the key bytes into key material that can be used for + * creating cryptographic ciphers. + */ + String keyAlgorithm(); Review comment: I don't think it is. This assumes that those are going to be strings, but they could easily be 1-byte algorithms IDs known to the crypto provider. So trying to standardize on String can be wasteful. It would be easy to use a combination of ids and table properties to use a String, too. `encryption.key-algorithms.1=...` and `encryption.cipher-algorithms.1=...` allow storing strings, but using IDs. Any of these schemes is reasonable, so I'm reluctant to add per-file metadata. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
