antogruz commented on code in PR #76:
URL: https://github.com/apache/solr-sandbox/pull/76#discussion_r1352419759
##########
encryption/src/main/java/org/apache/solr/encryption/EncryptionRequestHandler.java:
##########
@@ -267,7 +261,7 @@ private void setNewActiveKeyIdInCommit(String keyId,
removeActiveKeyRefFromCommit(commitCmd.commitData);
ensureNonEmptyCommitDataForEmptyCommit(commitCmd.commitData);
} else {
- KeySupplier keySupplier = ((EncryptionDirectoryFactory)
commitCmd.getReq().getCore().getDirectoryFactory()).getKeySupplier();
+ KeySupplier keySupplier =
EncryptionDirectoryFactory.getFactory(commitCmd.getReq().getCore(),
this).getKeySupplier();
Review Comment:
The extraction of EncryptionDirectoryFactory.getFactory makes the code
easier to read and ensures the check for Encryption configuration every time 👍
##########
encryption/src/main/java/org/apache/solr/encryption/EncryptionTransactionLog.java:
##########
@@ -0,0 +1,225 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.solr.encryption;
+
+import org.apache.solr.encryption.crypto.DecryptingChannelInputStream;
+import org.apache.solr.encryption.crypto.EncryptingOutputStream;
+import org.apache.solr.update.TransactionLog;
+
+import java.io.EOFException;
+import java.io.IOException;
+import java.io.OutputStream;
+import java.nio.ByteBuffer;
+import java.nio.channels.FileChannel;
+import java.nio.channels.ReadableByteChannel;
+import java.nio.file.Path;
+import java.util.Collection;
+
+import static org.apache.solr.encryption.EncryptionDirectory.ENCRYPTION_MAGIC;
+import static
org.apache.solr.encryption.EncryptionUtil.getActiveKeyRefFromCommit;
+import static org.apache.solr.encryption.crypto.AesCtrUtil.IV_LENGTH;
+
+/**
+ * {@link TransactionLog} that encrypts logs if the core index is marked for
encryption.
+ * <p>
+ * It decrypts old logs based on the key id stored in the header of each log
file. It
+ * encrypts new log files with the latest active key id defined in the core
index metadata.
+ * It appends to an existing log file using the same key id stored in the
header of the file.
+ * <p>
+ * If the core index is not marked for encryption, it writes new log files in
cleartext.
+ */
+public class EncryptionTransactionLog extends TransactionLog {
+
+ static final int ENCRYPTION_KEY_HEADER_LENGTH = 2 * Integer.BYTES;
+ private static final int ENCRYPTION_FULL_HEADER_LENGTH =
ENCRYPTION_KEY_HEADER_LENGTH + IV_LENGTH;
+
+ /** Creates an {@link EncryptionTransactionLog}. */
+ public EncryptionTransactionLog(Path tlogFile,
+ Collection<String> globalStrings,
+ boolean openExisting,
+ EncryptionDirectorySupplier
directorySupplier) {
+ this(tlogFile, globalStrings, openExisting, directorySupplier, new
IvHolder());
+ }
+
+ private EncryptionTransactionLog(Path tlogFile,
+ Collection<String> globalStrings,
+ boolean openExisting,
+ EncryptionDirectorySupplier
directorySupplier,
+ IvHolder ivHolder) {
+ super(tlogFile,
+ globalStrings,
+ openExisting,
+ new EncryptionOutputStreamOpener(directorySupplier, ivHolder),
+ new EncryptionChannelInputStreamOpener(directorySupplier, ivHolder));
+ }
+
+ @Override
+ protected void setWrittenCount(long fileStartOffset) throws IOException {
+ if (os instanceof EncryptingOutputStream) {
+ // Subtract the encryption header from the start offset.
+ fos.setWritten(fileStartOffset - ENCRYPTION_FULL_HEADER_LENGTH);
+ assert fos.size() == getLogFileSize();
+ } else {
+ super.setWrittenCount(fileStartOffset);
+ }
+ }
+
+ @Override
+ protected long getLogFileSize() throws IOException {
+ long channelSize = super.getLogFileSize();
+ if (os instanceof EncryptingOutputStream) {
Review Comment:
I’m wondering why we have to check `os instanceof EncryptingOutputStream`
since we are in a subclass that explicitly handles encryption
##########
encryption/src/main/java/org/apache/solr/encryption/EncryptionTransactionLog.java:
##########
@@ -0,0 +1,225 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.solr.encryption;
+
+import org.apache.solr.encryption.crypto.DecryptingChannelInputStream;
+import org.apache.solr.encryption.crypto.EncryptingOutputStream;
+import org.apache.solr.update.TransactionLog;
+
+import java.io.EOFException;
+import java.io.IOException;
+import java.io.OutputStream;
+import java.nio.ByteBuffer;
+import java.nio.channels.FileChannel;
+import java.nio.channels.ReadableByteChannel;
+import java.nio.file.Path;
+import java.util.Collection;
+
+import static org.apache.solr.encryption.EncryptionDirectory.ENCRYPTION_MAGIC;
+import static
org.apache.solr.encryption.EncryptionUtil.getActiveKeyRefFromCommit;
+import static org.apache.solr.encryption.crypto.AesCtrUtil.IV_LENGTH;
+
+/**
+ * {@link TransactionLog} that encrypts logs if the core index is marked for
encryption.
+ * <p>
+ * It decrypts old logs based on the key id stored in the header of each log
file. It
+ * encrypts new log files with the latest active key id defined in the core
index metadata.
+ * It appends to an existing log file using the same key id stored in the
header of the file.
+ * <p>
+ * If the core index is not marked for encryption, it writes new log files in
cleartext.
+ */
+public class EncryptionTransactionLog extends TransactionLog {
+
+ static final int ENCRYPTION_KEY_HEADER_LENGTH = 2 * Integer.BYTES;
+ private static final int ENCRYPTION_FULL_HEADER_LENGTH =
ENCRYPTION_KEY_HEADER_LENGTH + IV_LENGTH;
+
+ /** Creates an {@link EncryptionTransactionLog}. */
+ public EncryptionTransactionLog(Path tlogFile,
+ Collection<String> globalStrings,
+ boolean openExisting,
+ EncryptionDirectorySupplier
directorySupplier) {
+ this(tlogFile, globalStrings, openExisting, directorySupplier, new
IvHolder());
+ }
+
+ private EncryptionTransactionLog(Path tlogFile,
+ Collection<String> globalStrings,
+ boolean openExisting,
+ EncryptionDirectorySupplier
directorySupplier,
+ IvHolder ivHolder) {
+ super(tlogFile,
+ globalStrings,
+ openExisting,
+ new EncryptionOutputStreamOpener(directorySupplier, ivHolder),
+ new EncryptionChannelInputStreamOpener(directorySupplier, ivHolder));
+ }
+
+ @Override
+ protected void setWrittenCount(long fileStartOffset) throws IOException {
+ if (os instanceof EncryptingOutputStream) {
Review Comment:
I’m wondering why we have to check `os instanceof EncryptingOutputStream`
since we are in a subclass that explicitly handles encryption
##########
encryption/src/main/java/org/apache/solr/encryption/EncryptionRequestHandler.java:
##########
@@ -267,7 +261,7 @@ private void setNewActiveKeyIdInCommit(String keyId,
removeActiveKeyRefFromCommit(commitCmd.commitData);
ensureNonEmptyCommitDataForEmptyCommit(commitCmd.commitData);
} else {
- KeySupplier keySupplier = ((EncryptionDirectoryFactory)
commitCmd.getReq().getCore().getDirectoryFactory()).getKeySupplier();
+ KeySupplier keySupplier =
EncryptionDirectoryFactory.getFactory(commitCmd.getReq().getCore(),
this).getKeySupplier();
Review Comment:
The extraction of EncryptionDirectoryFactory.getFactory makes the code
easier to read and ensures the check for Encryption configuration every time 👍
##########
encryption/src/main/java/org/apache/solr/encryption/EncryptionTransactionLog.java:
##########
@@ -0,0 +1,225 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.solr.encryption;
+
+import org.apache.solr.encryption.crypto.DecryptingChannelInputStream;
+import org.apache.solr.encryption.crypto.EncryptingOutputStream;
+import org.apache.solr.update.TransactionLog;
+
+import java.io.EOFException;
+import java.io.IOException;
+import java.io.OutputStream;
+import java.nio.ByteBuffer;
+import java.nio.channels.FileChannel;
+import java.nio.channels.ReadableByteChannel;
+import java.nio.file.Path;
+import java.util.Collection;
+
+import static org.apache.solr.encryption.EncryptionDirectory.ENCRYPTION_MAGIC;
+import static
org.apache.solr.encryption.EncryptionUtil.getActiveKeyRefFromCommit;
+import static org.apache.solr.encryption.crypto.AesCtrUtil.IV_LENGTH;
+
+/**
+ * {@link TransactionLog} that encrypts logs if the core index is marked for
encryption.
+ * <p>
+ * It decrypts old logs based on the key id stored in the header of each log
file. It
+ * encrypts new log files with the latest active key id defined in the core
index metadata.
+ * It appends to an existing log file using the same key id stored in the
header of the file.
+ * <p>
+ * If the core index is not marked for encryption, it writes new log files in
cleartext.
+ */
+public class EncryptionTransactionLog extends TransactionLog {
+
+ static final int ENCRYPTION_KEY_HEADER_LENGTH = 2 * Integer.BYTES;
+ private static final int ENCRYPTION_FULL_HEADER_LENGTH =
ENCRYPTION_KEY_HEADER_LENGTH + IV_LENGTH;
+
+ /** Creates an {@link EncryptionTransactionLog}. */
+ public EncryptionTransactionLog(Path tlogFile,
+ Collection<String> globalStrings,
+ boolean openExisting,
+ EncryptionDirectorySupplier
directorySupplier) {
+ this(tlogFile, globalStrings, openExisting, directorySupplier, new
IvHolder());
+ }
+
+ private EncryptionTransactionLog(Path tlogFile,
+ Collection<String> globalStrings,
+ boolean openExisting,
+ EncryptionDirectorySupplier
directorySupplier,
+ IvHolder ivHolder) {
+ super(tlogFile,
+ globalStrings,
+ openExisting,
+ new EncryptionOutputStreamOpener(directorySupplier, ivHolder),
+ new EncryptionChannelInputStreamOpener(directorySupplier, ivHolder));
+ }
+
+ @Override
+ protected void setWrittenCount(long fileStartOffset) throws IOException {
+ if (os instanceof EncryptingOutputStream) {
Review Comment:
I’m wondering why we have to check `os instanceof EncryptingOutputStream`
since we are in a subclass that explicitly handles encryption
##########
encryption/src/main/java/org/apache/solr/encryption/EncryptionTransactionLog.java:
##########
@@ -0,0 +1,225 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.solr.encryption;
+
+import org.apache.solr.encryption.crypto.DecryptingChannelInputStream;
+import org.apache.solr.encryption.crypto.EncryptingOutputStream;
+import org.apache.solr.update.TransactionLog;
+
+import java.io.EOFException;
+import java.io.IOException;
+import java.io.OutputStream;
+import java.nio.ByteBuffer;
+import java.nio.channels.FileChannel;
+import java.nio.channels.ReadableByteChannel;
+import java.nio.file.Path;
+import java.util.Collection;
+
+import static org.apache.solr.encryption.EncryptionDirectory.ENCRYPTION_MAGIC;
+import static
org.apache.solr.encryption.EncryptionUtil.getActiveKeyRefFromCommit;
+import static org.apache.solr.encryption.crypto.AesCtrUtil.IV_LENGTH;
+
+/**
+ * {@link TransactionLog} that encrypts logs if the core index is marked for
encryption.
+ * <p>
+ * It decrypts old logs based on the key id stored in the header of each log
file. It
+ * encrypts new log files with the latest active key id defined in the core
index metadata.
+ * It appends to an existing log file using the same key id stored in the
header of the file.
+ * <p>
+ * If the core index is not marked for encryption, it writes new log files in
cleartext.
+ */
+public class EncryptionTransactionLog extends TransactionLog {
+
+ static final int ENCRYPTION_KEY_HEADER_LENGTH = 2 * Integer.BYTES;
+ private static final int ENCRYPTION_FULL_HEADER_LENGTH =
ENCRYPTION_KEY_HEADER_LENGTH + IV_LENGTH;
+
+ /** Creates an {@link EncryptionTransactionLog}. */
+ public EncryptionTransactionLog(Path tlogFile,
+ Collection<String> globalStrings,
+ boolean openExisting,
+ EncryptionDirectorySupplier
directorySupplier) {
+ this(tlogFile, globalStrings, openExisting, directorySupplier, new
IvHolder());
+ }
+
+ private EncryptionTransactionLog(Path tlogFile,
+ Collection<String> globalStrings,
+ boolean openExisting,
+ EncryptionDirectorySupplier
directorySupplier,
+ IvHolder ivHolder) {
+ super(tlogFile,
+ globalStrings,
+ openExisting,
+ new EncryptionOutputStreamOpener(directorySupplier, ivHolder),
+ new EncryptionChannelInputStreamOpener(directorySupplier, ivHolder));
+ }
+
+ @Override
+ protected void setWrittenCount(long fileStartOffset) throws IOException {
+ if (os instanceof EncryptingOutputStream) {
+ // Subtract the encryption header from the start offset.
+ fos.setWritten(fileStartOffset - ENCRYPTION_FULL_HEADER_LENGTH);
+ assert fos.size() == getLogFileSize();
+ } else {
+ super.setWrittenCount(fileStartOffset);
+ }
+ }
+
+ @Override
+ protected long getLogFileSize() throws IOException {
+ long channelSize = super.getLogFileSize();
+ if (os instanceof EncryptingOutputStream) {
Review Comment:
I’m wondering why we have to check `os instanceof EncryptingOutputStream`
since we are in a subclass that explicitly handles encryption
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
