ctubbsii commented on a change in pull request #499: Implement new Encryption interface URL: https://github.com/apache/accumulo/pull/499#discussion_r190424371
########## File path: core/src/main/java/org/apache/accumulo/core/file/rfile/bcfile/BCFile.java ########## @@ -143,54 +148,14 @@ public WBlockState(Algorithm compressionAlgo, RateLimitedOutputStream fsOut, this.fsBufferedOutput = new SimpleBufferedOutputStream(this.fsOut, fsOutputBuffer.getBytes()); - - // *This* is very important. Without this, when the crypto stream is closed (in order to - // flush its last bytes), - // the underlying RFile stream will *also* be closed, and that's undesirable as the cipher - // stream is closed for - // every block written. - cryptoParams.setCloseUnderylingStreamAfterCryptoStreamClose(false); - - // *This* is also very important. We don't want the underlying stream messed with. - cryptoParams.setRecordParametersToStream(false); - - // Create a new IV for the block or update an existing one in the case of GCM - cryptoParams.updateInitializationVector(); - - // Initialize the cipher including generating a new IV - cryptoParams = cryptoModule.initializeCipher(cryptoParams); - - // Write the init vector in plain text, uncompressed, to the output stream. Due to the way - // the streams work out, there's no good way to write this - // compressed, but it's pretty small. - DataOutputStream tempDataOutputStream = new DataOutputStream(fsBufferedOutput); - - // Init vector might be null if the underlying cipher does not require one (NullCipher being - // a good example) - if (cryptoParams.getInitializationVector() != null) { - tempDataOutputStream.writeInt(cryptoParams.getInitializationVector().length); - tempDataOutputStream.write(cryptoParams.getInitializationVector()); - } else { - // Do nothing - } - - // Initialize the cipher stream and get the IV - cryptoParams.setPlaintextOutputStream(tempDataOutputStream); - cryptoParams = cryptoModule.getEncryptingOutputStream(cryptoParams); - - if (cryptoParams.getEncryptedOutputStream() == tempDataOutputStream) { - this.cipherOut = fsBufferedOutput; - } else { - this.cipherOut = cryptoParams.getEncryptedOutputStream(); - } - this.compressor = compressAlgo.getCompressor(); try { + this.cipherOut = encryptionStrategy.encryptStream(fsBufferedOutput); this.out = compressionAlgo.createCompressionStream(cipherOut, compressor, 0); - } catch (IOException e) { + } catch (Exception e) { Review comment: Is it possible to avoid overly broad catching of `Exception` here? ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services