[GitHub] keith-turner commented on a change in pull request #499: Implement new Encryption interface

Thu, 24 May 2018 08:11:03 -0700 

keith-turner commented on a change in pull request #499: Implement new 
Encryption interface
URL: https://github.com/apache/accumulo/pull/499#discussion_r190613824
 
 

 ##########
 File path: 
core/src/main/java/org/apache/accumulo/core/file/rfile/bcfile/BCFile.java
 ##########
 @@ -403,20 +355,13 @@ public void close() throws IOException {
           long offsetIndexMeta = out.position();
           metaIndex.write(out);
 
-          if (cryptoParams.getCipherSuite() == null || 
cryptoParams.getCipherSuite()
-              .equals(Property.CRYPTO_CIPHER_SUITE.getDefaultValue())) {
-            out.writeLong(offsetIndexMeta);
-            API_VERSION_1.write(out);
-          } else {
-            long offsetCryptoParameters = out.position();
-            cryptoParams.write(out);
-
-            // Meta Index, crypto params offsets and the trailing section are 
written out directly.
-            out.writeLong(offsetIndexMeta);
-            out.writeLong(offsetCryptoParameters);
-            API_VERSION.write(out);
-          }
+          long offsetCryptoParameter = out.position();
+          String es = this.encryptionStrategy.getClass().getName();
+          out.writeUTF(es);
 
 Review comment:
   The use case of switching encryption strategies should be considered.  Files 
written with previously configured encryption strategies may need different 
properties to be decrypted.  One possible way to handle this is with a prefix 
per an encryption strategy and this prefix is persisted.  This would look 
something like the following.
   
   ```
   crypto.strategy.s201805.class=com.foo.Best
   crypto.strategy.s201805.props.mykey=XU24GNYXE74VSGJM
   table.file.crypto.strategy=s201805
   tserver.wal.crypto.strategy=s201805
   ```  
   In the above example when files are written, `s201805` would be persisted in 
the file and used for future decryption.  Using this scheme only  `s201805` 
need be written to the file, the class names does not as it comes from config 
associated with `s201805`.  This scheme also allows different tables to use 
different encryption.
   
   For the use case of switching to a new encryption strategy, the config would 
look like the following.
   
   ```
   crypto.strategy.s201805.class=com.foo.Best
   crypto.strategy.s201805.props.mykey=XU24GNYXE74VSGJM
   crypto.strategy.s201903.class=com.foo.Better
   crypto.strategy.s201903.props.thekey=56GU5ET6TQKZZCKP
   table.file.crypto.strategy=s201903
   tserver.wal.crypto.strategy=s201903
   ``` 
   
   The `s201805` props need to be kept around as long as there are files 
encrypted with that config.  New files that are written will persist `s201903` 
and use that config.
    

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


With regards,
Apache Git Services

Reply via email to