Attila Bukor has uploaded this change for review. ( http://gerrit.cloudera.org:8080/19615
Change subject: KUDU-3448 Plumping for encrypting key material ...................................................................... KUDU-3448 Plumping for encrypting key material Key material for the internal PKI and token signing keys are stored in the syscatalog table in clear text, which is okay when volume-level encryption or Kudu's built-in data at rest encryption is used, but in some cases, this is either not used, or it's not enough (FISMA). To allow storing these key materials in encrypted form in the syscatalog table, this patch adds the necessary plumbing in Kudu's OpenSSL wrapper. It is now possible to pass a password callback function to the utility functions responsible for reading from and writing to OpenSSL BIO and strings. Change-Id: I24c5ac8ea0f9a4cab0f35ecccb1b7b00f3acefa8 --- M src/kudu/security/crypto.cc M src/kudu/security/crypto.h M src/kudu/util/openssl_util_bio.h 3 files changed, 75 insertions(+), 5 deletions(-) git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/15/19615/1 -- To view, visit http://gerrit.cloudera.org:8080/19615 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: newchange Gerrit-Change-Id: I24c5ac8ea0f9a4cab0f35ecccb1b7b00f3acefa8 Gerrit-Change-Number: 19615 Gerrit-PatchSet: 1 Gerrit-Owner: Attila Bukor <[email protected]>
