[jira] [Updated] (HDDS-2247) Delete FileEncryptionInfo from KeyInfo when a Key is deleted
[ https://issues.apache.org/jira/browse/HDDS-2247?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] ASF GitHub Bot updated HDDS-2247: - Labels: pull-request-available (was: ) > Delete FileEncryptionInfo from KeyInfo when a Key is deleted > > > Key: HDDS-2247 > URL: https://issues.apache.org/jira/browse/HDDS-2247 > Project: Hadoop Distributed Data Store > Issue Type: Sub-task >Reporter: Dinesh Chitlangia >Assignee: Dinesh Chitlangia >Priority: Major > Labels: pull-request-available > > As part of HDDS-2174 we are deleting GDPR Encryption Key on delete file > operation. > However, if KMS is enabled, we are skipping GDPR Encryption Key approach when > writing file in a GDPR enforced Bucket. > {code:java} > final FileEncryptionInfo feInfo = keyOutputStream.getFileEncryptionInfo(); > if (feInfo != null) { > KeyProvider.KeyVersion decrypted = getDEK(feInfo); > final CryptoOutputStream cryptoOut = > new CryptoOutputStream(keyOutputStream, > OzoneKMSUtil.getCryptoCodec(conf, feInfo), > decrypted.getMaterial(), feInfo.getIV()); > return new OzoneOutputStream(cryptoOut); > } else { > try{ > GDPRSymmetricKey gk; > Map openKeyMetadata = > openKey.getKeyInfo().getMetadata(); > if(Boolean.valueOf(openKeyMetadata.get(OzoneConsts.GDPR_FLAG))){ > gk = new GDPRSymmetricKey( > openKeyMetadata.get(OzoneConsts.GDPR_SECRET), > openKeyMetadata.get(OzoneConsts.GDPR_ALGORITHM) > ); > gk.getCipher().init(Cipher.ENCRYPT_MODE, gk.getSecretKey()); > return new OzoneOutputStream( > new CipherOutputStream(keyOutputStream, gk.getCipher())); > } > }catch (Exception ex){ > throw new IOException(ex); > } > {code} > In such scenario, when KMS is enabled & GDPR enforced on a bucket, if user > deletes a file, we should delete the {{FileEncryptionInfo}} from KeyInfo, > before moving it to deletedTable, else we cannot guarantee Right to Erasure. -- This message was sent by Atlassian Jira (v8.3.4#803005) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Updated] (HDDS-2247) Delete FileEncryptionInfo from KeyInfo when a Key is deleted
[ https://issues.apache.org/jira/browse/HDDS-2247?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dinesh Chitlangia updated HDDS-2247: Description: As part of HDDS-2174 we are deleting GDPR Encryption Key on delete file operation. However, if KMS is enabled, we are skipping GDPR Encryption Key approach when writing file in a GDPR enforced Bucket. {code:java} final FileEncryptionInfo feInfo = keyOutputStream.getFileEncryptionInfo(); if (feInfo != null) { KeyProvider.KeyVersion decrypted = getDEK(feInfo); final CryptoOutputStream cryptoOut = new CryptoOutputStream(keyOutputStream, OzoneKMSUtil.getCryptoCodec(conf, feInfo), decrypted.getMaterial(), feInfo.getIV()); return new OzoneOutputStream(cryptoOut); } else { try{ GDPRSymmetricKey gk; Map openKeyMetadata = openKey.getKeyInfo().getMetadata(); if(Boolean.valueOf(openKeyMetadata.get(OzoneConsts.GDPR_FLAG))){ gk = new GDPRSymmetricKey( openKeyMetadata.get(OzoneConsts.GDPR_SECRET), openKeyMetadata.get(OzoneConsts.GDPR_ALGORITHM) ); gk.getCipher().init(Cipher.ENCRYPT_MODE, gk.getSecretKey()); return new OzoneOutputStream( new CipherOutputStream(keyOutputStream, gk.getCipher())); } }catch (Exception ex){ throw new IOException(ex); } {code} In such scenario, when KMS is enabled & GDPR enforced on a bucket, if user deletes a file, we should delete the {{FileEncryptionInfo}} from KeyInfo, before moving it to deletedTable, else we cannot guarantee Right to Erasure. was: As part of HDDS-2174 we are deleting GDPR Encryption Key on delete file operation. However, if KMS is enabled, we are skipping GDPR Encryption Key approach when writing file in a GDPR enforced Bucket. {code:java} final FileEncryptionInfo feInfo = keyOutputStream.getFileEncryptionInfo(); if (feInfo != null) { KeyProvider.KeyVersion decrypted = getDEK(feInfo); final CryptoOutputStream cryptoOut = new CryptoOutputStream(keyOutputStream, OzoneKMSUtil.getCryptoCodec(conf, feInfo), decrypted.getMaterial(), feInfo.getIV()); return new OzoneOutputStream(cryptoOut); } else { try{ GDPRSymmetricKey gk; Map openKeyMetadata = openKey.getKeyInfo().getMetadata(); if(Boolean.valueOf(openKeyMetadata.get(OzoneConsts.GDPR_FLAG))){ gk = new GDPRSymmetricKey( openKeyMetadata.get(OzoneConsts.GDPR_SECRET), openKeyMetadata.get(OzoneConsts.GDPR_ALGORITHM) ); gk.getCipher().init(Cipher.ENCRYPT_MODE, gk.getSecretKey()); return new OzoneOutputStream( new CipherOutputStream(keyOutputStream, gk.getCipher())); } }catch (Exception ex){ throw new IOException(ex); } {code} In such scenario, when KMS is enabled & GDPR enforced on a bucket, if we user deletes a file, we should delete the {{FileEncryptionInfo}} from KeyInfo, before moving it to deletedTable, else we cannot guarantee Right to Erasure. > Delete FileEncryptionInfo from KeyInfo when a Key is deleted > > > Key: HDDS-2247 > URL: https://issues.apache.org/jira/browse/HDDS-2247 > Project: Hadoop Distributed Data Store > Issue Type: Sub-task >Reporter: Dinesh Chitlangia >Assignee: Dinesh Chitlangia >Priority: Major > > As part of HDDS-2174 we are deleting GDPR Encryption Key on delete file > operation. > However, if KMS is enabled, we are skipping GDPR Encryption Key approach when > writing file in a GDPR enforced Bucket. > {code:java} > final FileEncryptionInfo feInfo = keyOutputStream.getFileEncryptionInfo(); > if (feInfo != null) { > KeyProvider.KeyVersion decrypted = getDEK(feInfo); > final CryptoOutputStream cryptoOut = > new CryptoOutputStream(keyOutputStream, > OzoneKMSUtil.getCryptoCodec(conf, feInfo), > decrypted.getMaterial(), feInfo.getIV()); > return new OzoneOutputStream(cryptoOut); > } else { > try{ > GDPRSymmetricKey gk; > Map openKeyMetadata = > openKey.getKeyInfo().getMetadata(); > if(Boolean.valueOf(openKeyMetadata.get(OzoneConsts.GDPR_FLAG))){ > gk = new GDPRSymmetricKey( > openKeyMetadata.get(OzoneConsts.GDPR_SECRET), > openKeyMetadata.get(OzoneConsts.GDPR_ALGORITHM) > ); > gk.getCipher().init(Cipher.ENCRYPT_MODE, gk.getSecretKey()); > return new OzoneOutputStream( > new CipherOutputStream(keyOutputStream, gk.getCipher())); > } > }catch (Exception ex){ > throw new IOException(ex); > }
[jira] [Updated] (HDDS-2247) Delete FileEncryptionInfo from KeyInfo when a Key is deleted
[ https://issues.apache.org/jira/browse/HDDS-2247?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dinesh Chitlangia updated HDDS-2247: Description: As part of HDDS-2174 we are deleting GDPR Encryption Key on delete file operation. However, if KMS is enabled, we are skipping GDPR Encryption Key approach when writing file in a GDPR enforced Bucket. {code:java} final FileEncryptionInfo feInfo = keyOutputStream.getFileEncryptionInfo(); if (feInfo != null) { KeyProvider.KeyVersion decrypted = getDEK(feInfo); final CryptoOutputStream cryptoOut = new CryptoOutputStream(keyOutputStream, OzoneKMSUtil.getCryptoCodec(conf, feInfo), decrypted.getMaterial(), feInfo.getIV()); return new OzoneOutputStream(cryptoOut); } else { try{ GDPRSymmetricKey gk; Map openKeyMetadata = openKey.getKeyInfo().getMetadata(); if(Boolean.valueOf(openKeyMetadata.get(OzoneConsts.GDPR_FLAG))){ gk = new GDPRSymmetricKey( openKeyMetadata.get(OzoneConsts.GDPR_SECRET), openKeyMetadata.get(OzoneConsts.GDPR_ALGORITHM) ); gk.getCipher().init(Cipher.ENCRYPT_MODE, gk.getSecretKey()); return new OzoneOutputStream( new CipherOutputStream(keyOutputStream, gk.getCipher())); } }catch (Exception ex){ throw new IOException(ex); } {code} In such scenario, when KMS is enabled & GDPR enforced on a bucket, if we user deletes a file, we should delete the {{FileEncryptionInfo}} from KeyInfo, before moving it to deletedTable, else we cannot guarantee Right to Erasure. was: As part of HDDS-2174 we are deleting Encryption Key on delete file operation. However, if KMS is enabled, we are skipping GDPR Encryption Key approach when writing file in a GDPR enforced Bucket. {code:java} final FileEncryptionInfo feInfo = keyOutputStream.getFileEncryptionInfo(); if (feInfo != null) { KeyProvider.KeyVersion decrypted = getDEK(feInfo); final CryptoOutputStream cryptoOut = new CryptoOutputStream(keyOutputStream, OzoneKMSUtil.getCryptoCodec(conf, feInfo), decrypted.getMaterial(), feInfo.getIV()); return new OzoneOutputStream(cryptoOut); } else { try{ GDPRSymmetricKey gk; Map openKeyMetadata = openKey.getKeyInfo().getMetadata(); if(Boolean.valueOf(openKeyMetadata.get(OzoneConsts.GDPR_FLAG))){ gk = new GDPRSymmetricKey( openKeyMetadata.get(OzoneConsts.GDPR_SECRET), openKeyMetadata.get(OzoneConsts.GDPR_ALGORITHM) ); gk.getCipher().init(Cipher.ENCRYPT_MODE, gk.getSecretKey()); return new OzoneOutputStream( new CipherOutputStream(keyOutputStream, gk.getCipher())); } }catch (Exception ex){ throw new IOException(ex); } {code} In such scenario, when KMS is enabled & GDPR enforced on a bucket, if we user deletes a file, we should delete the {{FileEncryptionInfo}} from KeyInfo, before moving it to deletedTable, else we cannot guarantee Right to Erasure. > Delete FileEncryptionInfo from KeyInfo when a Key is deleted > > > Key: HDDS-2247 > URL: https://issues.apache.org/jira/browse/HDDS-2247 > Project: Hadoop Distributed Data Store > Issue Type: Sub-task >Reporter: Dinesh Chitlangia >Assignee: Dinesh Chitlangia >Priority: Major > > As part of HDDS-2174 we are deleting GDPR Encryption Key on delete file > operation. > However, if KMS is enabled, we are skipping GDPR Encryption Key approach when > writing file in a GDPR enforced Bucket. > {code:java} > final FileEncryptionInfo feInfo = keyOutputStream.getFileEncryptionInfo(); > if (feInfo != null) { > KeyProvider.KeyVersion decrypted = getDEK(feInfo); > final CryptoOutputStream cryptoOut = > new CryptoOutputStream(keyOutputStream, > OzoneKMSUtil.getCryptoCodec(conf, feInfo), > decrypted.getMaterial(), feInfo.getIV()); > return new OzoneOutputStream(cryptoOut); > } else { > try{ > GDPRSymmetricKey gk; > Map openKeyMetadata = > openKey.getKeyInfo().getMetadata(); > if(Boolean.valueOf(openKeyMetadata.get(OzoneConsts.GDPR_FLAG))){ > gk = new GDPRSymmetricKey( > openKeyMetadata.get(OzoneConsts.GDPR_SECRET), > openKeyMetadata.get(OzoneConsts.GDPR_ALGORITHM) > ); > gk.getCipher().init(Cipher.ENCRYPT_MODE, gk.getSecretKey()); > return new OzoneOutputStream( > new CipherOutputStream(keyOutputStream, gk.getCipher())); > } > }catch (Exception ex){ > throw new IOException(ex); > } >
[jira] [Updated] (HDDS-2247) Delete FileEncryptionInfo from KeyInfo when a Key is deleted
[ https://issues.apache.org/jira/browse/HDDS-2247?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dinesh Chitlangia updated HDDS-2247: Description: As part of HDDS-2174 we are deleting Encryption Key on delete file operation. However, if KMS is enabled, we are skipping GDPR Encryption Key approach when writing file in a GDPR enforced Bucket. {code:java} final FileEncryptionInfo feInfo = keyOutputStream.getFileEncryptionInfo(); if (feInfo != null) { KeyProvider.KeyVersion decrypted = getDEK(feInfo); final CryptoOutputStream cryptoOut = new CryptoOutputStream(keyOutputStream, OzoneKMSUtil.getCryptoCodec(conf, feInfo), decrypted.getMaterial(), feInfo.getIV()); return new OzoneOutputStream(cryptoOut); } else { try{ GDPRSymmetricKey gk; Map openKeyMetadata = openKey.getKeyInfo().getMetadata(); if(Boolean.valueOf(openKeyMetadata.get(OzoneConsts.GDPR_FLAG))){ gk = new GDPRSymmetricKey( openKeyMetadata.get(OzoneConsts.GDPR_SECRET), openKeyMetadata.get(OzoneConsts.GDPR_ALGORITHM) ); gk.getCipher().init(Cipher.ENCRYPT_MODE, gk.getSecretKey()); return new OzoneOutputStream( new CipherOutputStream(keyOutputStream, gk.getCipher())); } }catch (Exception ex){ throw new IOException(ex); } {code} In such scenario, when KMS is enabled & GDPR enforced on a bucket, if we user deletes a file, we should delete the {{FileEncryptionInfo}} from KeyInfo, before moving it to deletedTable, else we cannot guarantee Right to Erasure. was: [~aengineer] - As part of HDDS-2174 we are deleting Encryption Key on delete file operation. However, if KMS is enabled, we are skipping GDPR Encryption Key approach when writing file in a GDPR enforced Bucket. {code:java} final FileEncryptionInfo feInfo = keyOutputStream.getFileEncryptionInfo(); if (feInfo != null) { KeyProvider.KeyVersion decrypted = getDEK(feInfo); final CryptoOutputStream cryptoOut = new CryptoOutputStream(keyOutputStream, OzoneKMSUtil.getCryptoCodec(conf, feInfo), decrypted.getMaterial(), feInfo.getIV()); return new OzoneOutputStream(cryptoOut); } else { try{ GDPRSymmetricKey gk; Map openKeyMetadata = openKey.getKeyInfo().getMetadata(); if(Boolean.valueOf(openKeyMetadata.get(OzoneConsts.GDPR_FLAG))){ gk = new GDPRSymmetricKey( openKeyMetadata.get(OzoneConsts.GDPR_SECRET), openKeyMetadata.get(OzoneConsts.GDPR_ALGORITHM) ); gk.getCipher().init(Cipher.ENCRYPT_MODE, gk.getSecretKey()); return new OzoneOutputStream( new CipherOutputStream(keyOutputStream, gk.getCipher())); } }catch (Exception ex){ throw new IOException(ex); } {code} In such scenario, when KMS is enabled & GDPR enforced on a bucket, if we user deletes a file, we should delete the {{FileEncryptionInfo}} from KeyInfo, before moving it to deletedTable, else we cannot guarantee Right to Erasure. > Delete FileEncryptionInfo from KeyInfo when a Key is deleted > > > Key: HDDS-2247 > URL: https://issues.apache.org/jira/browse/HDDS-2247 > Project: Hadoop Distributed Data Store > Issue Type: Sub-task >Reporter: Dinesh Chitlangia >Assignee: Dinesh Chitlangia >Priority: Major > > As part of HDDS-2174 we are deleting Encryption Key on delete file operation. > However, if KMS is enabled, we are skipping GDPR Encryption Key approach when > writing file in a GDPR enforced Bucket. > {code:java} > final FileEncryptionInfo feInfo = keyOutputStream.getFileEncryptionInfo(); > if (feInfo != null) { > KeyProvider.KeyVersion decrypted = getDEK(feInfo); > final CryptoOutputStream cryptoOut = > new CryptoOutputStream(keyOutputStream, > OzoneKMSUtil.getCryptoCodec(conf, feInfo), > decrypted.getMaterial(), feInfo.getIV()); > return new OzoneOutputStream(cryptoOut); > } else { > try{ > GDPRSymmetricKey gk; > Map openKeyMetadata = > openKey.getKeyInfo().getMetadata(); > if(Boolean.valueOf(openKeyMetadata.get(OzoneConsts.GDPR_FLAG))){ > gk = new GDPRSymmetricKey( > openKeyMetadata.get(OzoneConsts.GDPR_SECRET), > openKeyMetadata.get(OzoneConsts.GDPR_ALGORITHM) > ); > gk.getCipher().init(Cipher.ENCRYPT_MODE, gk.getSecretKey()); > return new OzoneOutputStream( > new CipherOutputStream(keyOutputStream, gk.getCipher())); > } > }catch (Exception ex){ > throw new IOException(ex); > } >