[jira] [Updated] (HDDS-2247) Delete FileEncryptionInfo from KeyInfo when a Key is deleted
[
https://issues.apache.org/jira/browse/HDDS-2247?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
ASF GitHub Bot updated HDDS-2247:
-
Labels: pull-request-available (was: )
> Delete FileEncryptionInfo from KeyInfo when a Key is deleted
>
>
> Key: HDDS-2247
> URL: https://issues.apache.org/jira/browse/HDDS-2247
> Project: Hadoop Distributed Data Store
> Issue Type: Sub-task
>Reporter: Dinesh Chitlangia
>Assignee: Dinesh Chitlangia
>Priority: Major
> Labels: pull-request-available
>
> As part of HDDS-2174 we are deleting GDPR Encryption Key on delete file
> operation.
> However, if KMS is enabled, we are skipping GDPR Encryption Key approach when
> writing file in a GDPR enforced Bucket.
> {code:java}
> final FileEncryptionInfo feInfo = keyOutputStream.getFileEncryptionInfo();
> if (feInfo != null) {
> KeyProvider.KeyVersion decrypted = getDEK(feInfo);
> final CryptoOutputStream cryptoOut =
> new CryptoOutputStream(keyOutputStream,
> OzoneKMSUtil.getCryptoCodec(conf, feInfo),
> decrypted.getMaterial(), feInfo.getIV());
> return new OzoneOutputStream(cryptoOut);
> } else {
> try{
> GDPRSymmetricKey gk;
> Map openKeyMetadata =
> openKey.getKeyInfo().getMetadata();
> if(Boolean.valueOf(openKeyMetadata.get(OzoneConsts.GDPR_FLAG))){
> gk = new GDPRSymmetricKey(
> openKeyMetadata.get(OzoneConsts.GDPR_SECRET),
> openKeyMetadata.get(OzoneConsts.GDPR_ALGORITHM)
> );
> gk.getCipher().init(Cipher.ENCRYPT_MODE, gk.getSecretKey());
> return new OzoneOutputStream(
> new CipherOutputStream(keyOutputStream, gk.getCipher()));
> }
> }catch (Exception ex){
> throw new IOException(ex);
> }
> {code}
> In such scenario, when KMS is enabled & GDPR enforced on a bucket, if user
> deletes a file, we should delete the {{FileEncryptionInfo}} from KeyInfo,
> before moving it to deletedTable, else we cannot guarantee Right to Erasure.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
-
To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Updated] (HDDS-2247) Delete FileEncryptionInfo from KeyInfo when a Key is deleted
[
https://issues.apache.org/jira/browse/HDDS-2247?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Dinesh Chitlangia updated HDDS-2247:
Description:
As part of HDDS-2174 we are deleting GDPR Encryption Key on delete file
operation.
However, if KMS is enabled, we are skipping GDPR Encryption Key approach when
writing file in a GDPR enforced Bucket.
{code:java}
final FileEncryptionInfo feInfo = keyOutputStream.getFileEncryptionInfo();
if (feInfo != null) {
KeyProvider.KeyVersion decrypted = getDEK(feInfo);
final CryptoOutputStream cryptoOut =
new CryptoOutputStream(keyOutputStream,
OzoneKMSUtil.getCryptoCodec(conf, feInfo),
decrypted.getMaterial(), feInfo.getIV());
return new OzoneOutputStream(cryptoOut);
} else {
try{
GDPRSymmetricKey gk;
Map openKeyMetadata =
openKey.getKeyInfo().getMetadata();
if(Boolean.valueOf(openKeyMetadata.get(OzoneConsts.GDPR_FLAG))){
gk = new GDPRSymmetricKey(
openKeyMetadata.get(OzoneConsts.GDPR_SECRET),
openKeyMetadata.get(OzoneConsts.GDPR_ALGORITHM)
);
gk.getCipher().init(Cipher.ENCRYPT_MODE, gk.getSecretKey());
return new OzoneOutputStream(
new CipherOutputStream(keyOutputStream, gk.getCipher()));
}
}catch (Exception ex){
throw new IOException(ex);
}
{code}
In such scenario, when KMS is enabled & GDPR enforced on a bucket, if user
deletes a file, we should delete the {{FileEncryptionInfo}} from KeyInfo,
before moving it to deletedTable, else we cannot guarantee Right to Erasure.
was:
As part of HDDS-2174 we are deleting GDPR Encryption Key on delete file
operation.
However, if KMS is enabled, we are skipping GDPR Encryption Key approach when
writing file in a GDPR enforced Bucket.
{code:java}
final FileEncryptionInfo feInfo = keyOutputStream.getFileEncryptionInfo();
if (feInfo != null) {
KeyProvider.KeyVersion decrypted = getDEK(feInfo);
final CryptoOutputStream cryptoOut =
new CryptoOutputStream(keyOutputStream,
OzoneKMSUtil.getCryptoCodec(conf, feInfo),
decrypted.getMaterial(), feInfo.getIV());
return new OzoneOutputStream(cryptoOut);
} else {
try{
GDPRSymmetricKey gk;
Map openKeyMetadata =
openKey.getKeyInfo().getMetadata();
if(Boolean.valueOf(openKeyMetadata.get(OzoneConsts.GDPR_FLAG))){
gk = new GDPRSymmetricKey(
openKeyMetadata.get(OzoneConsts.GDPR_SECRET),
openKeyMetadata.get(OzoneConsts.GDPR_ALGORITHM)
);
gk.getCipher().init(Cipher.ENCRYPT_MODE, gk.getSecretKey());
return new OzoneOutputStream(
new CipherOutputStream(keyOutputStream, gk.getCipher()));
}
}catch (Exception ex){
throw new IOException(ex);
}
{code}
In such scenario, when KMS is enabled & GDPR enforced on a bucket, if we user
deletes a file, we should delete the {{FileEncryptionInfo}} from KeyInfo,
before moving it to deletedTable, else we cannot guarantee Right to Erasure.
> Delete FileEncryptionInfo from KeyInfo when a Key is deleted
>
>
> Key: HDDS-2247
> URL: https://issues.apache.org/jira/browse/HDDS-2247
> Project: Hadoop Distributed Data Store
> Issue Type: Sub-task
>Reporter: Dinesh Chitlangia
>Assignee: Dinesh Chitlangia
>Priority: Major
>
> As part of HDDS-2174 we are deleting GDPR Encryption Key on delete file
> operation.
> However, if KMS is enabled, we are skipping GDPR Encryption Key approach when
> writing file in a GDPR enforced Bucket.
> {code:java}
> final FileEncryptionInfo feInfo = keyOutputStream.getFileEncryptionInfo();
> if (feInfo != null) {
> KeyProvider.KeyVersion decrypted = getDEK(feInfo);
> final CryptoOutputStream cryptoOut =
> new CryptoOutputStream(keyOutputStream,
> OzoneKMSUtil.getCryptoCodec(conf, feInfo),
> decrypted.getMaterial(), feInfo.getIV());
> return new OzoneOutputStream(cryptoOut);
> } else {
> try{
> GDPRSymmetricKey gk;
> Map openKeyMetadata =
> openKey.getKeyInfo().getMetadata();
> if(Boolean.valueOf(openKeyMetadata.get(OzoneConsts.GDPR_FLAG))){
> gk = new GDPRSymmetricKey(
> openKeyMetadata.get(OzoneConsts.GDPR_SECRET),
> openKeyMetadata.get(OzoneConsts.GDPR_ALGORITHM)
> );
> gk.getCipher().init(Cipher.ENCRYPT_MODE, gk.getSecretKey());
> return new OzoneOutputStream(
> new CipherOutputStream(keyOutputStream, gk.getCipher()));
> }
> }catch (Exception ex){
> throw new IOException(ex);
> }
[jira] [Updated] (HDDS-2247) Delete FileEncryptionInfo from KeyInfo when a Key is deleted
[
https://issues.apache.org/jira/browse/HDDS-2247?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Dinesh Chitlangia updated HDDS-2247:
Description:
As part of HDDS-2174 we are deleting GDPR Encryption Key on delete file
operation.
However, if KMS is enabled, we are skipping GDPR Encryption Key approach when
writing file in a GDPR enforced Bucket.
{code:java}
final FileEncryptionInfo feInfo = keyOutputStream.getFileEncryptionInfo();
if (feInfo != null) {
KeyProvider.KeyVersion decrypted = getDEK(feInfo);
final CryptoOutputStream cryptoOut =
new CryptoOutputStream(keyOutputStream,
OzoneKMSUtil.getCryptoCodec(conf, feInfo),
decrypted.getMaterial(), feInfo.getIV());
return new OzoneOutputStream(cryptoOut);
} else {
try{
GDPRSymmetricKey gk;
Map openKeyMetadata =
openKey.getKeyInfo().getMetadata();
if(Boolean.valueOf(openKeyMetadata.get(OzoneConsts.GDPR_FLAG))){
gk = new GDPRSymmetricKey(
openKeyMetadata.get(OzoneConsts.GDPR_SECRET),
openKeyMetadata.get(OzoneConsts.GDPR_ALGORITHM)
);
gk.getCipher().init(Cipher.ENCRYPT_MODE, gk.getSecretKey());
return new OzoneOutputStream(
new CipherOutputStream(keyOutputStream, gk.getCipher()));
}
}catch (Exception ex){
throw new IOException(ex);
}
{code}
In such scenario, when KMS is enabled & GDPR enforced on a bucket, if we user
deletes a file, we should delete the {{FileEncryptionInfo}} from KeyInfo,
before moving it to deletedTable, else we cannot guarantee Right to Erasure.
was:
As part of HDDS-2174 we are deleting Encryption Key on delete file operation.
However, if KMS is enabled, we are skipping GDPR Encryption Key approach when
writing file in a GDPR enforced Bucket.
{code:java}
final FileEncryptionInfo feInfo = keyOutputStream.getFileEncryptionInfo();
if (feInfo != null) {
KeyProvider.KeyVersion decrypted = getDEK(feInfo);
final CryptoOutputStream cryptoOut =
new CryptoOutputStream(keyOutputStream,
OzoneKMSUtil.getCryptoCodec(conf, feInfo),
decrypted.getMaterial(), feInfo.getIV());
return new OzoneOutputStream(cryptoOut);
} else {
try{
GDPRSymmetricKey gk;
Map openKeyMetadata =
openKey.getKeyInfo().getMetadata();
if(Boolean.valueOf(openKeyMetadata.get(OzoneConsts.GDPR_FLAG))){
gk = new GDPRSymmetricKey(
openKeyMetadata.get(OzoneConsts.GDPR_SECRET),
openKeyMetadata.get(OzoneConsts.GDPR_ALGORITHM)
);
gk.getCipher().init(Cipher.ENCRYPT_MODE, gk.getSecretKey());
return new OzoneOutputStream(
new CipherOutputStream(keyOutputStream, gk.getCipher()));
}
}catch (Exception ex){
throw new IOException(ex);
}
{code}
In such scenario, when KMS is enabled & GDPR enforced on a bucket, if we user
deletes a file, we should delete the {{FileEncryptionInfo}} from KeyInfo,
before moving it to deletedTable, else we cannot guarantee Right to Erasure.
> Delete FileEncryptionInfo from KeyInfo when a Key is deleted
>
>
> Key: HDDS-2247
> URL: https://issues.apache.org/jira/browse/HDDS-2247
> Project: Hadoop Distributed Data Store
> Issue Type: Sub-task
>Reporter: Dinesh Chitlangia
>Assignee: Dinesh Chitlangia
>Priority: Major
>
> As part of HDDS-2174 we are deleting GDPR Encryption Key on delete file
> operation.
> However, if KMS is enabled, we are skipping GDPR Encryption Key approach when
> writing file in a GDPR enforced Bucket.
> {code:java}
> final FileEncryptionInfo feInfo = keyOutputStream.getFileEncryptionInfo();
> if (feInfo != null) {
> KeyProvider.KeyVersion decrypted = getDEK(feInfo);
> final CryptoOutputStream cryptoOut =
> new CryptoOutputStream(keyOutputStream,
> OzoneKMSUtil.getCryptoCodec(conf, feInfo),
> decrypted.getMaterial(), feInfo.getIV());
> return new OzoneOutputStream(cryptoOut);
> } else {
> try{
> GDPRSymmetricKey gk;
> Map openKeyMetadata =
> openKey.getKeyInfo().getMetadata();
> if(Boolean.valueOf(openKeyMetadata.get(OzoneConsts.GDPR_FLAG))){
> gk = new GDPRSymmetricKey(
> openKeyMetadata.get(OzoneConsts.GDPR_SECRET),
> openKeyMetadata.get(OzoneConsts.GDPR_ALGORITHM)
> );
> gk.getCipher().init(Cipher.ENCRYPT_MODE, gk.getSecretKey());
> return new OzoneOutputStream(
> new CipherOutputStream(keyOutputStream, gk.getCipher()));
> }
> }catch (Exception ex){
> throw new IOException(ex);
> }
>
[jira] [Updated] (HDDS-2247) Delete FileEncryptionInfo from KeyInfo when a Key is deleted
[
https://issues.apache.org/jira/browse/HDDS-2247?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Dinesh Chitlangia updated HDDS-2247:
Description:
As part of HDDS-2174 we are deleting Encryption Key on delete file operation.
However, if KMS is enabled, we are skipping GDPR Encryption Key approach when
writing file in a GDPR enforced Bucket.
{code:java}
final FileEncryptionInfo feInfo = keyOutputStream.getFileEncryptionInfo();
if (feInfo != null) {
KeyProvider.KeyVersion decrypted = getDEK(feInfo);
final CryptoOutputStream cryptoOut =
new CryptoOutputStream(keyOutputStream,
OzoneKMSUtil.getCryptoCodec(conf, feInfo),
decrypted.getMaterial(), feInfo.getIV());
return new OzoneOutputStream(cryptoOut);
} else {
try{
GDPRSymmetricKey gk;
Map openKeyMetadata =
openKey.getKeyInfo().getMetadata();
if(Boolean.valueOf(openKeyMetadata.get(OzoneConsts.GDPR_FLAG))){
gk = new GDPRSymmetricKey(
openKeyMetadata.get(OzoneConsts.GDPR_SECRET),
openKeyMetadata.get(OzoneConsts.GDPR_ALGORITHM)
);
gk.getCipher().init(Cipher.ENCRYPT_MODE, gk.getSecretKey());
return new OzoneOutputStream(
new CipherOutputStream(keyOutputStream, gk.getCipher()));
}
}catch (Exception ex){
throw new IOException(ex);
}
{code}
In such scenario, when KMS is enabled & GDPR enforced on a bucket, if we user
deletes a file, we should delete the {{FileEncryptionInfo}} from KeyInfo,
before moving it to deletedTable, else we cannot guarantee Right to Erasure.
was:
[~aengineer] - As part of HDDS-2174 we are deleting Encryption Key on delete
file operation.
However, if KMS is enabled, we are skipping GDPR Encryption Key approach when
writing file in a GDPR enforced Bucket.
{code:java}
final FileEncryptionInfo feInfo = keyOutputStream.getFileEncryptionInfo();
if (feInfo != null) {
KeyProvider.KeyVersion decrypted = getDEK(feInfo);
final CryptoOutputStream cryptoOut =
new CryptoOutputStream(keyOutputStream,
OzoneKMSUtil.getCryptoCodec(conf, feInfo),
decrypted.getMaterial(), feInfo.getIV());
return new OzoneOutputStream(cryptoOut);
} else {
try{
GDPRSymmetricKey gk;
Map openKeyMetadata =
openKey.getKeyInfo().getMetadata();
if(Boolean.valueOf(openKeyMetadata.get(OzoneConsts.GDPR_FLAG))){
gk = new GDPRSymmetricKey(
openKeyMetadata.get(OzoneConsts.GDPR_SECRET),
openKeyMetadata.get(OzoneConsts.GDPR_ALGORITHM)
);
gk.getCipher().init(Cipher.ENCRYPT_MODE, gk.getSecretKey());
return new OzoneOutputStream(
new CipherOutputStream(keyOutputStream, gk.getCipher()));
}
}catch (Exception ex){
throw new IOException(ex);
}
{code}
In such scenario, when KMS is enabled & GDPR enforced on a bucket, if we user
deletes a file, we should delete the {{FileEncryptionInfo}} from KeyInfo,
before moving it to deletedTable, else we cannot guarantee Right to Erasure.
> Delete FileEncryptionInfo from KeyInfo when a Key is deleted
>
>
> Key: HDDS-2247
> URL: https://issues.apache.org/jira/browse/HDDS-2247
> Project: Hadoop Distributed Data Store
> Issue Type: Sub-task
>Reporter: Dinesh Chitlangia
>Assignee: Dinesh Chitlangia
>Priority: Major
>
> As part of HDDS-2174 we are deleting Encryption Key on delete file operation.
> However, if KMS is enabled, we are skipping GDPR Encryption Key approach when
> writing file in a GDPR enforced Bucket.
> {code:java}
> final FileEncryptionInfo feInfo = keyOutputStream.getFileEncryptionInfo();
> if (feInfo != null) {
> KeyProvider.KeyVersion decrypted = getDEK(feInfo);
> final CryptoOutputStream cryptoOut =
> new CryptoOutputStream(keyOutputStream,
> OzoneKMSUtil.getCryptoCodec(conf, feInfo),
> decrypted.getMaterial(), feInfo.getIV());
> return new OzoneOutputStream(cryptoOut);
> } else {
> try{
> GDPRSymmetricKey gk;
> Map openKeyMetadata =
> openKey.getKeyInfo().getMetadata();
> if(Boolean.valueOf(openKeyMetadata.get(OzoneConsts.GDPR_FLAG))){
> gk = new GDPRSymmetricKey(
> openKeyMetadata.get(OzoneConsts.GDPR_SECRET),
> openKeyMetadata.get(OzoneConsts.GDPR_ALGORITHM)
> );
> gk.getCipher().init(Cipher.ENCRYPT_MODE, gk.getSecretKey());
> return new OzoneOutputStream(
> new CipherOutputStream(keyOutputStream, gk.getCipher()));
> }
> }catch (Exception ex){
> throw new IOException(ex);
> }
>
