I encrypt file with openssl then put it on HDFS, I used AES/ECB, 128 bits and salt option, and with some research I find out openssl uses PKCS5 padding as default which are all defaults in CryptoFileLoader class here;
https://apache.googlesource.com/sqoop/+/refs/heads/trunk/ src/java/org/apache/sqoop/util/password/CredentialProviderPasswordLoad er.java. Here is my encryption process: # echo -n "password" > .pw # openssl enc -aes-128-ecb -salt -in .pw -out .pw.enc # hdfs dfs -put .opw.enc /user/user1/ Sqoop version is 1.4.6 Command: sqoop import \ -Dorg.apache.sqoop.credentials.loader.class=org. apache.sqoop.util.password.CryptoFileLoader \ -Dorg.apache.sqoop.credentials.loader.crypto.passphrase=sqoop \ --connect jdbc:oracle:thin:@host/database \ --username user1 \ --password-file /user/user1/.pw.enc \ --table db.table1 \ --hive-import \ --hive-overwrite \ --hive-table hivedb.table1 \ --hive-drop-import-delims which gives: 17/03/08 15:10:37 WARN tool.BaseSqoopTool: Failed to load password file java.io.IOException: Can't decrypt the password at org.apache.sqoop.util.password.CryptoFileLoader. loadPassword(CryptoFileLoader.java:151) at org.apache.sqoop.util.CredentialsUtil. fetchPasswordFromLoader(CredentialsUtil.java:81) at org.apache.sqoop.util.CredentialsUtil.fetchPassword( CredentialsUtil.java:66) at org.apache.sqoop.tool.BaseSqoopTool.applyCredentialsOptions( BaseSqoopTool.java:1042) at org.apache.sqoop.tool.BaseSqoopTool.applyCommonOptions( BaseSqoopTool.java:997) at org.apache.sqoop.tool.ImportTool.applyOptions( ImportTool.java:875) at org.apache.sqoop.tool.SqoopTool.parseArguments( SqoopTool.java:435) at org.apache.sqoop.Sqoop.run(Sqoop.java:131) at org.apache.hadoop.util.ToolRunner.run(ToolRunner.java:70) at org.apache.sqoop.Sqoop.runSqoop(Sqoop.java:179) at org.apache.sqoop.Sqoop.runTool(Sqoop.java:218) at org.apache.sqoop.Sqoop.runTool(Sqoop.java:227) at org.apache.sqoop.Sqoop.main(Sqoop.java:236) Caused by: javax.crypto.BadPaddingException: Given final block not properly padded at com.sun.crypto.provider.CipherCore.doFinal(CipherCore. java:966) at com.sun.crypto.provider.CipherCore.doFinal(CipherCore. java:824) at com.sun.crypto.provider.AESCipher.engineDoFinal( AESCipher.java:436) at javax.crypto.Cipher.doFinal(Cipher.java:2165) at org.apache.sqoop.util.password.CryptoFileLoader. loadPassword(CryptoFileLoader.java:149) ... 12 more Error while loading password file: Can't decrypt the password I tried manually giving the other CryptoFileLoader parameters too and also passing local file to the --password-file . I also tried using other algorithms such as CBC but they want parameters (IV, key etc.) and I couldn't pass them because it isn't defined how to in the CryptoFileLoader. I can decrypt the file back successfully with openssl. I can't decrypt with Java program(?) I saw there is an issue with padding but I didn't know what it is and how to encrypt the file with a certain padding method or whatever else to do, I'm not experienced with encryption. There is also org.apache.sqoop.credentials.loader.crypto.iterations parameter in the class which indicates number of PBKDF2 iterations but I don't know if it changes anything. Thanks for any help. -- *BURAK ONGUN*
