Example usage for org.apache.hadoop.fs FileEncryptionInfo getIV

List of usage examples for org.apache.hadoop.fs FileEncryptionInfo getIV

  1. HOME
  2. Java
  3. org.apache.hadoop
  4. org.apache.hadoop.fs.*
  5. FileEncryptionInfo
  6. getIV

Introduction

In this page you can find the example usage for org.apache.hadoop.fs FileEncryptionInfo getIV.

Prototype

public byte[] getIV()

Source Link

Usage

From source file:com.mellanox.r4h.DFSClient.java

License:Apache License

/**
 * Decrypts a EDEK by consulting the KeyProvider.
 *//*from  ww w .j a v a 2 s.co  m*/
private KeyVersion decryptEncryptedDataEncryptionKey(FileEncryptionInfo feInfo) throws IOException {
    TraceScope scope = Trace.startSpan("decryptEDEK", traceSampler);
    try {
        KeyProvider provider = getKeyProvider();
        if (provider == null) {
            throw new IOException("No KeyProvider is configured, cannot access" + " an encrypted file");
        }
        EncryptedKeyVersion ekv = EncryptedKeyVersion.createForDecryption(feInfo.getKeyName(),
                feInfo.getEzKeyVersionName(), feInfo.getIV(), feInfo.getEncryptedDataEncryptionKey());
        try {
            KeyProviderCryptoExtension cryptoProvider = KeyProviderCryptoExtension
                    .createKeyProviderCryptoExtension(provider);
            return cryptoProvider.decryptEncryptedKey(ekv);
        } catch (GeneralSecurityException e) {
            throw new IOException(e);
        }
    } finally {
        scope.close();
    }
}

From source file:com.mellanox.r4h.DFSClient.java

License:Apache License

/**
 * Wraps the stream in a CryptoInputStream if the underlying file is
 * encrypted./*from   w w  w  .j  a  va2s  .  c  om*/
 */
public HdfsDataInputStream createWrappedInputStream(DFSInputStream dfsis) throws IOException {
    final FileEncryptionInfo feInfo = dfsis.getFileEncryptionInfo();
    if (feInfo != null) {
        // File is encrypted, wrap the stream in a crypto stream.
        // Currently only one version, so no special logic based on the version #
        getCryptoProtocolVersion(feInfo);
        final CryptoCodec codec = getCryptoCodec(conf, feInfo);
        final KeyVersion decrypted = decryptEncryptedDataEncryptionKey(feInfo);
        final CryptoInputStream cryptoIn = new CryptoInputStream(dfsis, codec, decrypted.getMaterial(),
                feInfo.getIV());
        return new HdfsDataInputStream(cryptoIn);
    } else {
        // No FileEncryptionInfo so no encryption.
        return new HdfsDataInputStream(dfsis);
    }
}

From source file:com.mellanox.r4h.DFSClient.java

License:Apache License

/**
 * Wraps the stream in a CryptoOutputStream if the underlying file is
 * encrypted.//from  w  ww.  j a v a 2s  .  c om
 */
public HdfsDataOutputStream createWrappedOutputStream(DFSOutputStream dfsos, FileSystem.Statistics statistics,
        long startPos) throws IOException {
    final FileEncryptionInfo feInfo = dfsos.getFileEncryptionInfo();
    if (feInfo != null) {
        // File is encrypted, wrap the stream in a crypto stream.
        // Currently only one version, so no special logic based on the version #
        getCryptoProtocolVersion(feInfo);
        final CryptoCodec codec = getCryptoCodec(conf, feInfo);
        KeyVersion decrypted = decryptEncryptedDataEncryptionKey(feInfo);
        final CryptoOutputStream cryptoOut = new CryptoOutputStream(dfsos, codec, decrypted.getMaterial(),
                feInfo.getIV(), startPos);
        return new HdfsDataOutputStream(cryptoOut, statistics, startPos);
    } else {
        // No FileEncryptionInfo present so no encryption.
        return new HdfsDataOutputStream(dfsos, statistics, startPos);
    }
}