Updated Branches: refs/heads/flume-1.3.0 52bbce20e -> c2d58c56a
FLUME-1563. FileChannel Encryption KeyProvider configuration properties should be more consistent. (Brock Noland via Mike Percy) Project: http://git-wip-us.apache.org/repos/asf/flume/repo Commit: http://git-wip-us.apache.org/repos/asf/flume/commit/c2d58c56 Tree: http://git-wip-us.apache.org/repos/asf/flume/tree/c2d58c56 Diff: http://git-wip-us.apache.org/repos/asf/flume/diff/c2d58c56 Branch: refs/heads/flume-1.3.0 Commit: c2d58c56a6d9f40f4edd4587fdb0d5ae02490655 Parents: 52bbce2 Author: Mike Percy <[email protected]> Authored: Wed Sep 12 10:57:52 2012 -0700 Committer: Mike Percy <[email protected]> Committed: Wed Sep 12 10:59:06 2012 -0700 ---------------------------------------------------------------------- .../org/apache/flume/channel/file/FileChannel.java | 13 ++- .../file/encryption/EncryptionConfiguration.java | 7 +- .../file/encryption/JCEFileKeyProvider.java | 50 +++++++----- .../file/encryption/KeyProviderFactory.java | 9 +- .../file/encryption/EncryptionTestUtils.java | 27 ++++-- .../file/encryption/TestFileChannelEncryption.java | 65 +++++++++++---- .../file/encryption/TestJCEFileKeyProvider.java | 20 +++-- 7 files changed, 130 insertions(+), 61 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/flume/blob/c2d58c56/flume-ng-channels/flume-file-channel/src/main/java/org/apache/flume/channel/file/FileChannel.java ---------------------------------------------------------------------- diff --git a/flume-ng-channels/flume-file-channel/src/main/java/org/apache/flume/channel/file/FileChannel.java b/flume-ng-channels/flume-file-channel/src/main/java/org/apache/flume/channel/file/FileChannel.java index f2ccd3a..66f7536 100644 --- a/flume-ng-channels/flume-file-channel/src/main/java/org/apache/flume/channel/file/FileChannel.java +++ b/flume-ng-channels/flume-file-channel/src/main/java/org/apache/flume/channel/file/FileChannel.java @@ -40,7 +40,9 @@ import org.apache.flume.instrumentation.ChannelCounter; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import com.google.common.base.Joiner; import com.google.common.base.Preconditions; +import com.google.common.base.Strings; /** * <p> @@ -214,11 +216,16 @@ public class FileChannel extends BasicChannelSemantics { encryptionCipherProvider = encryptionContext.getString( EncryptionConfiguration.CIPHER_PROVIDER); if(encryptionKeyProviderName != null) { - Preconditions.checkNotNull(encryptionKeyAlias, "encryptionKeyAlias"); - Preconditions.checkNotNull(encryptionCipherProvider, + Preconditions.checkState(!Strings.isNullOrEmpty(encryptionKeyAlias), + "encryptionKeyAlias"); + Preconditions.checkState(!Strings.isNullOrEmpty(encryptionCipherProvider), "encryptionCipherProvider"); + Context keyProviderContext = new Context(encryptionContext. + getSubProperties(Joiner.on("."). + join(EncryptionConfiguration.KEY_PROVIDER, + encryptionKeyProviderName.trim(), ""))); encryptionKeyProvider = KeyProviderFactory. - getInstance(encryptionKeyProviderName, encryptionContext); + getInstance(keyProviderContext); } else { Preconditions.checkState(encryptionKeyAlias == null, "encryptionKeyAlias"); Preconditions.checkState(encryptionCipherProvider == null, http://git-wip-us.apache.org/repos/asf/flume/blob/c2d58c56/flume-ng-channels/flume-file-channel/src/main/java/org/apache/flume/channel/file/encryption/EncryptionConfiguration.java ---------------------------------------------------------------------- diff --git a/flume-ng-channels/flume-file-channel/src/main/java/org/apache/flume/channel/file/encryption/EncryptionConfiguration.java b/flume-ng-channels/flume-file-channel/src/main/java/org/apache/flume/channel/file/encryption/EncryptionConfiguration.java index 909d6bf..27716fc 100644 --- a/flume-ng-channels/flume-file-channel/src/main/java/org/apache/flume/channel/file/encryption/EncryptionConfiguration.java +++ b/flume-ng-channels/flume-file-channel/src/main/java/org/apache/flume/channel/file/encryption/EncryptionConfiguration.java @@ -28,6 +28,10 @@ public class EncryptionConfiguration { */ public static final String KEY_PROVIDER = "keyProvider"; /** + * Encryption key provider type, default is null. + */ + public static final String KEY_PROVIDER_TYPE = "type"; + /** * Encryption key alias, default is null. */ public static final String KEY_ALIAS = "keyAlias"; @@ -40,8 +44,7 @@ public class EncryptionConfiguration { * Space separated list of keys which are needed for the current set of logs * plus the one specified in keyAlias */ - public static final String KEYS = "keys"; - + public static final String JCE_FILE_KEYS = "keys"; /** * Path to key password file is: * keys.aliasName.passwordFile http://git-wip-us.apache.org/repos/asf/flume/blob/c2d58c56/flume-ng-channels/flume-file-channel/src/main/java/org/apache/flume/channel/file/encryption/JCEFileKeyProvider.java ---------------------------------------------------------------------- diff --git a/flume-ng-channels/flume-file-channel/src/main/java/org/apache/flume/channel/file/encryption/JCEFileKeyProvider.java b/flume-ng-channels/flume-file-channel/src/main/java/org/apache/flume/channel/file/encryption/JCEFileKeyProvider.java index f814993..4c53df4 100644 --- a/flume-ng-channels/flume-file-channel/src/main/java/org/apache/flume/channel/file/encryption/JCEFileKeyProvider.java +++ b/flume-ng-channels/flume-file-channel/src/main/java/org/apache/flume/channel/file/encryption/JCEFileKeyProvider.java @@ -29,7 +29,9 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import com.google.common.base.Charsets; +import com.google.common.base.Joiner; import com.google.common.base.Preconditions; +import com.google.common.base.Strings; import com.google.common.base.Throwables; import com.google.common.collect.Maps; import com.google.common.io.Files; @@ -41,11 +43,13 @@ public class JCEFileKeyProvider extends KeyProvider { private Map<String, File> aliasPasswordFileMap; private KeyStore ks; private char[] keyStorePassword; + private File keyStorePasswordFile; public JCEFileKeyProvider(File keyStoreFile, File keyStorePasswordFile, Map<String, File> aliasPasswordFileMap) { super(); this.aliasPasswordFileMap = aliasPasswordFileMap; + this.keyStorePasswordFile = keyStorePasswordFile; try { ks = KeyStore.getInstance("jceks"); keyStorePassword = Files.toString(keyStorePasswordFile, Charsets.UTF_8) @@ -58,16 +62,22 @@ public class JCEFileKeyProvider extends KeyProvider { @Override public Key getKey(String alias) { + String passwordFile = keyStorePasswordFile.getAbsolutePath(); try { char[] keyPassword = keyStorePassword; if(aliasPasswordFileMap.containsKey(alias)) { - keyPassword = Files.toString(aliasPasswordFileMap.get(alias), + File keyPasswordFile = aliasPasswordFileMap.get(alias); + keyPassword = Files.toString(keyPasswordFile, Charsets.UTF_8).trim().toCharArray(); + passwordFile = keyPasswordFile.getAbsolutePath(); } Key key = ks.getKey(alias, keyPassword); return key; } catch (Exception e) { - throw Throwables.propagate(e); + String msg = e.getClass().getName() + ": " + e.getMessage() + ". " + + "Key = " + alias + ", passwordFile = " + passwordFile +": " + + e.getMessage(); + throw new RuntimeException(msg, e); } } @@ -78,26 +88,26 @@ public class JCEFileKeyProvider extends KeyProvider { EncryptionConfiguration.JCE_FILE_KEY_STORE_FILE); String keyStorePasswordFileName = context.getString( EncryptionConfiguration.JCE_FILE_KEY_STORE_PASSWORD_FILE); - Preconditions.checkNotNull(keyStoreFileName, "KeyStore file not specified"); - Preconditions.checkNotNull(keyStorePasswordFileName, "KeyStore password " + - "file not specified"); + Preconditions.checkState(!Strings.isNullOrEmpty(keyStoreFileName), + "KeyStore file not specified"); + Preconditions.checkState(!Strings.isNullOrEmpty(keyStorePasswordFileName), + "KeyStore password file not specified"); Map<String, File> aliasPasswordFileMap = Maps.newHashMap(); String passwordProtectedKeys = context.getString( - EncryptionConfiguration.KEYS); - if(passwordProtectedKeys != null) { - for(String passwordName : passwordProtectedKeys.trim().split("\\s+")) { - String propertyName = EncryptionConfiguration.KEYS + "." + - passwordName + "." + - EncryptionConfiguration.JCE_FILE_KEY_PASSWORD_FILE; - String passwordFileName = context.getString(propertyName, - keyStorePasswordFileName); - File passwordFile = new File(passwordFileName.trim()); - if(passwordFile.isFile()) { - aliasPasswordFileMap.put(passwordName, passwordFile); - } else { - logger.warn("Password file for alias " + passwordName + - " does not exist"); - } + EncryptionConfiguration.JCE_FILE_KEYS); + Preconditions.checkState(!Strings.isNullOrEmpty(passwordProtectedKeys), + "Keys available to KeyStore was not specified or empty"); + for(String passwordName : passwordProtectedKeys.trim().split("\\s+")) { + String propertyName = Joiner.on(".").join(EncryptionConfiguration.JCE_FILE_KEYS, + passwordName, EncryptionConfiguration.JCE_FILE_KEY_PASSWORD_FILE); + String passwordFileName = context.getString(propertyName, + keyStorePasswordFileName); + File passwordFile = new File(passwordFileName.trim()); + if(passwordFile.isFile()) { + aliasPasswordFileMap.put(passwordName, passwordFile); + } else { + logger.warn("Password file for alias " + passwordName + + " does not exist"); } } File keyStoreFile = new File(keyStoreFileName.trim()); http://git-wip-us.apache.org/repos/asf/flume/blob/c2d58c56/flume-ng-channels/flume-file-channel/src/main/java/org/apache/flume/channel/file/encryption/KeyProviderFactory.java ---------------------------------------------------------------------- diff --git a/flume-ng-channels/flume-file-channel/src/main/java/org/apache/flume/channel/file/encryption/KeyProviderFactory.java b/flume-ng-channels/flume-file-channel/src/main/java/org/apache/flume/channel/file/encryption/KeyProviderFactory.java index fef0367..f09c48b 100644 --- a/flume-ng-channels/flume-file-channel/src/main/java/org/apache/flume/channel/file/encryption/KeyProviderFactory.java +++ b/flume-ng-channels/flume-file-channel/src/main/java/org/apache/flume/channel/file/encryption/KeyProviderFactory.java @@ -30,10 +30,11 @@ public class KeyProviderFactory { LoggerFactory.getLogger(KeyProviderFactory.class); @SuppressWarnings({ "rawtypes", "unchecked" }) - public static KeyProvider getInstance(String keyProviderType, Context context) { - + public static KeyProvider getInstance(Context context) { + String keyProviderType = context.getString( + EncryptionConfiguration.KEY_PROVIDER_TYPE); Preconditions.checkNotNull(keyProviderType, - "provider type must not be null"); + "key provider type must not be null"); // try to find builder class in enum of known providers KeyProviderType type; @@ -50,7 +51,7 @@ public class KeyProviderFactory { if (providerClass == null) { try { Class c = Class.forName(keyProviderType); - if (c != null && CipherProvider.class.isAssignableFrom(c)) { + if (c != null && KeyProvider.Builder.class.isAssignableFrom(c)) { providerClass = (Class<? extends KeyProvider.Builder>) c; } else { String errMessage = "Unable to instantiate Builder from " + http://git-wip-us.apache.org/repos/asf/flume/blob/c2d58c56/flume-ng-channels/flume-file-channel/src/test/java/org/apache/flume/channel/file/encryption/EncryptionTestUtils.java ---------------------------------------------------------------------- diff --git a/flume-ng-channels/flume-file-channel/src/test/java/org/apache/flume/channel/file/encryption/EncryptionTestUtils.java b/flume-ng-channels/flume-file-channel/src/test/java/org/apache/flume/channel/file/encryption/EncryptionTestUtils.java index a157661..fc617f5 100644 --- a/flume-ng-channels/flume-file-channel/src/test/java/org/apache/flume/channel/file/encryption/EncryptionTestUtils.java +++ b/flume-ng-channels/flume-file-channel/src/test/java/org/apache/flume/channel/file/encryption/EncryptionTestUtils.java @@ -95,30 +95,39 @@ public class EncryptionTestUtils { result.put("key-1", null); return result; } - public static Map<String,String> configureForKeyStore(File keyStoreFile, - File keyStorePasswordFile, Map<String, File> keyAliasPassword) - throws Exception { + public static Map<String,String> configureForKeyStore(String keyProviderName, + File keyStoreFile, File keyStorePasswordFile, + Map<String, File> keyAliasPassword) throws Exception { Map<String, String> context = Maps.newHashMap(); List<String> keys = Lists.newArrayList(); + Joiner joiner = Joiner.on("."); for(String alias : keyAliasPassword.keySet()) { - String propertyName = EncryptionConfiguration.KEYS + "." + alias + "." + - EncryptionConfiguration.JCE_FILE_KEY_PASSWORD_FILE; File passwordFile = keyAliasPassword.get(alias); if(passwordFile == null) { keys.add(alias); - context.put(propertyName, keyStorePasswordFile.getAbsolutePath()); } else { + String propertyName = joiner.join(EncryptionConfiguration.KEY_PROVIDER, + keyProviderName, EncryptionConfiguration.JCE_FILE_KEYS, alias, + EncryptionConfiguration.JCE_FILE_KEY_PASSWORD_FILE); keys.add(alias); context.put(propertyName, passwordFile.getAbsolutePath()); } } - context.put(EncryptionConfiguration.JCE_FILE_KEY_STORE_FILE, + context.put(EncryptionConfiguration.KEY_PROVIDER, keyProviderName); + context.put(joiner.join(EncryptionConfiguration.KEY_PROVIDER, + keyProviderName, EncryptionConfiguration.KEY_PROVIDER_TYPE), + KeyProviderType.JCEKSFILE.name()); + context.put(joiner.join(EncryptionConfiguration.KEY_PROVIDER, + keyProviderName, EncryptionConfiguration.JCE_FILE_KEY_STORE_FILE), keyStoreFile.getAbsolutePath()); if(keyStorePasswordFile != null) { - context.put(EncryptionConfiguration.JCE_FILE_KEY_STORE_PASSWORD_FILE, + context.put(joiner.join(EncryptionConfiguration.KEY_PROVIDER, + keyProviderName, EncryptionConfiguration.JCE_FILE_KEY_STORE_PASSWORD_FILE), keyStorePasswordFile.getAbsolutePath()); } - context.put(EncryptionConfiguration.KEYS, Joiner.on(" ").join(keys)); + context.put(joiner.join(EncryptionConfiguration.KEY_PROVIDER, + keyProviderName, EncryptionConfiguration.JCE_FILE_KEYS), + Joiner.on(" ").join(keys)); return context; } } http://git-wip-us.apache.org/repos/asf/flume/blob/c2d58c56/flume-ng-channels/flume-file-channel/src/test/java/org/apache/flume/channel/file/encryption/TestFileChannelEncryption.java ---------------------------------------------------------------------- diff --git a/flume-ng-channels/flume-file-channel/src/test/java/org/apache/flume/channel/file/encryption/TestFileChannelEncryption.java b/flume-ng-channels/flume-file-channel/src/test/java/org/apache/flume/channel/file/encryption/TestFileChannelEncryption.java index 5f3a23d..44af4c9 100644 --- a/flume-ng-channels/flume-file-channel/src/test/java/org/apache/flume/channel/file/encryption/TestFileChannelEncryption.java +++ b/flume-ng-channels/flume-file-channel/src/test/java/org/apache/flume/channel/file/encryption/TestFileChannelEncryption.java @@ -37,12 +37,14 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import com.google.common.base.Charsets; +import com.google.common.base.Joiner; import com.google.common.collect.Maps; import com.google.common.io.Files; public class TestFileChannelEncryption extends TestFileChannelBase { protected static final Logger LOGGER = LoggerFactory.getLogger(TestFileChannelEncryption.class); + private static final String KEY_PROVIDER_NAME = "myKeyProvider"; private File keyStoreFile; private File keyStorePasswordFile; private Map<String, File> keyAliasPassword; @@ -70,10 +72,8 @@ public class TestFileChannelEncryption extends TestFileChannelBase { private Map<String, String> getOverridesForEncryption() throws Exception { Map<String, String> overrides = getOverrides(); Map<String, String> encryptionProps = EncryptionTestUtils. - configureForKeyStore(keyStoreFile, keyStorePasswordFile, - keyAliasPassword); - encryptionProps.put(EncryptionConfiguration.KEY_PROVIDER, - KeyProviderType.JCEKSFILE.name()); + configureForKeyStore(KEY_PROVIDER_NAME, keyStoreFile, + keyStorePasswordFile, keyAliasPassword); encryptionProps.put(EncryptionConfiguration.CIPHER_PROVIDER, CipherProviderType.AESCTRNOPADDING.name()); encryptionProps.put(EncryptionConfiguration.KEY_ALIAS, "key-1"); @@ -84,6 +84,32 @@ public class TestFileChannelEncryption extends TestFileChannelBase { return overrides; } @Test + public void testConfiguration() throws Exception { + Map<String, String> overrides = Maps.newHashMap(); + overrides.put("encryption.keyAlias", "key-1"); + overrides.put("encryption.cipherProvider", "AESCTRNOPADDING"); + overrides.put("encryption.keyProvider", "myKeyProvider"); + overrides.put("encryption.keyProvider.myKeyProvider.type", "JCEKSFILE"); + overrides.put("encryption.keyProvider.myKeyProvider.keyStoreFile", + keyStoreFile.getAbsolutePath()); + overrides.put("encryption.keyProvider.myKeyProvider.keyStorePasswordFile", + keyStorePasswordFile.getAbsolutePath()); + overrides.put("encryption.keyProvider.myKeyProvider.keys", "key-0 key-1"); + overrides.put("encryption.keyProvider.myKeyProvider.keys.key-0.passwordFile", + keyAliasPassword.get("key-0").getAbsolutePath()); + channel = createFileChannel(overrides); + channel.start(); + Assert.assertTrue(channel.isOpen()); + Set<String> in = fillChannel(channel, "restart"); + channel.stop(); + channel = TestUtils.createFileChannel(checkpointDir.getAbsolutePath(), + dataDir, overrides); + channel.start(); + Assert.assertTrue(channel.isOpen()); + Set<String> out = consumeChannel(channel); + compareInputAndOut(in, out); + } + @Test public void testBasicEncyrptionDecryption() throws Exception { Map<String, String> overrides = getOverridesForEncryption(); channel = createFileChannel(overrides); @@ -143,8 +169,9 @@ public class TestFileChannelEncryption extends TestFileChannelBase { @Test public void testBadKeyProviderInvalidValue() throws Exception { Map<String, String> overrides = getOverridesForEncryption(); - overrides.put(EncryptionConfiguration.ENCRYPTION_PREFIX + "." + - EncryptionConfiguration.KEY_PROVIDER, "invalid"); + overrides.put(Joiner.on(".").join(EncryptionConfiguration.ENCRYPTION_PREFIX, + EncryptionConfiguration.KEY_PROVIDER, KEY_PROVIDER_NAME, + EncryptionConfiguration.KEY_PROVIDER_TYPE), "invalid"); try { channel = createFileChannel(overrides); Assert.fail(); @@ -156,8 +183,9 @@ public class TestFileChannelEncryption extends TestFileChannelBase { @Test public void testBadKeyProviderInvalidClass() throws Exception { Map<String, String> overrides = getOverridesForEncryption(); - overrides.put(EncryptionConfiguration.ENCRYPTION_PREFIX + "." + - EncryptionConfiguration.KEY_PROVIDER, String.class.getName()); + overrides.put(Joiner.on(".").join(EncryptionConfiguration.ENCRYPTION_PREFIX, + EncryptionConfiguration.KEY_PROVIDER, KEY_PROVIDER_NAME, + EncryptionConfiguration.KEY_PROVIDER_TYPE), String.class.getName()); try { channel = createFileChannel(overrides); Assert.fail(); @@ -169,8 +197,8 @@ public class TestFileChannelEncryption extends TestFileChannelBase { @Test public void testBadCipherProviderInvalidValue() throws Exception { Map<String, String> overrides = getOverridesForEncryption(); - overrides.put(EncryptionConfiguration.ENCRYPTION_PREFIX + "." + - EncryptionConfiguration.CIPHER_PROVIDER, "invalid"); + overrides.put(Joiner.on(".").join(EncryptionConfiguration.ENCRYPTION_PREFIX, + EncryptionConfiguration.CIPHER_PROVIDER), "invalid"); channel = createFileChannel(overrides); channel.start(); Assert.assertFalse(channel.isOpen()); @@ -178,8 +206,8 @@ public class TestFileChannelEncryption extends TestFileChannelBase { @Test public void testBadCipherProviderInvalidClass() throws Exception { Map<String, String> overrides = getOverridesForEncryption(); - overrides.put(EncryptionConfiguration.ENCRYPTION_PREFIX + "." + - EncryptionConfiguration.CIPHER_PROVIDER, String.class.getName()); + overrides.put(Joiner.on(".").join(EncryptionConfiguration.ENCRYPTION_PREFIX, + EncryptionConfiguration.CIPHER_PROVIDER), String.class.getName()); channel = createFileChannel(overrides); channel.start(); Assert.assertFalse(channel.isOpen()); @@ -187,8 +215,10 @@ public class TestFileChannelEncryption extends TestFileChannelBase { @Test public void testMissingKeyStoreFile() throws Exception { Map<String, String> overrides = getOverridesForEncryption(); - overrides.put(EncryptionConfiguration.ENCRYPTION_PREFIX + "." + - EncryptionConfiguration.JCE_FILE_KEY_STORE_FILE, "/path/does/not/exist"); + overrides.put(Joiner.on(".").join(EncryptionConfiguration.ENCRYPTION_PREFIX, + EncryptionConfiguration.KEY_PROVIDER, KEY_PROVIDER_NAME, + EncryptionConfiguration.JCE_FILE_KEY_STORE_FILE), + "/path/does/not/exist"); try { channel = createFileChannel(overrides); Assert.fail(); @@ -200,9 +230,10 @@ public class TestFileChannelEncryption extends TestFileChannelBase { @Test public void testMissingKeyStorePasswordFile() throws Exception { Map<String, String> overrides = getOverridesForEncryption(); - overrides.put(EncryptionConfiguration.ENCRYPTION_PREFIX + "." + - EncryptionConfiguration.JCE_FILE_KEY_STORE_PASSWORD_FILE, - "/path/does/not/exist"); + overrides.put(Joiner.on(".").join(EncryptionConfiguration.ENCRYPTION_PREFIX, + EncryptionConfiguration.KEY_PROVIDER, KEY_PROVIDER_NAME, + EncryptionConfiguration.JCE_FILE_KEY_STORE_PASSWORD_FILE), + "/path/does/not/exist"); try { channel = createFileChannel(overrides); Assert.fail(); http://git-wip-us.apache.org/repos/asf/flume/blob/c2d58c56/flume-ng-channels/flume-file-channel/src/test/java/org/apache/flume/channel/file/encryption/TestJCEFileKeyProvider.java ---------------------------------------------------------------------- diff --git a/flume-ng-channels/flume-file-channel/src/test/java/org/apache/flume/channel/file/encryption/TestJCEFileKeyProvider.java b/flume-ng-channels/flume-file-channel/src/test/java/org/apache/flume/channel/file/encryption/TestJCEFileKeyProvider.java index 519952e..14afaeb 100644 --- a/flume-ng-channels/flume-file-channel/src/test/java/org/apache/flume/channel/file/encryption/TestJCEFileKeyProvider.java +++ b/flume-ng-channels/flume-file-channel/src/test/java/org/apache/flume/channel/file/encryption/TestJCEFileKeyProvider.java @@ -32,10 +32,12 @@ import org.junit.Before; import org.junit.Test; import com.google.common.base.Charsets; +import com.google.common.base.Joiner; import com.google.common.collect.Maps; import com.google.common.io.Files; public class TestJCEFileKeyProvider { + private static final String KEY_PROVIDER_NAME = "myKeyProvider"; private CipherProvider.Encryptor encryptor; private CipherProvider.Decryptor decryptor; private File baseDir; @@ -70,10 +72,13 @@ public class TestJCEFileKeyProvider { EncryptionTestUtils.createKeyStore(keyStoreFile, keyStorePasswordFile, keyAliasPassword); Context context = new Context(EncryptionTestUtils. - configureForKeyStore(keyStoreFile, keyStorePasswordFile, - keyAliasPassword)); + configureForKeyStore(KEY_PROVIDER_NAME, keyStoreFile, + keyStorePasswordFile, keyAliasPassword)); + Context keyProviderContext = new Context( + context.getSubProperties(Joiner.on(".").join( + EncryptionConfiguration.KEY_PROVIDER, KEY_PROVIDER_NAME, ""))); KeyProvider keyProvider = KeyProviderFactory. - getInstance(KeyProviderType.JCEKSFILE.name(), context); + getInstance(keyProviderContext); testKeyProvider(keyProvider); } @Test @@ -81,10 +86,13 @@ public class TestJCEFileKeyProvider { keyAliasPassword.putAll(EncryptionTestUtils. configureTestKeyStore(baseDir, keyStoreFile)); Context context = new Context(EncryptionTestUtils. - configureForKeyStore(keyStoreFile, keyStorePasswordFile, - keyAliasPassword)); + configureForKeyStore(KEY_PROVIDER_NAME, keyStoreFile, + keyStorePasswordFile, keyAliasPassword)); + Context keyProviderContext = new Context( + context.getSubProperties(Joiner.on(".").join( + EncryptionConfiguration.KEY_PROVIDER, KEY_PROVIDER_NAME, ""))); KeyProvider keyProvider = KeyProviderFactory. - getInstance(KeyProviderType.JCEKSFILE.name(), context); + getInstance(keyProviderContext); testKeyProvider(keyProvider); } private void createNewKeyStore() throws Exception {
