Author: tucu Date: Thu Aug 21 18:59:48 2014 New Revision: 1619545 URL: http://svn.apache.org/r1619545 Log: HADOOP-10936. Change default KeyProvider bitlength to 128. (wang)
Modified: hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/CHANGES.txt hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/KeyProvider.java hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/KeyShell.java hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/crypto/key/TestKeyShell.java hadoop/common/branches/branch-2/hadoop-common-project/hadoop-kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSWebApp.java Modified: hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/CHANGES.txt URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/CHANGES.txt?rev=1619545&r1=1619544&r2=1619545&view=diff ============================================================================== --- hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/CHANGES.txt (original) +++ hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/CHANGES.txt Thu Aug 21 18:59:48 2014 @@ -168,6 +168,8 @@ Release 2.6.0 - UNRELEASED HADOOP-10793. KeyShell args should use single-dash style. (wang) + HADOOP-10936. Change default KeyProvider bitlength to 128. (wang) + BUG FIXES HADOOP-10781. Unportable getgrouplist() usage breaks FreeBSD (Dmitry Modified: hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/KeyProvider.java URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/KeyProvider.java?rev=1619545&r1=1619544&r2=1619545&view=diff ============================================================================== --- hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/KeyProvider.java (original) +++ hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/KeyProvider.java Thu Aug 21 18:59:48 2014 @@ -54,7 +54,7 @@ public abstract class KeyProvider { public static final String DEFAULT_CIPHER = "AES/CTR/NoPadding"; public static final String DEFAULT_BITLENGTH_NAME = "hadoop.security.key.default.bitlength"; - public static final int DEFAULT_BITLENGTH = 256; + public static final int DEFAULT_BITLENGTH = 128; /** * The combination of both the key version name and the key material. @@ -341,6 +341,16 @@ public abstract class KeyProvider { public Map<String, String> getAttributes() { return (attributes == null) ? Collections.EMPTY_MAP : attributes; } + + @Override + public String toString() { + return "Options{" + + "cipher='" + cipher + '\'' + + ", bitLength=" + bitLength + + ", description='" + description + '\'' + + ", attributes=" + attributes + + '}'; + } } /** Modified: hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/KeyShell.java URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/KeyShell.java?rev=1619545&r1=1619544&r2=1619545&view=diff ============================================================================== --- hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/KeyShell.java (original) +++ hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/KeyShell.java Thu Aug 21 18:59:48 2014 @@ -445,7 +445,7 @@ public class KeyShell extends Configured "by the <keyname> argument within the provider specified by the\n" + "-provider argument. You may specify a cipher with the -cipher\n" + "argument. The default cipher is currently \"AES/CTR/NoPadding\".\n" + - "The default keysize is 256. You may specify the requested key\n" + + "The default keysize is 128. You may specify the requested key\n" + "length using the -size argument. Arbitrary attribute=value\n" + "style attributes may be specified using the -attr argument.\n" + "-attr may be specified multiple times, once per attribute.\n"; @@ -479,7 +479,8 @@ public class KeyShell extends Configured warnIfTransientProvider(); try { provider.createKey(keyName, options); - out.println(keyName + " has been successfully created."); + out.println(keyName + " has been successfully created with options " + + options.toString() + "."); provider.flush(); printProviderWritten(); } catch (InvalidParameterException e) { Modified: hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/crypto/key/TestKeyShell.java URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/crypto/key/TestKeyShell.java?rev=1619545&r1=1619544&r2=1619545&view=diff ============================================================================== --- hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/crypto/key/TestKeyShell.java (original) +++ hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/crypto/key/TestKeyShell.java Thu Aug 21 18:59:48 2014 @@ -110,7 +110,7 @@ public class TestKeyShell { rc = ks.run(args1); assertEquals(0, rc); assertTrue(outContent.toString().contains(keyName + " has been " + - "successfully created.")); + "successfully created")); String listOut = listKeys(ks, false); assertTrue(listOut.contains(keyName)); @@ -145,7 +145,7 @@ public class TestKeyShell { rc = ks.run(args1); assertEquals(0, rc); assertTrue(outContent.toString().contains("key1 has been successfully " + - "created.")); + "created")); String listOut = listKeys(ks, true); assertTrue(listOut.contains("description")); @@ -233,7 +233,7 @@ public class TestKeyShell { rc = ks.run(args1); assertEquals(0, rc); assertTrue(outContent.toString().contains(keyName + " has been " + - "successfully " + "created.")); + "successfully created")); deleteKey(ks, keyName); } @@ -250,7 +250,7 @@ public class TestKeyShell { rc = ks.run(args1); assertEquals(0, rc); assertTrue(outContent.toString().contains("keyattr1 has been " + - "successfully " + "created.")); + "successfully created")); /* ...and list to see that we have the attr */ String listOut = listKeys(ks, true); Modified: hadoop/common/branches/branch-2/hadoop-common-project/hadoop-kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSWebApp.java URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-2/hadoop-common-project/hadoop-kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSWebApp.java?rev=1619545&r1=1619544&r2=1619545&view=diff ============================================================================== --- hadoop/common/branches/branch-2/hadoop-common-project/hadoop-kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSWebApp.java (original) +++ hadoop/common/branches/branch-2/hadoop-common-project/hadoop-kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSWebApp.java Thu Aug 21 18:59:48 2014 @@ -181,12 +181,19 @@ public class KMSWebApp implements Servle keyProvider = new CachingKeyProvider(keyProvider, keyTimeOutMillis, currKeyTimeOutMillis); } + LOG.info("Initialized KeyProvider " + keyProvider); + keyProviderCryptoExtension = KeyProviderCryptoExtension. createKeyProviderCryptoExtension(keyProvider); keyProviderCryptoExtension = new EagerKeyGeneratorKeyProviderCryptoExtension(kmsConf, keyProviderCryptoExtension); - + LOG.info("Initialized KeyProviderCryptoExtension " + + keyProviderCryptoExtension); + final int defaultBitlength = kmsConf + .getInt(KeyProvider.DEFAULT_BITLENGTH_NAME, + KeyProvider.DEFAULT_BITLENGTH); + LOG.info("Default key bitlength is {}", defaultBitlength); LOG.info("KMS Started"); } catch (Throwable ex) { System.out.println();