[jira] [Work logged] (HADOOP-13887) Encrypt S3A data client-side with AWS SDK (S3-CSE)

Mon, 22 Feb 2021 20:51:07 -0800 


     [ 
https://issues.apache.org/jira/browse/HADOOP-13887?focusedWorklogId=556172&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-556172
 ]

ASF GitHub Bot logged work on HADOOP-13887:
-------------------------------------------

                Author: ASF GitHub Bot
            Created on: 23/Feb/21 04:50
            Start Date: 23/Feb/21 04:50
    Worklog Time Spent: 10m 
      Work Description: mehakmeet edited a comment on pull request #2706:
URL: https://github.com/apache/hadoop/pull/2706#issuecomment-783802582


   Also on that note, I figured something in the aws-sdk while doing a put 
request we have this in S3CryptoModuleBase.java:
   ```
   // Record the original, unencrypted content-length so it can be accessed
           // later
           final long plaintextLength = plaintextLength(request, metadata);
           if (plaintextLength >= 0) {
               metadata.addUserMetadata(Headers.UNENCRYPTED_CONTENT_LENGTH,
                                        Long.toString(plaintextLength));
               // Put the ciphertext length in the metadata
               metadata.setContentLength(ciphertextLength(plaintextLength));
           }
           request.setMetadata(metadata);
   ```
   Every put request in AmazonS3EncryptionClientV2, is wrapped like this. but 
it seems this isn’t the issue, in LIST ops, we don’t use these, right? so, how 
do we get file length in LIST calls?


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


Issue Time Tracking
-------------------

    Worklog Id:     (was: 556172)
    Time Spent: 1h 40m  (was: 1.5h)

> Encrypt S3A data client-side with AWS SDK (S3-CSE)
> --------------------------------------------------
>
>                 Key: HADOOP-13887
>                 URL: https://issues.apache.org/jira/browse/HADOOP-13887
>             Project: Hadoop Common
>          Issue Type: Sub-task
>          Components: fs/s3
>    Affects Versions: 2.8.0
>            Reporter: Jeeyoung Kim
>            Assignee: Igor Mazur
>            Priority: Minor
>              Labels: pull-request-available
>         Attachments: HADOOP-13887-002.patch, HADOOP-13887-007.patch, 
> HADOOP-13887-branch-2-003.patch, HADOOP-13897-branch-2-004.patch, 
> HADOOP-13897-branch-2-005.patch, HADOOP-13897-branch-2-006.patch, 
> HADOOP-13897-branch-2-008.patch, HADOOP-13897-branch-2-009.patch, 
> HADOOP-13897-branch-2-010.patch, HADOOP-13897-branch-2-012.patch, 
> HADOOP-13897-branch-2-014.patch, HADOOP-13897-trunk-011.patch, 
> HADOOP-13897-trunk-013.patch, HADOOP-14171-001.patch, S3-CSE Proposal.pdf
>
>          Time Spent: 1h 40m
>  Remaining Estimate: 0h
>
> Expose the client-side encryption option documented in Amazon S3 
> documentation  - 
> http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingClientSideEncryption.html
> Currently this is not exposed in Hadoop but it is exposed as an option in AWS 
> Java SDK, which Hadoop currently includes. It should be trivial to propagate 
> this as a parameter passed to the S3client used in S3AFileSystem.java



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-issues-h...@hadoop.apache.org

Reply via email to