Github user omalley commented on a diff in the pull request: https://github.com/apache/orc/pull/213#discussion_r166687959 --- Diff: java/core/src/java/org/apache/orc/InMemoryKeystore.java --- @@ -0,0 +1,403 @@ +package org.apache.orc; + +import org.apache.commons.lang.StringUtils; +import org.apache.orc.impl.HadoopShims; + +import javax.crypto.BadPaddingException; +import javax.crypto.Cipher; +import javax.crypto.IllegalBlockSizeException; +import javax.crypto.spec.IvParameterSpec; +import javax.crypto.spec.SecretKeySpec; +import java.io.IOException; +import java.security.InvalidAlgorithmParameterException; +import java.security.InvalidKeyException; +import java.security.Key; +import java.security.NoSuchAlgorithmException; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.concurrent.locks.ReentrantReadWriteLock; + +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * <p> + * http://www.apache.org/licenses/LICENSE-2.0 + * <p> + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/** + * This is an in-memory implementation of {@link HadoopShims.KeyProvider}. + * The primary use of this class is to ease testing. + */ +public class InMemoryKeystore implements HadoopShims.KeyProvider { + + /** + * Support AES 256 ? + */ + public static final boolean SUPPORTS_AES_256; + + static { + try { + SUPPORTS_AES_256 = Cipher.getMaxAllowedKeyLength("AES") > 128; + } catch (final NoSuchAlgorithmException e) { + throw new IllegalArgumentException("Unknown algorithm", e); + } + } + + /** + * A map that stores the 'keyName@version' + * and 'metadata + material' mapping. + */ + private final Map<String, KeyVersion> keys; + + /** + * A map that store the keyName (without version) + * and metadata associated with it. + */ + private final Map<String, HadoopShims.KeyMetadata> meta = new HashMap<>(); + + private final ReentrantReadWriteLock rwl = new ReentrantReadWriteLock(true); --- End diff -- I probably wouldn't have bothered with the read-write lock, but it is fine.
---