[ https://issues.apache.org/jira/browse/IGNITE-7054?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16644233#comment-16644233 ]
Valentin Kulichenko commented on IGNITE-7054: --------------------------------------------- [~uday], I looked through your changes and here are my comments. # In most cases Ignite is configured via XML, not in code, so you should make sure all the classes that can be part of configuration are Spring compatible. For example, {{AsymmetricKeyEncryptionService}} has {{setKeyPair}} method, which takes two parameters and therefore can't be provided as a bean property. Please fix this one and check others for similar issues. # I don't like that {{AsymmetricKeyEncryptionService}} uses {{SymmetricKeyEncryptionService}} under the hood, this is a bit confusing. I think it would be better to move common code to {{IgniteUtils}} and make service implementations independent from each other. # Try to minimize amount of actions that happen in {{encrypt}} and {{decrypt}} methods. For example, do you need to create new {{Cipher}} every time in {{SymmetricKeyEncryptionService}}? Do you need to call {{AwsKmsEncryptionService#initClientAndKmsMasterKeyProvider()}} every time you encrypt/decrypt? Please check all the implementations for this kind of things. # Some methods are package-private, while they can (and should) be private. E.g., {{AwsKmsEncryptionService#createClient()}}. # What is the purpose of {{Base32}} encryption on top of encryption provided by the service? Let me know if you have questions. > S3 IP finder: support client side encryption > -------------------------------------------- > > Key: IGNITE-7054 > URL: https://issues.apache.org/jira/browse/IGNITE-7054 > Project: Ignite > Issue Type: Improvement > Components: s3 > Affects Versions: 2.3 > Reporter: Valentin Kulichenko > Assignee: Uday Kale > Priority: Major > Fix For: 2.8 > > > In case client side encryption [1] is used, it may be required to use > {{AmazonS3EncryptionClient}} instead of regular {{AmazonS3Client}}. We need > to add this option to the S3 IP finder, along with any applicable > configuration parameters. > [1] > http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingClientSideEncryption.html -- This message was sent by Atlassian JIRA (v7.6.3#76005)