[
https://issues.apache.org/jira/browse/NIFI-3594?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15982061#comment-15982061
]
ASF GitHub Bot commented on NIFI-3594:
--------------------------------------
Github user alopresto commented on a diff in the pull request:
https://github.com/apache/nifi/pull/1686#discussion_r113075785
--- Diff:
nifi-nar-bundles/nifi-provenance-repository-bundle/nifi-persistent-provenance-repository/src/test/groovy/org/apache/nifi/provenance/EncryptedSchemaRecordReaderWriterTest.groovy
---
@@ -0,0 +1,286 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.nifi.provenance
+
+import org.apache.nifi.flowfile.FlowFile
+import org.apache.nifi.provenance.serialization.RecordReader
+import org.apache.nifi.provenance.serialization.RecordWriter
+import org.apache.nifi.provenance.toc.StandardTocReader
+import org.apache.nifi.provenance.toc.StandardTocWriter
+import org.apache.nifi.provenance.toc.TocReader
+import org.apache.nifi.provenance.toc.TocUtil
+import org.apache.nifi.provenance.toc.TocWriter
+import org.apache.nifi.util.file.FileUtils
+import org.bouncycastle.jce.provider.BouncyCastleProvider
+import org.bouncycastle.util.encoders.Hex
+import org.junit.After
+import org.junit.AfterClass
+import org.junit.Before
+import org.junit.BeforeClass
+import org.junit.ClassRule
+import org.junit.Test
+import org.junit.rules.TemporaryFolder
+import org.junit.runner.RunWith
+import org.junit.runners.JUnit4
+import org.slf4j.Logger
+import org.slf4j.LoggerFactory
+
+import javax.crypto.Cipher
+import javax.crypto.spec.SecretKeySpec
+import java.security.KeyManagementException
+import java.security.Security
+import java.util.concurrent.atomic.AtomicLong
+
+import static groovy.test.GroovyAssert.shouldFail
+import static org.apache.nifi.provenance.TestUtil.createFlowFile
+
+@RunWith(JUnit4.class)
+class EncryptedSchemaRecordReaderWriterTest extends
AbstractTestRecordReaderWriter {
+ private static final Logger logger =
LoggerFactory.getLogger(EncryptedSchemaRecordReaderWriterTest.class)
+
+ private static final String KEY_HEX_128 =
"0123456789ABCDEFFEDCBA9876543210"
+ private static final String KEY_HEX_256 = KEY_HEX_128 * 2
+ private static final String KEY_HEX =
isUnlimitedStrengthCryptoAvailable() ? KEY_HEX_256 : KEY_HEX_128
+ private static final int IV_LENGTH = 16
+ private static final String KEY_ID = "K1"
+
+ private static final String TRANSIT_URI = "nifi://unit-test"
+ private static final String PROCESSOR_TYPE = "Mock Processor"
+ private static final String COMPONENT_ID = "1234"
+
+ private static final int UNCOMPRESSED_BLOCK_SIZE = 1024 * 32
+ private static final int MAX_ATTRIBUTE_SIZE = 2048
+
+ private static final AtomicLong idGenerator = new AtomicLong(0L)
+ private File journalFile
+ private File tocFile
+
+ private static KeyProvider mockKeyProvider
+ private static ProvenanceEventEncryptor provenanceEventEncryptor = new
AESProvenanceEventEncryptor()
+
+ @ClassRule
+ public static TemporaryFolder tempFolder = new TemporaryFolder()
+
+ private static String ORIGINAL_LOG_LEVEL
+
+ @BeforeClass
+ static void setUpOnce() throws Exception {
+ ORIGINAL_LOG_LEVEL =
System.getProperty("org.slf4j.simpleLogger.log.org.apache.nifi.provenance")
+
System.setProperty("org.slf4j.simpleLogger.log.org.apache.nifi.provenance",
"DEBUG")
+
+ Security.addProvider(new BouncyCastleProvider())
+
+ logger.metaClass.methodMissing = { String name, args ->
+ logger.info("[${name?.toUpperCase()}] ${(args as List).join("
")}")
+ }
+
+ mockKeyProvider = [
+ getKey : { String keyId ->
+ logger.mock("Requesting key ID: ${keyId}")
+ if (keyId == KEY_ID) {
+ new SecretKeySpec(Hex.decode(KEY_HEX), "AES")
+ } else {
+ throw new KeyManagementException("${keyId} is not
available")
+ }
+ },
+ getAvailableKeyIds: { ->
+ logger.mock("Available key IDs: [${KEY_ID}]")
+ [KEY_ID]
+ },
+ keyExists : { String keyId ->
+ logger.mock("Checking availability of key ID:
${keyId}")
+ keyId == KEY_ID
+ }] as KeyProvider
+ provenanceEventEncryptor.initialize(mockKeyProvider)
+//
--- End diff --
Yes. Thanks.
> Implement encrypted provenance repository
> -----------------------------------------
>
> Key: NIFI-3594
> URL: https://issues.apache.org/jira/browse/NIFI-3594
> Project: Apache NiFi
> Issue Type: Sub-task
> Components: Core Framework
> Affects Versions: 1.1.1
> Reporter: Andy LoPresto
> Assignee: Andy LoPresto
> Labels: encryption, provenance, repository
>
> I am going to start with the provenance repository, as the new implementation
> of {{WriteAheadProvenanceRepository}} has the most recent design decisions
> and has not been available in a released version yet, so there should be
> minimal backward compatibility concerns.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
