org.apache.hadoop.crypto.key

Class CachingKeyProvider

java.lang.Object

org.apache.hadoop.crypto.key.KeyProvider

org.apache.hadoop.crypto.key.KeyProviderExtension<org.apache.hadoop.crypto.key.CachingKeyProvider.CacheExtension>

org.apache.hadoop.crypto.key.CachingKeyProvider

public class CachingKeyProvider
extends KeyProviderExtension<org.apache.hadoop.crypto.key.CachingKeyProvider.CacheExtension>

A KeyProviderExtension implementation providing a short lived cache for KeyVersions and Metadatato avoid burst of requests to hit the underlying KeyProvider.

Nested Class Summary

Nested classes/interfaces inherited from class org.apache.hadoop.crypto.key.KeyProviderExtension

KeyProviderExtension.Extension

Nested classes/interfaces inherited from class org.apache.hadoop.crypto.key.KeyProvider

KeyProvider.KeyVersion, KeyProvider.Metadata, KeyProvider.Options

Field Summary

Fields inherited from class org.apache.hadoop.crypto.key.KeyProvider

DEFAULT_BITLENGTH, DEFAULT_BITLENGTH_NAME, DEFAULT_CIPHER, DEFAULT_CIPHER_NAME

Constructor Summary

Constructors

Constructor and Description
CachingKeyProvider(KeyProvider keyProvider, long keyTimeoutMillis, long currKeyTimeoutMillis)

Method Summary

Methods

Modifier and Type	Method and Description
void	deleteKey(String name) Delete the given key.
KeyProvider.KeyVersion	getCurrentKey(String name) Get the current version of the key, which should be used for encrypting new data.
KeyProvider.KeyVersion	getKeyVersion(String versionName) Get the key material for a specific version of the key.
KeyProvider.Metadata	getMetadata(String name) Get metadata about the key.
KeyProvider.KeyVersion	rollNewVersion(String name) Roll a new version of the given key generating the material for it.
KeyProvider.KeyVersion	rollNewVersion(String name, byte[] material) Roll a new version of the given key.

Methods inherited from class org.apache.hadoop.crypto.key.KeyProviderExtension

createKey, createKey, flush, getExtension, getKeyProvider, getKeys, getKeysMetadata, getKeyVersions, isTransient, toString

Methods inherited from class org.apache.hadoop.crypto.key.KeyProvider

buildVersionName, close, findProvider, generateKey, getBaseName, getConf, needsPassword, noPasswordError, noPasswordWarning, options

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

CachingKeyProvider

public CachingKeyProvider(KeyProvider keyProvider,
                  long keyTimeoutMillis,
                  long currKeyTimeoutMillis)

Method Detail

getCurrentKey

public KeyProvider.KeyVersion getCurrentKey(String name)
                                     throws IOException

Description copied from class: KeyProvider

Get the current version of the key, which should be used for encrypting new data.

Overrides:

getCurrentKey in class KeyProviderExtension<org.apache.hadoop.crypto.key.CachingKeyProvider.CacheExtension>

Parameters:

name - the base name of the key

Returns:

the version name of the current version of the key or null if the key version doesn't exist

Throws:

IOException

getKeyVersion

public KeyProvider.KeyVersion getKeyVersion(String versionName)
                                     throws IOException

Description copied from class: KeyProvider

Get the key material for a specific version of the key. This method is used when decrypting data.

Overrides:

getKeyVersion in class KeyProviderExtension<org.apache.hadoop.crypto.key.CachingKeyProvider.CacheExtension>

Parameters:

versionName - the name of a specific version of the key

Returns:

the key material

Throws:

IOException

deleteKey

public void deleteKey(String name)
               throws IOException

Description copied from class: KeyProvider

Delete the given key.

Overrides:

deleteKey in class KeyProviderExtension<org.apache.hadoop.crypto.key.CachingKeyProvider.CacheExtension>

Parameters:

name - the name of the key to delete

Throws:

IOException

rollNewVersion

public KeyProvider.KeyVersion rollNewVersion(String name,
                                    byte[] material)
                                      throws IOException

Description copied from class: KeyProvider

Roll a new version of the given key.

Overrides:

rollNewVersion in class KeyProviderExtension<org.apache.hadoop.crypto.key.CachingKeyProvider.CacheExtension>

Parameters:

name - the basename of the key

material - the new key material

Returns:

the name of the new version of the key

Throws:

IOException

rollNewVersion

public KeyProvider.KeyVersion rollNewVersion(String name)
                                      throws NoSuchAlgorithmException,
                                             IOException

Description copied from class: KeyProvider

Roll a new version of the given key generating the material for it.

This implementation generates the key material and calls the KeyProvider.rollNewVersion(String, byte[]) method.

Overrides:

rollNewVersion in class KeyProviderExtension<org.apache.hadoop.crypto.key.CachingKeyProvider.CacheExtension>

Parameters:

name - the basename of the key

Returns:

the name of the new version of the key

Throws:

IOException

NoSuchAlgorithmException

getMetadata

public KeyProvider.Metadata getMetadata(String name)
                                 throws IOException

Description copied from class: KeyProvider

Get metadata about the key.

Overrides:

getMetadata in class KeyProviderExtension<org.apache.hadoop.crypto.key.CachingKeyProvider.CacheExtension>

Parameters:

name - the basename of the key

Returns:

the key's metadata or null if the key doesn't exist

Throws:

IOException