You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@orc.apache.org by omalley <gi...@git.apache.org> on 2018/03/07 22:26:55 UTC
[GitHub] orc pull request #227: ORC-318. Change KeyProvider API to separate createLoc...
GitHub user omalley opened a pull request:
https://github.com/apache/orc/pull/227
ORC-318. Change KeyProvider API to separate createLocalKey
Separate createLocalKey from decryptLocalKey in HadoopShims.KeyProvider.
It also:
- changes HadoopShims.KeyMetadata from an interface to a concrete class
- creates a NullKeyProvider for Hadoop versions < 2.7
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/omalley/orc orc-318
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/orc/pull/227.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #227
----
commit 58ed393f7b27f8589d4246e54a663b1ad866a413
Author: Owen O'Malley <om...@...>
Date: 2018-03-07T22:16:18Z
ORC-318. Change KeyProvider API to separate createLocalKey from decryptLocalKey.
----
---
[GitHub] orc issue #227: ORC-318. Change KeyProvider API to separate createLocalKey
Posted by omalley <gi...@git.apache.org>.
Github user omalley commented on the issue:
https://github.com/apache/orc/pull/227
Ok, I significantly updated this patch.
* I added tests for both the InMemoryKeyProvider and the Hadoop-based KeyProvider.
* I allowed the user to pass in a Random implementation for the KeyProvider. That allows me to control the random for tests.
* I added a lot of documentation about what I was doing and why.
* I fixed an issue where the HadoopShimsFactory wasn't creating the right version of the shim.
* I changed the InMemoryKeyProvider to use AES/CBC/NoPadding to encrypt and decrypt the local keys. Thus like the AWS KMS, the operations for encryption and decryption aren't symmetric.
---
[GitHub] orc pull request #227: ORC-318. Change KeyProvider API to separate createLoc...
Posted by asfgit <gi...@git.apache.org>.
Github user asfgit closed the pull request at:
https://github.com/apache/orc/pull/227
---