You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-issues@hadoop.apache.org by "Yi Liu (JIRA)" <ji...@apache.org> on 2014/06/22 11:17:25 UTC
[jira] [Updated] (HADOOP-10693) Implementation of AES-CTR
CryptoCodec using JNI to OpenSSL
[ https://issues.apache.org/jira/browse/HADOOP-10693?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Yi Liu updated HADOOP-10693:
----------------------------
Attachment: HADOOP-10693.patch
The patch includes an {{OpenSSLCipher}} and implementation of AES-CTR CryptoCodec using {{OpenSSLCipher}}. The implementation requires shared library of libcrypto.
Recommend to use the latest OpenSSL version.
Support following options for build:
* -Dcrypto.prefix=
* -Dcrypto.lib=
* -Dcrypto.include=
* -Drequire.crypto
* -Dbundle.crypto
If specifying custom path, the shared library in custom path will be used instead of in system path.
> Implementation of AES-CTR CryptoCodec using JNI to OpenSSL
> ----------------------------------------------------------
>
> Key: HADOOP-10693
> URL: https://issues.apache.org/jira/browse/HADOOP-10693
> Project: Hadoop Common
> Issue Type: Sub-task
> Components: security
> Affects Versions: fs-encryption (HADOOP-10150 and HDFS-6134)
> Reporter: Yi Liu
> Assignee: Yi Liu
> Fix For: fs-encryption (HADOOP-10150 and HDFS-6134)
>
> Attachments: HADOOP-10693.patch
>
>
> In HADOOP-10603, we have an implementation of AES-CTR CryptoCodec using Java JCE provider.
> To get high performance, the configured JCE provider should utilize native code and AES-NI, but in JDK6,7 the Java embedded provider doesn't support it.
>
> Considering not all hadoop user will use the provider like Diceros or able to get signed certificate from oracle to develop a custom provider, so this JIRA will have an implementation of AES-CTR CryptoCodec using JNI to OpenSSL directly.
--
This message was sent by Atlassian JIRA
(v6.2#6252)