You are viewing a plain text version of this content. The canonical link for it is here.
Posted to hdfs-dev@hadoop.apache.org by "Bharat Viswanadham (Jira)" <ji...@apache.org> on 2019/11/20 06:10:00 UTC

[jira] [Resolved] (HDDS-2247) Delete FileEncryptionInfo from KeyInfo when a Key is deleted

     [ https://issues.apache.org/jira/browse/HDDS-2247?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Bharat Viswanadham resolved HDDS-2247.
--------------------------------------
    Fix Version/s: 0.5.0
       Resolution: Fixed

> Delete FileEncryptionInfo from KeyInfo when a Key is deleted
> ------------------------------------------------------------
>
>                 Key: HDDS-2247
>                 URL: https://issues.apache.org/jira/browse/HDDS-2247
>             Project: Hadoop Distributed Data Store
>          Issue Type: Sub-task
>            Reporter: Dinesh Chitlangia
>            Assignee: Dinesh Chitlangia
>            Priority: Major
>              Labels: pull-request-available
>             Fix For: 0.5.0
>
>          Time Spent: 20m
>  Remaining Estimate: 0h
>
> As part of HDDS-2174 we are deleting GDPR Encryption Key on delete file operation.
> However, if KMS is enabled, we are skipping GDPR Encryption Key approach when writing file in a GDPR enforced Bucket.
> {code:java}
> final FileEncryptionInfo feInfo = keyOutputStream.getFileEncryptionInfo();
>     if (feInfo != null) {
>       KeyProvider.KeyVersion decrypted = getDEK(feInfo);
>       final CryptoOutputStream cryptoOut =
>           new CryptoOutputStream(keyOutputStream,
>               OzoneKMSUtil.getCryptoCodec(conf, feInfo),
>               decrypted.getMaterial(), feInfo.getIV());
>       return new OzoneOutputStream(cryptoOut);
>     } else {
>       try{
>         GDPRSymmetricKey gk;
>         Map<String, String> openKeyMetadata =
>             openKey.getKeyInfo().getMetadata();
>         if(Boolean.valueOf(openKeyMetadata.get(OzoneConsts.GDPR_FLAG))){
>           gk = new GDPRSymmetricKey(
>               openKeyMetadata.get(OzoneConsts.GDPR_SECRET),
>               openKeyMetadata.get(OzoneConsts.GDPR_ALGORITHM)
>           );
>           gk.getCipher().init(Cipher.ENCRYPT_MODE, gk.getSecretKey());
>           return new OzoneOutputStream(
>               new CipherOutputStream(keyOutputStream, gk.getCipher()));
>         }
>       }catch (Exception ex){
>         throw new IOException(ex);
>       }
> {code}
> In such scenario, when KMS is enabled & GDPR enforced on a bucket, if user deletes a file, we should delete the {{FileEncryptionInfo}} from KeyInfo, before moving it to deletedTable, else we cannot guarantee Right to Erasure.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-dev-unsubscribe@hadoop.apache.org
For additional commands, e-mail: hdfs-dev-help@hadoop.apache.org