You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@accumulo.apache.org by ct...@apache.org on 2015/01/09 03:44:36 UTC
[32/66] [abbrv] accumulo git commit: ACCUMULO-3451 Format master
branch (1.7.0-SNAPSHOT)
http://git-wip-us.apache.org/repos/asf/accumulo/blob/6bc67602/core/src/main/java/org/apache/accumulo/core/security/crypto/CryptoModuleFactory.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/security/crypto/CryptoModuleFactory.java b/core/src/main/java/org/apache/accumulo/core/security/crypto/CryptoModuleFactory.java
index bca42c9..0a3f557 100644
--- a/core/src/main/java/org/apache/accumulo/core/security/crypto/CryptoModuleFactory.java
+++ b/core/src/main/java/org/apache/accumulo/core/security/crypto/CryptoModuleFactory.java
@@ -27,8 +27,8 @@ import org.apache.log4j.Logger;
/**
* This factory module exists to assist other classes in loading crypto modules.
- *
- *
+ *
+ *
*/
public class CryptoModuleFactory {
@@ -38,7 +38,7 @@ public class CryptoModuleFactory {
/**
* This method returns a crypto module based on settings in the given configuration parameter.
- *
+ *
* @return a class implementing the CryptoModule interface. It will *never* return null; rather, it will return a class which obeys the interface but makes no
* changes to the underlying data.
*/
http://git-wip-us.apache.org/repos/asf/accumulo/blob/6bc67602/core/src/main/java/org/apache/accumulo/core/security/crypto/CryptoModuleParameters.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/security/crypto/CryptoModuleParameters.java b/core/src/main/java/org/apache/accumulo/core/security/crypto/CryptoModuleParameters.java
index 244a877..573d64b 100644
--- a/core/src/main/java/org/apache/accumulo/core/security/crypto/CryptoModuleParameters.java
+++ b/core/src/main/java/org/apache/accumulo/core/security/crypto/CryptoModuleParameters.java
@@ -30,22 +30,22 @@ import javax.crypto.CipherOutputStream;
* This class defines several parameters needed by by a module providing cryptographic stream support in Accumulo. The following Javadoc details which
* parameters are used for which operations (encryption vs. decryption), which ones return values (i.e. are "out" parameters from the {@link CryptoModule}), and
* which ones are required versus optional in certain situations.
- *
+ *
* Most of the time, these classes can be constructed using
* {@link CryptoModuleFactory#createParamsObjectFromAccumuloConfiguration(org.apache.accumulo.core.conf.AccumuloConfiguration)}.
*/
public class CryptoModuleParameters {
-
+
/**
* Gets the name of the symmetric algorithm to use for encryption.
- *
+ *
* @see CryptoModuleParameters#setAlgorithmName(String)
*/
-
+
public String getAlgorithmName() {
return algorithmName;
}
-
+
/**
* Sets the name of the symmetric algorithm to use for an encryption stream.
* <p>
@@ -55,27 +55,27 @@ public class CryptoModuleParameters {
* For <b>encryption</b>, this value is <b>required</b> and is always used. Its value should be prepended or otherwise included with the ciphertext for future
* decryption. <br>
* For <b>decryption</b>, this value is often disregarded in favor of the value encoded with the ciphertext.
- *
+ *
* @param algorithmName
* the name of the cryptographic algorithm to use.
* @see <a href="http://docs.oracle.com/javase/1.5.0/docs/guide/security/jce/JCERefGuide.html#AppA">Standard Algorithm Names in JCE</a>
- *
+ *
*/
-
+
public void setAlgorithmName(String algorithmName) {
this.algorithmName = algorithmName;
}
-
+
/**
* Gets the name of the encryption mode to use for encryption.
- *
+ *
* @see CryptoModuleParameters#setEncryptionMode(String)
*/
-
+
public String getEncryptionMode() {
return encryptionMode;
}
-
+
/**
* Sets the name of the encryption mode to use for an encryption stream.
* <p>
@@ -85,27 +85,27 @@ public class CryptoModuleParameters {
* For <b>encryption</b>, this value is <b>required</b> and is always used. Its value should be prepended or otherwise included with the ciphertext for future
* decryption. <br>
* For <b>decryption</b>, this value is often disregarded in favor of the value encoded with the ciphertext.
- *
+ *
* @param encryptionMode
* the name of the encryption mode to use.
* @see <a href="http://docs.oracle.com/javase/1.5.0/docs/guide/security/jce/JCERefGuide.html#AppA">Standard Mode Names in JCE</a>
- *
+ *
*/
-
+
public void setEncryptionMode(String encryptionMode) {
this.encryptionMode = encryptionMode;
}
-
+
/**
* Gets the name of the padding type to use for encryption.
- *
+ *
* @see CryptoModuleParameters#setPadding(String)
*/
-
+
public String getPadding() {
return padding;
}
-
+
/**
* Sets the name of the padding type to use for an encryption stream.
* <p>
@@ -115,29 +115,29 @@ public class CryptoModuleParameters {
* For <b>encryption</b>, this value is <b>required</b> and is always used. Its value should be prepended or otherwise included with the ciphertext for future
* decryption. <br>
* For <b>decryption</b>, this value is often disregarded in favor of the value encoded with the ciphertext.
- *
+ *
* @param padding
* the name of the padding type to use.
* @see <a href="http://docs.oracle.com/javase/1.5.0/docs/guide/security/jce/JCERefGuide.html#AppA">Standard Padding Names in JCE</a>
- *
+ *
*/
public void setPadding(String padding) {
this.padding = padding;
}
-
+
/**
* Gets the plaintext secret key.
* <p>
* For <b>decryption</b>, this value is often the out parameter of using a secret key encryption strategy to decrypt an encrypted version of this secret key.
* (See {@link CryptoModuleParameters#setKeyEncryptionStrategyClass(String)}.)
- *
- *
+ *
+ *
* @see CryptoModuleParameters#setPlaintextKey(byte[])
*/
public byte[] getPlaintextKey() {
return plaintextKey;
}
-
+
/**
* Sets the plaintext secret key that will be used to encrypt and decrypt bytes.
* <p>
@@ -146,24 +146,24 @@ public class CryptoModuleParameters {
* For <b>encryption</b>, this value is <b>optional</b>. If it is not provided, it will be automatically generated by the underlying cryptographic module. <br>
* For <b>decryption</b>, this value is often obtained from the underlying cipher stream, or derived from the encrypted version of the key (see
* {@link CryptoModuleParameters#setEncryptedKey(byte[])}).
- *
+ *
* @param plaintextKey
* the value of the plaintext secret key
*/
-
+
public void setPlaintextKey(byte[] plaintextKey) {
this.plaintextKey = plaintextKey;
}
-
+
/**
* Gets the length of the secret key.
- *
+ *
* @see CryptoModuleParameters#setKeyLength(int)
*/
public int getKeyLength() {
return keyLength;
}
-
+
/**
* Sets the length of the secret key that will be used to encrypt and decrypt bytes.
* <p>
@@ -173,50 +173,50 @@ public class CryptoModuleParameters {
* For <b>encryption</b>, this value is <b>required if the secret key is not set</b>. <br>
* For <b>decryption</b>, this value is often obtained from the underlying cipher stream, or derived from the encrypted version of the key (see
* {@link CryptoModuleParameters#setEncryptedKey(byte[])}).
- *
+ *
* @param keyLength
* the length of the secret key to be generated
*/
-
+
public void setKeyLength(int keyLength) {
this.keyLength = keyLength;
}
-
+
/**
* Gets the random number generator name.
- *
+ *
* @see CryptoModuleParameters#setRandomNumberGenerator(String)
*/
-
+
public String getRandomNumberGenerator() {
return randomNumberGenerator;
}
-
+
/**
* Sets the name of the random number generator to use. The default for this for the baseline JCE implementation is "SHA1PRNG".
* <p>
- *
+ *
* <p>
* For <b>encryption</b>, this value is <b>required</b>. <br>
* For <b>decryption</b>, this value is often obtained from the underlying cipher stream.
- *
+ *
* @param randomNumberGenerator
* the name of the random number generator to use
*/
-
+
public void setRandomNumberGenerator(String randomNumberGenerator) {
this.randomNumberGenerator = randomNumberGenerator;
}
-
+
/**
* Gets the random number generator provider name.
- *
+ *
* @see CryptoModuleParameters#setRandomNumberGeneratorProvider(String)
*/
public String getRandomNumberGeneratorProvider() {
return randomNumberGeneratorProvider;
}
-
+
/**
* Sets the name of the random number generator provider to use. The default for this for the baseline JCE implementation is "SUN".
* <p>
@@ -224,55 +224,55 @@ public class CryptoModuleParameters {
* <p>
* For <b>encryption</b>, this value is <b>required</b>. <br>
* For <b>decryption</b>, this value is often obtained from the underlying cipher stream.
- *
+ *
* @param randomNumberGeneratorProvider
* the name of the provider to use
*/
-
+
public void setRandomNumberGeneratorProvider(String randomNumberGeneratorProvider) {
this.randomNumberGeneratorProvider = randomNumberGeneratorProvider;
}
-
+
/**
* Gets the key encryption strategy class.
- *
+ *
* @see CryptoModuleParameters#setKeyEncryptionStrategyClass(String)
*/
-
+
public String getKeyEncryptionStrategyClass() {
return keyEncryptionStrategyClass;
}
-
+
/**
* Sets the class name of the key encryption strategy class. The class obeys the {@link SecretKeyEncryptionStrategy} interface. It instructs the
* {@link DefaultCryptoModule} on how to encrypt the keys it uses to secure the streams.
* <p>
- * The default implementation of this interface, {@link CachingHDFSSecretKeyEncryptionStrategy}, creates a random key encryption key (KEK) as another symmetric
- * key and places the KEK into HDFS. <i>This is not really very secure.</i> Users of the crypto modules are encouraged to either safeguard that KEK carefully
- * or to obtain and use another {@link SecretKeyEncryptionStrategy} class.
+ * The default implementation of this interface, {@link CachingHDFSSecretKeyEncryptionStrategy}, creates a random key encryption key (KEK) as another
+ * symmetric key and places the KEK into HDFS. <i>This is not really very secure.</i> Users of the crypto modules are encouraged to either safeguard that KEK
+ * carefully or to obtain and use another {@link SecretKeyEncryptionStrategy} class.
* <p>
* For <b>encryption</b>, this value is <b>optional</b>. If it is not specified, then it assumed that the secret keys used for encrypting files will not be
* encrypted. This is not a secure approach, thus setting this is highly recommended.<br>
* For <b>decryption</b>, this value is often obtained from the underlying cipher stream. However, the underlying stream's value can be overridden (at least
* when using {@link DefaultCryptoModule}) by setting the {@link CryptoModuleParameters#setOverrideStreamsSecretKeyEncryptionStrategy(boolean)} to true.
- *
+ *
* @param keyEncryptionStrategyClass
* the name of the key encryption strategy class to use
*/
public void setKeyEncryptionStrategyClass(String keyEncryptionStrategyClass) {
this.keyEncryptionStrategyClass = keyEncryptionStrategyClass;
}
-
+
/**
* Gets the encrypted version of the plaintext key. This parameter is generally either obtained from an underlying stream or computed in the process of
* employed the {@link CryptoModuleParameters#getKeyEncryptionStrategyClass()}.
- *
+ *
* @see CryptoModuleParameters#setEncryptedKey(byte[])
*/
public byte[] getEncryptedKey() {
return encryptedKey;
}
-
+
/**
* Sets the encrypted version of the plaintext key ({@link CryptoModuleParameters#getPlaintextKey()}). Generally this operation will be done either by:
* <p>
@@ -284,25 +284,25 @@ public class CryptoModuleParameters {
* <p>
* For <b>encryption</b>, this value is generally not required, but is usually set by the underlying module during encryption. <br>
* For <b>decryption</b>, this value is <b>usually required</b>.
- *
- *
+ *
+ *
* @param encryptedKey
* the encrypted value of the plaintext key
*/
-
+
public void setEncryptedKey(byte[] encryptedKey) {
this.encryptedKey = encryptedKey;
}
-
+
/**
* Gets the opaque ID associated with the encrypted version of the plaintext key.
- *
+ *
* @see CryptoModuleParameters#setOpaqueKeyEncryptionKeyID(String)
*/
public String getOpaqueKeyEncryptionKeyID() {
return opaqueKeyEncryptionKeyID;
}
-
+
/**
* Sets an opaque ID assocaited with the encrypted version of the plaintext key.
* <p>
@@ -315,259 +315,259 @@ public class CryptoModuleParameters {
* For <b>encryption</b>, this value is generally not required, but will be typically generated and set by the {@link SecretKeyEncryptionStrategy} class (see
* {@link CryptoModuleParameters#getKeyEncryptionStrategyClass()}). <br>
* For <b>decryption</b>, this value is <b>required</b>, though it will typically be read from the underlying stream.
- *
+ *
* @param opaqueKeyEncryptionKeyID
* the opaque ID assoicated with the encrypted version of the plaintext key (see {@link CryptoModuleParameters#getEncryptedKey()}).
*/
-
+
public void setOpaqueKeyEncryptionKeyID(String opaqueKeyEncryptionKeyID) {
this.opaqueKeyEncryptionKeyID = opaqueKeyEncryptionKeyID;
}
-
+
/**
* Gets the flag that indicates whether or not the module should record its cryptographic parameters to the stream automatically, or rely on the calling code
* to do so.
- *
+ *
* @see CryptoModuleParameters#setRecordParametersToStream(boolean)
*/
public boolean getRecordParametersToStream() {
return recordParametersToStream;
}
-
+
/**
* Gets the flag that indicates whether or not the module should record its cryptographic parameters to the stream automatically, or rely on the calling code
* to do so.
- *
+ *
* <p>
- *
+ *
* If this is set to <i>true</i>, then the stream passed to {@link CryptoModule#getEncryptingOutputStream(CryptoModuleParameters)} will be <i>written to by
* the module</i> before it is returned to the caller. There are situations where it is easier to let the crypto module do this writing on behalf of the
* caller, and other times where it is not appropriate (if the format of the underlying stream must be carefully maintained, for instance).
- *
+ *
* @param recordParametersToStream
* whether or not to require the module to record its parameters to the stream by itself
*/
public void setRecordParametersToStream(boolean recordParametersToStream) {
this.recordParametersToStream = recordParametersToStream;
}
-
+
/**
* Gets the flag that indicates whether or not to close the underlying stream when the cipher stream is closed.
- *
+ *
* @see CryptoModuleParameters#setCloseUnderylingStreamAfterCryptoStreamClose(boolean)
*/
public boolean getCloseUnderylingStreamAfterCryptoStreamClose() {
return closeUnderylingStreamAfterCryptoStreamClose;
}
-
+
/**
* Sets the flag that indicates whether or not to close the underlying stream when the cipher stream is closed.
- *
+ *
* <p>
- *
+ *
* {@link CipherOutputStream} will only output its padding bytes when its {@link CipherOutputStream#close()} method is called. However, there are times when a
* caller doesn't want its underlying stream closed at the time that the {@link CipherOutputStream} is closed. This flag indicates that the
* {@link CryptoModule} should wrap the underlying stream in a basic {@link FilterOutputStream} which will swallow any close() calls and prevent them from
* propogating to the underlying stream.
- *
+ *
* @param closeUnderylingStreamAfterCryptoStreamClose
* the flag that indicates whether or not to close the underlying stream when the cipher stream is closed
*/
public void setCloseUnderylingStreamAfterCryptoStreamClose(boolean closeUnderylingStreamAfterCryptoStreamClose) {
this.closeUnderylingStreamAfterCryptoStreamClose = closeUnderylingStreamAfterCryptoStreamClose;
}
-
+
/**
* Gets the flag that indicates if the underlying stream's key encryption strategy should be overridden by the currently configured key encryption strategy.
- *
+ *
* @see CryptoModuleParameters#setOverrideStreamsSecretKeyEncryptionStrategy(boolean)
*/
public boolean getOverrideStreamsSecretKeyEncryptionStrategy() {
return overrideStreamsSecretKeyEncryptionStrategy;
}
-
+
/**
* Sets the flag that indicates if the underlying stream's key encryption strategy should be overridden by the currently configured key encryption strategy.
- *
+ *
* <p>
- *
+ *
* So, why is this important? Say you started out with the default secret key encryption strategy. So, now you have a secret key in HDFS that encrypts all the
* other secret keys. <i>Then</i> you deploy a key management solution. You want to move that secret key up to the key management server. Great! No problem.
* Except, all your encrypted files now contain a setting that says
* "hey I was encrypted by the default strategy, so find decrypt my key using that, not the key management server". This setting signals the
* {@link CryptoModule} that it should ignore the setting in the file and prefer the one from the configuration.
- *
+ *
* @param overrideStreamsSecretKeyEncryptionStrategy
* the flag that indicates if the underlying stream's key encryption strategy should be overridden by the currently configured key encryption
* strategy
*/
-
+
public void setOverrideStreamsSecretKeyEncryptionStrategy(boolean overrideStreamsSecretKeyEncryptionStrategy) {
this.overrideStreamsSecretKeyEncryptionStrategy = overrideStreamsSecretKeyEncryptionStrategy;
}
-
+
/**
* Gets the plaintext output stream to wrap for encryption.
- *
+ *
* @see CryptoModuleParameters#setPlaintextOutputStream(OutputStream)
*/
public OutputStream getPlaintextOutputStream() {
return plaintextOutputStream;
}
-
+
/**
* Sets the plaintext output stream to wrap for encryption.
- *
+ *
* <p>
- *
+ *
* For <b>encryption</b>, this parameter is <b>required</b>. <br>
* For <b>decryption</b>, this parameter is ignored.
*/
public void setPlaintextOutputStream(OutputStream plaintextOutputStream) {
this.plaintextOutputStream = plaintextOutputStream;
}
-
+
/**
* Gets the encrypted output stream, which is nearly always a wrapped version of the output stream from
* {@link CryptoModuleParameters#getPlaintextOutputStream()}.
- *
+ *
* <p>
- *
+ *
* Generally this method is used by {@link CryptoModule} classes as an <i>out</i> parameter from calling
* {@link CryptoModule#getEncryptingOutputStream(CryptoModuleParameters)}.
- *
+ *
* @see CryptoModuleParameters#setEncryptedOutputStream(OutputStream)
*/
-
+
public OutputStream getEncryptedOutputStream() {
return encryptedOutputStream;
}
-
+
/**
* Sets the encrypted output stream. This method should really only be called by {@link CryptoModule} implementations unless something very unusual is going
* on.
- *
+ *
* @param encryptedOutputStream
* the encrypted version of the stream from output stream from {@link CryptoModuleParameters#getPlaintextOutputStream()}.
*/
public void setEncryptedOutputStream(OutputStream encryptedOutputStream) {
this.encryptedOutputStream = encryptedOutputStream;
}
-
+
/**
* Gets the plaintext input stream, which is nearly always a wrapped version of the output from {@link CryptoModuleParameters#getEncryptedInputStream()}.
- *
+ *
* <p>
- *
+ *
* Generally this method is used by {@link CryptoModule} classes as an <i>out</i> parameter from calling
* {@link CryptoModule#getDecryptingInputStream(CryptoModuleParameters)}.
- *
- *
+ *
+ *
* @see CryptoModuleParameters#setPlaintextInputStream(InputStream)
*/
public InputStream getPlaintextInputStream() {
return plaintextInputStream;
}
-
+
/**
* Sets the plaintext input stream, which is nearly always a wrapped version of the output from {@link CryptoModuleParameters#getEncryptedInputStream()}.
- *
+ *
* <p>
- *
+ *
* This method should really only be called by {@link CryptoModule} implementations.
*/
-
+
public void setPlaintextInputStream(InputStream plaintextInputStream) {
this.plaintextInputStream = plaintextInputStream;
}
-
+
/**
* Gets the encrypted input stream to wrap for decryption.
- *
+ *
* @see CryptoModuleParameters#setEncryptedInputStream(InputStream)
*/
public InputStream getEncryptedInputStream() {
return encryptedInputStream;
}
-
+
/**
* Sets the encrypted input stream to wrap for decryption.
*/
-
+
public void setEncryptedInputStream(InputStream encryptedInputStream) {
this.encryptedInputStream = encryptedInputStream;
}
-
+
/**
* Gets the initialized cipher object.
- *
- *
+ *
+ *
* @see CryptoModuleParameters#setCipher(Cipher)
*/
public Cipher getCipher() {
return cipher;
}
-
+
/**
* Sets the initialized cipher object. Generally speaking, callers do not have to create and set this object. There may be circumstances where the cipher
* object is created outside of the module (to determine IV lengths, for one). If it is created and you want the module to use the cipher you already
* initialized, set it here.
- *
+ *
* @param cipher
* the cipher object
*/
public void setCipher(Cipher cipher) {
this.cipher = cipher;
}
-
+
/**
* Gets the initialized secure random object.
- *
+ *
* @see CryptoModuleParameters#setSecureRandom(SecureRandom)
*/
public SecureRandom getSecureRandom() {
return secureRandom;
}
-
+
/**
* Sets the initialized secure random object. Generally speaking, callers do not have to create and set this object. There may be circumstances where the
* random object is created outside of the module (for instance, to create a random secret key). If it is created outside the module and you want the module
* to use the random object you already created, set it here.
- *
+ *
* @param secureRandom
* the {@link SecureRandom} object
*/
-
+
public void setSecureRandom(SecureRandom secureRandom) {
this.secureRandom = secureRandom;
}
-
+
/**
* Gets the initialization vector to use for this crypto module.
- *
+ *
* @see CryptoModuleParameters#setInitializationVector(byte[])
*/
public byte[] getInitializationVector() {
return initializationVector;
}
-
+
/**
* Sets the initialization vector to use for this crypto module.
- *
+ *
* <p>
- *
+ *
* For <b>encryption</b>, this parameter is <i>optional</i>. If the initialization vector is created by the caller, for whatever reasons, it can be set here
* and the crypto module will use it. <br>
- *
+ *
* For <b>decryption</b>, this parameter is <b>required</b>. It should be read from the underlying stream that contains the encrypted data.
- *
+ *
* @param initializationVector
* the initialization vector to use for this crypto operation.
*/
public void setInitializationVector(byte[] initializationVector) {
this.initializationVector = initializationVector;
}
-
+
/**
* Gets the size of the buffering stream that sits above the cipher stream
*/
@@ -584,29 +584,29 @@ public class CryptoModuleParameters {
/**
* Gets the overall set of options for the {@link CryptoModule}.
- *
+ *
* @see CryptoModuleParameters#setAllOptions(Map)
*/
public Map<String,String> getAllOptions() {
return allOptions;
}
-
+
/**
* Sets the overall set of options for the {@link CryptoModule}.
- *
+ *
* <p>
- *
+ *
* Often, options for the cryptographic modules will be encoded as key/value pairs in a configuration file. This map represents those values. It may include
* some of the parameters already called out as members of this class. It may contain any number of additional parameters which may be required by different
* module or key encryption strategy implementations.
- *
+ *
* @param allOptions
* the set of key/value pairs that confiure a module, based on a configuration file
*/
public void setAllOptions(Map<String,String> allOptions) {
this.allOptions = allOptions;
}
-
+
private String algorithmName = null;
private String encryptionMode = null;
private String padding = null;
@@ -614,24 +614,24 @@ public class CryptoModuleParameters {
private int keyLength = 0;
private String randomNumberGenerator = null;
private String randomNumberGeneratorProvider = null;
-
+
private String keyEncryptionStrategyClass;
private byte[] encryptedKey;
private String opaqueKeyEncryptionKeyID;
-
+
private boolean recordParametersToStream = true;
private boolean closeUnderylingStreamAfterCryptoStreamClose = true;
private boolean overrideStreamsSecretKeyEncryptionStrategy = false;
-
+
private OutputStream plaintextOutputStream;
private OutputStream encryptedOutputStream;
private InputStream plaintextInputStream;
private InputStream encryptedInputStream;
-
+
private Cipher cipher;
private SecureRandom secureRandom;
private byte[] initializationVector;
-
+
private Map<String,String> allOptions;
private int blockStreamSize;
}
http://git-wip-us.apache.org/repos/asf/accumulo/blob/6bc67602/core/src/main/java/org/apache/accumulo/core/security/crypto/DefaultCryptoModule.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/security/crypto/DefaultCryptoModule.java b/core/src/main/java/org/apache/accumulo/core/security/crypto/DefaultCryptoModule.java
index 1e21535..bde5e64 100644
--- a/core/src/main/java/org/apache/accumulo/core/security/crypto/DefaultCryptoModule.java
+++ b/core/src/main/java/org/apache/accumulo/core/security/crypto/DefaultCryptoModule.java
@@ -38,39 +38,37 @@ import org.apache.accumulo.core.conf.Property;
import org.apache.log4j.Logger;
/**
- * This class implements the {@link CryptoModule} interface, defining how calling applications can receive encrypted
- * input and output streams. While the default implementation given here allows for a lot of flexibility in terms of
- * choices of algorithm, key encryption strategies, and so on, some Accumulo users may choose to swap out this implementation
- * for others, and can base their implementation details off of this class's work.
- *
- * In general, the module is quite straightforward: provide it with crypto-related settings and an input/output stream, and
- * it will hand back those streams wrapped in encrypting (or decrypting) streams.
- *
+ * This class implements the {@link CryptoModule} interface, defining how calling applications can receive encrypted input and output streams. While the default
+ * implementation given here allows for a lot of flexibility in terms of choices of algorithm, key encryption strategies, and so on, some Accumulo users may
+ * choose to swap out this implementation for others, and can base their implementation details off of this class's work.
+ *
+ * In general, the module is quite straightforward: provide it with crypto-related settings and an input/output stream, and it will hand back those streams
+ * wrapped in encrypting (or decrypting) streams.
+ *
*/
public class DefaultCryptoModule implements CryptoModule {
-
+
private static final String ENCRYPTION_HEADER_MARKER_V1 = "---Log File Encrypted (v1)---";
private static final String ENCRYPTION_HEADER_MARKER_V2 = "---Log File Encrypted (v2)---";
private static final Logger log = Logger.getLogger(DefaultCryptoModule.class);
-
+
public DefaultCryptoModule() {}
-
-
+
@Override
public CryptoModuleParameters initializeCipher(CryptoModuleParameters params) {
- String cipherTransformation = getCipherTransformation(params);
-
+ String cipherTransformation = getCipherTransformation(params);
+
log.trace(String.format("Using cipher suite \"%s\" with key length %d with RNG \"%s\" and RNG provider \"%s\" and key encryption strategy \"%s\"",
cipherTransformation, params.getKeyLength(), params.getRandomNumberGenerator(), params.getRandomNumberGeneratorProvider(),
params.getKeyEncryptionStrategyClass()));
-
+
if (params.getSecureRandom() == null) {
SecureRandom secureRandom = DefaultCryptoModuleUtils.getSecureRandom(params.getRandomNumberGenerator(), params.getRandomNumberGeneratorProvider());
params.setSecureRandom(secureRandom);
}
-
+
Cipher cipher = DefaultCryptoModuleUtils.getCipher(cipherTransformation);
-
+
if (params.getInitializationVector() == null) {
try {
cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(params.getPlaintextKey(), params.getAlgorithmName()), params.getSecureRandom());
@@ -78,13 +76,13 @@ public class DefaultCryptoModule implements CryptoModule {
log.error("Accumulo encountered an unknown error in generating the secret key object (SecretKeySpec) for an encrypted stream");
throw new RuntimeException(e);
}
-
+
params.setInitializationVector(cipher.getIV());
-
-
+
} else {
try {
- cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(params.getPlaintextKey(), params.getAlgorithmName()), new IvParameterSpec(params.getInitializationVector()));
+ cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(params.getPlaintextKey(), params.getAlgorithmName()),
+ new IvParameterSpec(params.getInitializationVector()));
} catch (InvalidKeyException e) {
log.error("Accumulo encountered an unknown error in generating the secret key object (SecretKeySpec) for an encrypted stream");
throw new RuntimeException(e);
@@ -95,27 +93,27 @@ public class DefaultCryptoModule implements CryptoModule {
}
params.setCipher(cipher);
-
+
return params;
-
+
}
private String getCipherTransformation(CryptoModuleParameters params) {
String cipherSuite = params.getAlgorithmName() + "/" + params.getEncryptionMode() + "/" + params.getPadding();
return cipherSuite;
}
-
+
private String[] parseCipherSuite(String cipherSuite) {
return cipherSuite.split("/");
}
-
+
private boolean validateNotEmpty(String givenValue, boolean allIsWell, StringBuffer buf, String errorMessage) {
if (givenValue == null || givenValue.equals("")) {
buf.append(errorMessage);
buf.append("\n");
return false;
}
-
+
return true && allIsWell;
}
@@ -125,120 +123,118 @@ public class DefaultCryptoModule implements CryptoModule {
buf.append("\n");
return false;
}
-
+
return true && allIsWell;
}
-
private boolean validateNotZero(int givenValue, boolean allIsWell, StringBuffer buf, String errorMessage) {
if (givenValue == 0) {
buf.append(errorMessage);
buf.append("\n");
return false;
}
-
+
return true && allIsWell;
}
private boolean validateParamsObject(CryptoModuleParameters params, int cipherMode) {
-
+
if (cipherMode == Cipher.ENCRYPT_MODE) {
-
- StringBuffer errorBuf = new StringBuffer("The following problems were found with the CryptoModuleParameters object you provided for an encrypt operation:\n");
+
+ StringBuffer errorBuf = new StringBuffer(
+ "The following problems were found with the CryptoModuleParameters object you provided for an encrypt operation:\n");
boolean allIsWell = true;
-
+
allIsWell = validateNotEmpty(params.getAlgorithmName(), allIsWell, errorBuf, "No algorithm name was specified.");
-
+
if (allIsWell && params.getAlgorithmName().equals("NullCipher")) {
return true;
}
-
- allIsWell = validateNotEmpty(params.getPadding(), allIsWell, errorBuf, "No padding was specified.");
- allIsWell = validateNotZero (params.getKeyLength(), allIsWell, errorBuf, "No key length was specified.");
- allIsWell = validateNotEmpty(params.getEncryptionMode(), allIsWell, errorBuf, "No encryption mode was specified.");
- allIsWell = validateNotEmpty(params.getRandomNumberGenerator(), allIsWell, errorBuf, "No random number generator was specified.");
+
+ allIsWell = validateNotEmpty(params.getPadding(), allIsWell, errorBuf, "No padding was specified.");
+ allIsWell = validateNotZero(params.getKeyLength(), allIsWell, errorBuf, "No key length was specified.");
+ allIsWell = validateNotEmpty(params.getEncryptionMode(), allIsWell, errorBuf, "No encryption mode was specified.");
+ allIsWell = validateNotEmpty(params.getRandomNumberGenerator(), allIsWell, errorBuf, "No random number generator was specified.");
allIsWell = validateNotEmpty(params.getRandomNumberGeneratorProvider(), allIsWell, errorBuf, "No random number generate provider was specified.");
- allIsWell = validateNotNull (params.getPlaintextOutputStream(), allIsWell, errorBuf, "No plaintext output stream was specified.");
+ allIsWell = validateNotNull(params.getPlaintextOutputStream(), allIsWell, errorBuf, "No plaintext output stream was specified.");
if (!allIsWell) {
log.error("CryptoModulesParameters object is not valid.");
log.error(errorBuf.toString());
throw new RuntimeException("CryptoModulesParameters object is not valid.");
}
-
+
return allIsWell;
-
+
} else if (cipherMode == Cipher.DECRYPT_MODE) {
- StringBuffer errorBuf = new StringBuffer("The following problems were found with the CryptoModuleParameters object you provided for a decrypt operation:\n");
+ StringBuffer errorBuf = new StringBuffer(
+ "The following problems were found with the CryptoModuleParameters object you provided for a decrypt operation:\n");
boolean allIsWell = true;
- allIsWell = validateNotEmpty(params.getPadding(), allIsWell, errorBuf, "No padding was specified.");
- allIsWell = validateNotZero (params.getKeyLength(), allIsWell, errorBuf, "No key length was specified.");
- allIsWell = validateNotEmpty(params.getEncryptionMode(), allIsWell, errorBuf, "No encryption mode was specified.");
- allIsWell = validateNotEmpty(params.getRandomNumberGenerator(), allIsWell, errorBuf, "No random number generator was specified.");
+ allIsWell = validateNotEmpty(params.getPadding(), allIsWell, errorBuf, "No padding was specified.");
+ allIsWell = validateNotZero(params.getKeyLength(), allIsWell, errorBuf, "No key length was specified.");
+ allIsWell = validateNotEmpty(params.getEncryptionMode(), allIsWell, errorBuf, "No encryption mode was specified.");
+ allIsWell = validateNotEmpty(params.getRandomNumberGenerator(), allIsWell, errorBuf, "No random number generator was specified.");
allIsWell = validateNotEmpty(params.getRandomNumberGeneratorProvider(), allIsWell, errorBuf, "No random number generate provider was specified.");
- allIsWell = validateNotNull (params.getEncryptedInputStream(), allIsWell, errorBuf, "No encrypted input stream was specified.");
- allIsWell = validateNotNull (params.getInitializationVector(), allIsWell, errorBuf, "No initialization vector was specified.");
- allIsWell = validateNotNull (params.getEncryptedKey(), allIsWell, errorBuf, "No encrypted key was specified.");
-
+ allIsWell = validateNotNull(params.getEncryptedInputStream(), allIsWell, errorBuf, "No encrypted input stream was specified.");
+ allIsWell = validateNotNull(params.getInitializationVector(), allIsWell, errorBuf, "No initialization vector was specified.");
+ allIsWell = validateNotNull(params.getEncryptedKey(), allIsWell, errorBuf, "No encrypted key was specified.");
+
if (params.getKeyEncryptionStrategyClass() != null && !params.getKeyEncryptionStrategyClass().equals("NullSecretKeyEncryptionStrategy")) {
allIsWell = validateNotEmpty(params.getOpaqueKeyEncryptionKeyID(), allIsWell, errorBuf, "No opqaue key encryption ID was specified.");
}
-
-
+
if (!allIsWell) {
log.error("CryptoModulesParameters object is not valid.");
log.error(errorBuf.toString());
throw new RuntimeException("CryptoModulesParameters object is not valid.");
}
-
+
return allIsWell;
-
- }
-
+
+ }
+
return false;
}
-
-
+
@Override
public CryptoModuleParameters getEncryptingOutputStream(CryptoModuleParameters params) throws IOException {
-
+
log.trace("Initializing crypto output stream (new style)");
-
+
boolean allParamsOK = validateParamsObject(params, Cipher.ENCRYPT_MODE);
if (!allParamsOK) {
// This would be weird because the above call should throw an exception, but if they don't we'll check and throw.
-
+
log.error("CryptoModuleParameters was not valid.");
throw new RuntimeException("Invalid CryptoModuleParameters");
}
-
-
+
// If they want a null output stream, just return their plaintext stream as the encrypted stream
if (params.getAlgorithmName().equals("NullCipher")) {
params.setEncryptedOutputStream(params.getPlaintextOutputStream());
return params;
}
-
+
// Get the secret key
-
+
SecureRandom secureRandom = DefaultCryptoModuleUtils.getSecureRandom(params.getRandomNumberGenerator(), params.getRandomNumberGeneratorProvider());
-
+
if (params.getPlaintextKey() == null) {
byte[] randomKey = new byte[params.getKeyLength() / 8];
secureRandom.nextBytes(randomKey);
params.setPlaintextKey(randomKey);
}
-
+
// Encrypt the secret key
-
+
SecretKeyEncryptionStrategy keyEncryptionStrategy = CryptoModuleFactory.getSecretKeyEncryptionStrategy(params.getKeyEncryptionStrategyClass());
params = keyEncryptionStrategy.encryptSecretKey(params);
-
- // Now the encrypted version of the key and any opaque ID are within the params object. Initialize the cipher.
-
+
+ // Now the encrypted version of the key and any opaque ID are within the params object. Initialize the cipher.
+
// Check if the caller wants us to close the downstream stream when close() is called on the
- // cipher object. Calling close() on a CipherOutputStream is necessary for it to write out
+ // cipher object. Calling close() on a CipherOutputStream is necessary for it to write out
// padding bytes.
if (!params.getCloseUnderylingStreamAfterCryptoStreamClose()) {
params.setPlaintextOutputStream(new DiscardCloseOutputStream(params.getPlaintextOutputStream()));
@@ -253,20 +249,19 @@ public class DefaultCryptoModule implements CryptoModule {
if (0 == cipher.getBlockSize()) {
throw new RuntimeException("Encryption cipher must be a block cipher");
}
-
+
CipherOutputStream cipherOutputStream = new CipherOutputStream(params.getPlaintextOutputStream(), cipher);
BlockedOutputStream blockedOutputStream = new BlockedOutputStream(cipherOutputStream, cipher.getBlockSize(), params.getBlockStreamSize());
params.setEncryptedOutputStream(blockedOutputStream);
-
+
if (params.getRecordParametersToStream()) {
DataOutputStream dataOut = new DataOutputStream(params.getPlaintextOutputStream());
-
+
// Write a marker to indicate this is an encrypted log file (in case we read it a plain one and need to
- // not try to decrypt it. Can happen during a failure when the log's encryption settings are changing.
+ // not try to decrypt it. Can happen during a failure when the log's encryption settings are changing.
dataOut.writeUTF(ENCRYPTION_HEADER_MARKER_V2);
-
-
+
// Write out all the parameters
dataOut.writeInt(params.getAllOptions().size());
for (String key : params.getAllOptions().keySet()) {
@@ -278,43 +273,43 @@ public class DefaultCryptoModule implements CryptoModule {
// decode the old format.
dataOut.writeUTF(getCipherTransformation(params));
dataOut.writeUTF(params.getAlgorithmName());
-
+
// Write the init vector to the log file
dataOut.writeInt(params.getInitializationVector().length);
dataOut.write(params.getInitializationVector());
-
+
// Write out the encrypted session key and the opaque ID
dataOut.writeUTF(params.getOpaqueKeyEncryptionKeyID());
dataOut.writeInt(params.getEncryptedKey().length);
dataOut.write(params.getEncryptedKey());
dataOut.writeInt(params.getBlockStreamSize());
}
-
+
return params;
}
-
+
@Override
public CryptoModuleParameters getDecryptingInputStream(CryptoModuleParameters params) throws IOException {
log.trace("About to initialize decryption stream (new style)");
-
+
if (params.getRecordParametersToStream()) {
DataInputStream dataIn = new DataInputStream(params.getEncryptedInputStream());
log.trace("About to read encryption parameters from underlying stream");
-
+
String marker = dataIn.readUTF();
if (marker.equals(ENCRYPTION_HEADER_MARKER_V1) || marker.equals(ENCRYPTION_HEADER_MARKER_V2)) {
-
- Map<String, String> paramsFromFile = new HashMap<String, String>();
-
+
+ Map<String,String> paramsFromFile = new HashMap<String,String>();
+
// Read in the bulk of parameters
int paramsCount = dataIn.readInt();
for (int i = 0; i < paramsCount; i++) {
String key = dataIn.readUTF();
String value = dataIn.readUTF();
-
+
paramsFromFile.put(key, value);
}
-
+
// Set the cipher parameters
String cipherSuiteFromFile = dataIn.readUTF();
String algorithmNameFromFile = dataIn.readUTF();
@@ -322,25 +317,23 @@ public class DefaultCryptoModule implements CryptoModule {
params.setAlgorithmName(algorithmNameFromFile);
params.setEncryptionMode(cipherSuiteParts[1]);
params.setPadding(cipherSuiteParts[2]);
-
-
+
// Read the secret key and initialization vector from the file
int initVectorLength = dataIn.readInt();
byte[] initVector = new byte[initVectorLength];
dataIn.readFully(initVector);
-
+
params.setInitializationVector(initVector);
-
+
// Read the opaque ID and encrypted session key
String opaqueId = dataIn.readUTF();
params.setOpaqueKeyEncryptionKeyID(opaqueId);
-
+
int encryptedSecretKeyLength = dataIn.readInt();
- byte[] encryptedSecretKey = new byte[encryptedSecretKeyLength];
+ byte[] encryptedSecretKey = new byte[encryptedSecretKeyLength];
dataIn.readFully(encryptedSecretKey);
params.setEncryptedKey(encryptedSecretKey);
-
-
+
if (params.getOverrideStreamsSecretKeyEncryptionStrategy()) {
// Merge in options from file selectively
for (String name : paramsFromFile.keySet()) {
@@ -352,62 +345,63 @@ public class DefaultCryptoModule implements CryptoModule {
} else {
params = CryptoModuleFactory.fillParamsObjectFromStringMap(params, paramsFromFile);
}
-
+
SecretKeyEncryptionStrategy keyEncryptionStrategy = CryptoModuleFactory.getSecretKeyEncryptionStrategy(params.getKeyEncryptionStrategyClass());
-
+
params = keyEncryptionStrategy.decryptSecretKey(params);
-
+
if (marker.equals(ENCRYPTION_HEADER_MARKER_V2))
params.setBlockStreamSize(dataIn.readInt());
else
params.setBlockStreamSize(0);
} else {
-
+
log.trace("Read something off of the encrypted input stream that was not the encryption header marker, so pushing back bytes and returning the given stream");
// Push these bytes back on to the stream. This method is a bit roundabout but isolates our code
// from having to understand the format that DataOuputStream uses for its bytes.
ByteArrayOutputStream tempByteOut = new ByteArrayOutputStream();
DataOutputStream tempOut = new DataOutputStream(tempByteOut);
tempOut.writeUTF(marker);
-
+
byte[] bytesToPutBack = tempByteOut.toByteArray();
-
+
PushbackInputStream pushbackStream = new PushbackInputStream(params.getEncryptedInputStream(), bytesToPutBack.length);
pushbackStream.unread(bytesToPutBack);
-
+
params.setPlaintextInputStream(pushbackStream);
-
+
return params;
- }
+ }
}
-
+
// We validate here after reading parameters from the stream, not at the top of the function.
boolean allParamsOK = validateParamsObject(params, Cipher.DECRYPT_MODE);
-
+
if (!allParamsOK) {
log.error("CryptoModuleParameters object failed validation for decrypt");
throw new RuntimeException("CryptoModuleParameters object failed validation for decrypt");
}
-
+
Cipher cipher = DefaultCryptoModuleUtils.getCipher(getCipherTransformation(params));
-
+
try {
- cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(params.getPlaintextKey(), params.getAlgorithmName()), new IvParameterSpec(params.getInitializationVector()));
+ cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(params.getPlaintextKey(), params.getAlgorithmName()),
+ new IvParameterSpec(params.getInitializationVector()));
} catch (InvalidKeyException e) {
log.error("Error when trying to initialize cipher with secret key");
throw new RuntimeException(e);
} catch (InvalidAlgorithmParameterException e) {
log.error("Error when trying to initialize cipher with initialization vector");
throw new RuntimeException(e);
- }
-
+ }
+
InputStream blockedDecryptingInputStream = new CipherInputStream(params.getEncryptedInputStream(), cipher);
-
+
if (params.getBlockStreamSize() > 0)
blockedDecryptingInputStream = new BlockedInputStream(blockedDecryptingInputStream, cipher.getBlockSize(), params.getBlockStreamSize());
- log.trace("Initialized cipher input stream with transformation ["+getCipherTransformation(params)+"]");
-
+ log.trace("Initialized cipher input stream with transformation [" + getCipherTransformation(params) + "]");
+
params.setPlaintextInputStream(blockedDecryptingInputStream);
return params;
@@ -423,8 +417,8 @@ public class DefaultCryptoModule implements CryptoModule {
params.getSecureRandom().nextBytes(newSessionKey);
params.setPlaintextKey(newSessionKey);
-
+
return params;
}
-
+
}
http://git-wip-us.apache.org/repos/asf/accumulo/blob/6bc67602/core/src/main/java/org/apache/accumulo/core/security/crypto/DefaultCryptoModuleUtils.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/security/crypto/DefaultCryptoModuleUtils.java b/core/src/main/java/org/apache/accumulo/core/security/crypto/DefaultCryptoModuleUtils.java
index 34ec1f3..21c9a09 100644
--- a/core/src/main/java/org/apache/accumulo/core/security/crypto/DefaultCryptoModuleUtils.java
+++ b/core/src/main/java/org/apache/accumulo/core/security/crypto/DefaultCryptoModuleUtils.java
@@ -29,16 +29,16 @@ import org.apache.log4j.Logger;
public class DefaultCryptoModuleUtils {
private static final Logger log = Logger.getLogger(DefaultCryptoModuleUtils.class);
-
+
public static SecureRandom getSecureRandom(String secureRNG, String secureRNGProvider) {
SecureRandom secureRandom = null;
try {
secureRandom = SecureRandom.getInstance(secureRNG, secureRNGProvider);
-
+
// Immediately seed the generator
byte[] throwAway = new byte[16];
secureRandom.nextBytes(throwAway);
-
+
} catch (NoSuchAlgorithmException e) {
log.error(String.format("Accumulo configuration file specified a secure random generator \"%s\" that was not found by any provider.", secureRNG));
throw new RuntimeException(e);
@@ -51,7 +51,7 @@ public class DefaultCryptoModuleUtils {
public static Cipher getCipher(String cipherSuite) {
Cipher cipher = null;
-
+
if (cipherSuite.equals("NullCipher")) {
cipher = new NullCipher();
} else {
@@ -67,5 +67,5 @@ public class DefaultCryptoModuleUtils {
}
return cipher;
}
-
+
}
http://git-wip-us.apache.org/repos/asf/accumulo/blob/6bc67602/core/src/main/java/org/apache/accumulo/core/security/crypto/DiscardCloseOutputStream.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/security/crypto/DiscardCloseOutputStream.java b/core/src/main/java/org/apache/accumulo/core/security/crypto/DiscardCloseOutputStream.java
index 846cf35..261e224 100644
--- a/core/src/main/java/org/apache/accumulo/core/security/crypto/DiscardCloseOutputStream.java
+++ b/core/src/main/java/org/apache/accumulo/core/security/crypto/DiscardCloseOutputStream.java
@@ -26,14 +26,14 @@ import org.apache.log4j.Logger;
public class DiscardCloseOutputStream extends FilterOutputStream {
private static final Logger log = Logger.getLogger(DiscardCloseOutputStream.class);
-
+
public DiscardCloseOutputStream(OutputStream out) {
super(out);
}
-
+
public void close() throws IOException {
// Discard
log.trace("Discarded close");
}
-
+
}
http://git-wip-us.apache.org/repos/asf/accumulo/blob/6bc67602/core/src/main/java/org/apache/accumulo/core/security/crypto/NonCachingSecretKeyEncryptionStrategy.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/security/crypto/NonCachingSecretKeyEncryptionStrategy.java b/core/src/main/java/org/apache/accumulo/core/security/crypto/NonCachingSecretKeyEncryptionStrategy.java
index 67278bf..f42f9ff 100644
--- a/core/src/main/java/org/apache/accumulo/core/security/crypto/NonCachingSecretKeyEncryptionStrategy.java
+++ b/core/src/main/java/org/apache/accumulo/core/security/crypto/NonCachingSecretKeyEncryptionStrategy.java
@@ -37,7 +37,7 @@ import org.apache.log4j.Logger;
//TODO ACCUMULO-2530 Update properties to use a URI instead of a relative path to secret key
public class NonCachingSecretKeyEncryptionStrategy implements SecretKeyEncryptionStrategy {
-
+
private static final Logger log = Logger.getLogger(NonCachingSecretKeyEncryptionStrategy.class);
private void doKeyEncryptionOperation(int encryptionMode, CryptoModuleParameters params, String pathToKeyName, Path pathToKey, FileSystem fs)
@@ -45,10 +45,10 @@ public class NonCachingSecretKeyEncryptionStrategy implements SecretKeyEncryptio
DataInputStream in = null;
try {
if (!fs.exists(pathToKey)) {
-
+
if (encryptionMode == Cipher.UNWRAP_MODE) {
log.error("There was a call to decrypt the session key but no key encryption key exists. Either restore it, reconfigure the conf file to point to it in HDFS, or throw the affected data away and begin again.");
- throw new RuntimeException("Could not find key encryption key file in configured location in HDFS ("+pathToKeyName+")");
+ throw new RuntimeException("Could not find key encryption key file in configured location in HDFS (" + pathToKeyName + ")");
} else {
DataOutputStream out = null;
try {
@@ -64,18 +64,18 @@ public class NonCachingSecretKeyEncryptionStrategy implements SecretKeyEncryptio
out.flush();
} finally {
if (out != null) {
- out.close();
+ out.close();
}
}
}
}
in = fs.open(pathToKey);
-
+
int keyEncryptionKeyLength = in.readInt();
byte[] keyEncryptionKey = new byte[keyEncryptionKeyLength];
in.read(keyEncryptionKey);
-
+
Cipher cipher = DefaultCryptoModuleUtils.getCipher(params.getAllOptions().get(Property.CRYPTO_DEFAULT_KEY_STRATEGY_CIPHER_SUITE.getKey()));
try {
@@ -83,8 +83,8 @@ public class NonCachingSecretKeyEncryptionStrategy implements SecretKeyEncryptio
} catch (InvalidKeyException e) {
log.error(e);
throw new RuntimeException(e);
- }
-
+ }
+
if (Cipher.UNWRAP_MODE == encryptionMode) {
try {
Key plaintextKey = cipher.unwrap(params.getEncryptedKey(), params.getAlgorithmName(), Cipher.SECRET_KEY);
@@ -109,9 +109,9 @@ public class NonCachingSecretKeyEncryptionStrategy implements SecretKeyEncryptio
log.error(e);
throw new RuntimeException(e);
}
-
+
}
-
+
} finally {
if (in != null) {
in.close();
@@ -123,20 +123,19 @@ public class NonCachingSecretKeyEncryptionStrategy implements SecretKeyEncryptio
private String getFullPathToKey(CryptoModuleParameters params) {
String pathToKeyName = params.getAllOptions().get(Property.CRYPTO_DEFAULT_KEY_STRATEGY_KEY_LOCATION.getKey());
String instanceDirectory = params.getAllOptions().get(Property.INSTANCE_DFS_DIR.getKey());
-
-
+
if (pathToKeyName == null) {
pathToKeyName = Property.CRYPTO_DEFAULT_KEY_STRATEGY_KEY_LOCATION.getDefaultValue();
}
-
+
if (instanceDirectory == null) {
instanceDirectory = Property.INSTANCE_DFS_DIR.getDefaultValue();
}
-
+
if (!pathToKeyName.startsWith("/")) {
pathToKeyName = "/" + pathToKeyName;
}
-
+
String fullPath = instanceDirectory + pathToKeyName;
return fullPath;
}
@@ -148,20 +147,20 @@ public class NonCachingSecretKeyEncryptionStrategy implements SecretKeyEncryptio
if (hdfsURI == null) {
hdfsURI = Property.INSTANCE_DFS_URI.getDefaultValue();
}
-
+
String fullPath = getFullPathToKey(params);
Path pathToKey = new Path(fullPath);
-
+
try {
// TODO ACCUMULO-2530 Ensure volumes a properly supported
- FileSystem fs = FileSystem.get(CachedConfiguration.getInstance());
+ FileSystem fs = FileSystem.get(CachedConfiguration.getInstance());
doKeyEncryptionOperation(Cipher.WRAP_MODE, params, fullPath, pathToKey, fs);
-
+
} catch (IOException e) {
log.error(e);
throw new RuntimeException(e);
}
-
+
return params;
}
@@ -170,24 +169,23 @@ public class NonCachingSecretKeyEncryptionStrategy implements SecretKeyEncryptio
public CryptoModuleParameters decryptSecretKey(CryptoModuleParameters params) {
String hdfsURI = params.getAllOptions().get(Property.INSTANCE_DFS_URI.getKey());
if (hdfsURI == null) {
- hdfsURI = Property.INSTANCE_DFS_URI.getDefaultValue();
+ hdfsURI = Property.INSTANCE_DFS_URI.getDefaultValue();
}
-
+
String pathToKeyName = getFullPathToKey(params);
Path pathToKey = new Path(pathToKeyName);
-
+
try {
// TODO ACCUMULO-2530 Ensure volumes a properly supported
- FileSystem fs = FileSystem.get(CachedConfiguration.getInstance());
+ FileSystem fs = FileSystem.get(CachedConfiguration.getInstance());
doKeyEncryptionOperation(Cipher.UNWRAP_MODE, params, pathToKeyName, pathToKey, fs);
-
-
+
} catch (IOException e) {
log.error(e);
throw new RuntimeException(e);
}
-
+
return params;
}
-
+
}
http://git-wip-us.apache.org/repos/asf/accumulo/blob/6bc67602/core/src/main/java/org/apache/accumulo/core/security/crypto/SecretKeyEncryptionStrategy.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/security/crypto/SecretKeyEncryptionStrategy.java b/core/src/main/java/org/apache/accumulo/core/security/crypto/SecretKeyEncryptionStrategy.java
index 0cd9bd0..7d3c333 100644
--- a/core/src/main/java/org/apache/accumulo/core/security/crypto/SecretKeyEncryptionStrategy.java
+++ b/core/src/main/java/org/apache/accumulo/core/security/crypto/SecretKeyEncryptionStrategy.java
@@ -17,12 +17,12 @@
package org.apache.accumulo.core.security.crypto;
/**
- *
+ *
*/
-public interface SecretKeyEncryptionStrategy {
-
+public interface SecretKeyEncryptionStrategy {
+
CryptoModuleParameters encryptSecretKey(CryptoModuleParameters params);
+
CryptoModuleParameters decryptSecretKey(CryptoModuleParameters params);
-
-
+
}
http://git-wip-us.apache.org/repos/asf/accumulo/blob/6bc67602/core/src/main/java/org/apache/accumulo/core/tabletserver/log/LogEntry.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/tabletserver/log/LogEntry.java b/core/src/main/java/org/apache/accumulo/core/tabletserver/log/LogEntry.java
index 926e42e..25d0f32 100644
--- a/core/src/main/java/org/apache/accumulo/core/tabletserver/log/LogEntry.java
+++ b/core/src/main/java/org/apache/accumulo/core/tabletserver/log/LogEntry.java
@@ -38,7 +38,7 @@ public class LogEntry {
public String filename;
public int tabletId;
public Collection<String> logSet;
-
+
public LogEntry() {}
public LogEntry(LogEntry le) {
@@ -53,11 +53,11 @@ public class LogEntry {
public String toString() {
return extent.toString() + " " + filename + " (" + tabletId + ")";
}
-
+
public String getName() {
return server + "/" + filename;
}
-
+
public byte[] toBytes() throws IOException {
DataOutputBuffer out = new DataOutputBuffer();
extent.write(out);
@@ -71,7 +71,7 @@ public class LogEntry {
}
return Arrays.copyOf(out.getData(), out.getLength());
}
-
+
public void fromBytes(byte bytes[]) throws IOException {
DataInputBuffer inp = new DataInputBuffer();
inp.reset(bytes, bytes.length);
@@ -87,7 +87,7 @@ public class LogEntry {
logSet.add(inp.readUTF());
this.logSet = logSet;
}
-
+
static private final Text EMPTY_TEXT = new Text();
public static LogEntry fromKeyValue(Key key, Value value) {
@@ -102,19 +102,19 @@ public class LogEntry {
result.timestamp = key.getTimestamp();
return result;
}
-
+
public Text getRow() {
return extent.getMetadataEntry();
}
-
+
public Text getColumnFamily() {
return MetadataSchema.TabletsSection.LogColumnFamily.NAME;
}
-
+
public Text getColumnQualifier() {
return new Text(server + "/" + filename);
}
-
+
public Value getValue() {
return new Value((Joiner.on(";").join(logSet) + "|" + tabletId).getBytes());
}
http://git-wip-us.apache.org/repos/asf/accumulo/blob/6bc67602/core/src/main/java/org/apache/accumulo/core/trace/DistributedTrace.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/trace/DistributedTrace.java b/core/src/main/java/org/apache/accumulo/core/trace/DistributedTrace.java
index 5aa026b..ab81f30 100644
--- a/core/src/main/java/org/apache/accumulo/core/trace/DistributedTrace.java
+++ b/core/src/main/java/org/apache/accumulo/core/trace/DistributedTrace.java
@@ -35,7 +35,6 @@ import org.apache.zookeeper.KeeperException;
import org.htrace.HTraceConfiguration;
import org.htrace.SpanReceiver;
-
/**
* Utility class to enable tracing for Accumulo server processes.
*
@@ -70,27 +69,24 @@ public class DistributedTrace {
}
/**
- * Enable tracing by setting up SpanReceivers for the current process.
- * If service name is null, the simple name of the class will be used.
+ * Enable tracing by setting up SpanReceivers for the current process. If service name is null, the simple name of the class will be used.
*/
public static void enable(String service) {
enable(null, service);
}
/**
- * Enable tracing by setting up SpanReceivers for the current process.
- * If host name is null, it will be determined.
- * If service name is null, the simple name of the class will be used.
+ * Enable tracing by setting up SpanReceivers for the current process. If host name is null, it will be determined. If service name is null, the simple name
+ * of the class will be used.
*/
public static void enable(String hostname, String service) {
enable(hostname, service, ClientConfiguration.loadDefault());
}
/**
- * Enable tracing by setting up SpanReceivers for the current process.
- * If host name is null, it will be determined.
- * If service name is null, the simple name of the class will be used.
- * Properties required in the client configuration include {@link org.apache.accumulo.core.client.ClientConfiguration.ClientProperty#TRACE_SPAN_RECEIVERS} and any properties specific to the span receiver.
+ * Enable tracing by setting up SpanReceivers for the current process. If host name is null, it will be determined. If service name is null, the simple name
+ * of the class will be used. Properties required in the client configuration include
+ * {@link org.apache.accumulo.core.client.ClientConfiguration.ClientProperty#TRACE_SPAN_RECEIVERS} and any properties specific to the span receiver.
*/
public static void enable(String hostname, String service, ClientConfiguration conf) {
String spanReceivers = conf.get(ClientProperty.TRACE_SPAN_RECEIVERS);
@@ -102,9 +98,8 @@ public class DistributedTrace {
}
/**
- * Enable tracing by setting up SpanReceivers for the current process.
- * If host name is null, it will be determined.
- * If service name is null, the simple name of the class will be used.
+ * Enable tracing by setting up SpanReceivers for the current process. If host name is null, it will be determined. If service name is null, the simple name
+ * of the class will be used.
*/
public static void enable(String hostname, String service, AccumuloConfiguration conf) {
String spanReceivers = conf.get(Property.TRACE_SPAN_RECEIVERS);
@@ -180,7 +175,7 @@ public class DistributedTrace {
SpanReceiver impl;
try {
Object o = ReflectionUtils.newInstance(implClass, conf);
- impl = (SpanReceiver)o;
+ impl = (SpanReceiver) o;
impl.configure(wrapHadoopConf(conf));
} catch (SecurityException e) {
throw new IOException(e);
http://git-wip-us.apache.org/repos/asf/accumulo/blob/6bc67602/core/src/main/java/org/apache/accumulo/core/trace/Span.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/trace/Span.java b/core/src/main/java/org/apache/accumulo/core/trace/Span.java
index 3427a2e..b72e6ee 100644
--- a/core/src/main/java/org/apache/accumulo/core/trace/Span.java
+++ b/core/src/main/java/org/apache/accumulo/core/trace/Span.java
@@ -18,16 +18,15 @@ package org.apache.accumulo.core.trace;
import static java.nio.charset.StandardCharsets.UTF_8;
+import java.util.List;
+import java.util.Map;
+
import org.htrace.NullScope;
import org.htrace.TimelineAnnotation;
import org.htrace.TraceScope;
-import java.util.List;
-import java.util.Map;
-
/**
- * This is a wrapper for a TraceScope object, which is a wrapper for a Span and its parent.
- * Not recommended for client use.
+ * This is a wrapper for a TraceScope object, which is a wrapper for a Span and its parent. Not recommended for client use.
*/
public class Span implements org.htrace.Span {
public static final Span NULL_SPAN = new Span(NullScope.INSTANCE);
@@ -127,7 +126,7 @@ public class Span implements org.htrace.Span {
}
@Override
- public Map<byte[], byte[]> getKVAnnotations() {
+ public Map<byte[],byte[]> getKVAnnotations() {
return span.getKVAnnotations();
}
http://git-wip-us.apache.org/repos/asf/accumulo/blob/6bc67602/core/src/main/java/org/apache/accumulo/core/trace/Trace.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/trace/Trace.java b/core/src/main/java/org/apache/accumulo/core/trace/Trace.java
index fc2df17..eba19ab 100644
--- a/core/src/main/java/org/apache/accumulo/core/trace/Trace.java
+++ b/core/src/main/java/org/apache/accumulo/core/trace/Trace.java
@@ -16,16 +16,16 @@
*/
package org.apache.accumulo.core.trace;
+import static java.nio.charset.StandardCharsets.UTF_8;
+
import org.apache.accumulo.core.trace.thrift.TInfo;
import org.apache.accumulo.core.trace.wrappers.TraceRunnable;
import org.htrace.Sampler;
import org.htrace.TraceInfo;
import org.htrace.wrappers.TraceProxy;
-import static java.nio.charset.StandardCharsets.UTF_8;
-
/**
- * Utility class for tracing within Accumulo. Not intended for client use!
+ * Utility class for tracing within Accumulo. Not intended for client use!
*
*/
public class Trace {
@@ -71,6 +71,7 @@ public class Trace {
/**
* Return the current span.
+ *
* @deprecated since 1.7 -- it is better to save the span you create in a local variable and call its methods, rather than retrieving the current span
*/
@Deprecated
@@ -129,7 +130,7 @@ public class Trace {
}
// Sample trace all calls to the given object
- public static <T, V> T wrapAll(T instance, Sampler<V> dist) {
+ public static <T,V> T wrapAll(T instance, Sampler<V> dist) {
return TraceProxy.trace(instance, dist);
}
}
http://git-wip-us.apache.org/repos/asf/accumulo/blob/6bc67602/core/src/main/java/org/apache/accumulo/core/trace/wrappers/RpcClientInvocationHandler.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/trace/wrappers/RpcClientInvocationHandler.java b/core/src/main/java/org/apache/accumulo/core/trace/wrappers/RpcClientInvocationHandler.java
index 8b0156d..9871d90 100644
--- a/core/src/main/java/org/apache/accumulo/core/trace/wrappers/RpcClientInvocationHandler.java
+++ b/core/src/main/java/org/apache/accumulo/core/trace/wrappers/RpcClientInvocationHandler.java
@@ -16,15 +16,15 @@
*/
package org.apache.accumulo.core.trace.wrappers;
+import java.lang.reflect.InvocationHandler;
+import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Method;
+
import org.apache.accumulo.core.trace.Span;
import org.apache.accumulo.core.trace.Trace;
import org.apache.accumulo.core.trace.Tracer;
import org.apache.accumulo.core.trace.thrift.TInfo;
-import java.lang.reflect.InvocationHandler;
-import java.lang.reflect.InvocationTargetException;
-import java.lang.reflect.Method;
-
public class RpcClientInvocationHandler<I> implements InvocationHandler {
private final I instance;
http://git-wip-us.apache.org/repos/asf/accumulo/blob/6bc67602/core/src/main/java/org/apache/accumulo/core/trace/wrappers/RpcServerInvocationHandler.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/trace/wrappers/RpcServerInvocationHandler.java b/core/src/main/java/org/apache/accumulo/core/trace/wrappers/RpcServerInvocationHandler.java
index 700e543..b7c578d 100644
--- a/core/src/main/java/org/apache/accumulo/core/trace/wrappers/RpcServerInvocationHandler.java
+++ b/core/src/main/java/org/apache/accumulo/core/trace/wrappers/RpcServerInvocationHandler.java
@@ -16,14 +16,14 @@
*/
package org.apache.accumulo.core.trace.wrappers;
-import org.apache.accumulo.core.trace.Span;
-import org.apache.accumulo.core.trace.Trace;
-import org.apache.accumulo.core.trace.thrift.TInfo;
-
import java.lang.reflect.InvocationHandler;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
+import org.apache.accumulo.core.trace.Span;
+import org.apache.accumulo.core.trace.Trace;
+import org.apache.accumulo.core.trace.thrift.TInfo;
+
public class RpcServerInvocationHandler<I> implements InvocationHandler {
private final I instance;
http://git-wip-us.apache.org/repos/asf/accumulo/blob/6bc67602/core/src/main/java/org/apache/accumulo/core/trace/wrappers/TraceCallable.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/trace/wrappers/TraceCallable.java b/core/src/main/java/org/apache/accumulo/core/trace/wrappers/TraceCallable.java
index 0d0dc56..d8b9b78 100644
--- a/core/src/main/java/org/apache/accumulo/core/trace/wrappers/TraceCallable.java
+++ b/core/src/main/java/org/apache/accumulo/core/trace/wrappers/TraceCallable.java
@@ -16,25 +16,25 @@
*/
package org.apache.accumulo.core.trace.wrappers;
+import java.util.concurrent.Callable;
+
import org.htrace.Span;
import org.htrace.Trace;
import org.htrace.TraceScope;
-import java.util.concurrent.Callable;
-
/**
* Wrap a Callable with a Span that survives a change in threads.
- *
+ *
*/
public class TraceCallable<V> implements Callable<V> {
private final Callable<V> impl;
private final Span parent;
private final String description;
-
+
TraceCallable(Callable<V> impl) {
this(Trace.currentSpan(), impl);
}
-
+
TraceCallable(Span parent, Callable<V> impl) {
this(parent, impl, null);
}
@@ -44,7 +44,7 @@ public class TraceCallable<V> implements Callable<V> {
this.parent = parent;
this.description = description;
}
-
+
@Override
public V call() throws Exception {
if (parent != null) {
http://git-wip-us.apache.org/repos/asf/accumulo/blob/6bc67602/core/src/main/java/org/apache/accumulo/core/trace/wrappers/TraceExecutorService.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/trace/wrappers/TraceExecutorService.java b/core/src/main/java/org/apache/accumulo/core/trace/wrappers/TraceExecutorService.java
index 5ba61bf..0ff5751 100644
--- a/core/src/main/java/org/apache/accumulo/core/trace/wrappers/TraceExecutorService.java
+++ b/core/src/main/java/org/apache/accumulo/core/trace/wrappers/TraceExecutorService.java
@@ -16,9 +16,6 @@
*/
package org.apache.accumulo.core.trace.wrappers;
-import org.htrace.Span;
-import org.htrace.Tracer;
-
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
@@ -29,59 +26,62 @@ import java.util.concurrent.Future;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.TimeoutException;
+import org.htrace.Span;
+import org.htrace.Tracer;
+
public class TraceExecutorService implements ExecutorService {
-
+
private final ExecutorService impl;
-
+
public TraceExecutorService(ExecutorService impl) {
this.impl = impl;
}
-
+
@Override
public void execute(Runnable command) {
impl.execute(new TraceRunnable(command));
}
-
+
@Override
public void shutdown() {
impl.shutdown();
}
-
+
@Override
public List<Runnable> shutdownNow() {
return impl.shutdownNow();
}
-
+
@Override
public boolean isShutdown() {
return impl.isShutdown();
}
-
+
@Override
public boolean isTerminated() {
return impl.isTerminated();
}
-
+
@Override
public boolean awaitTermination(long timeout, TimeUnit unit) throws InterruptedException {
return impl.awaitTermination(timeout, unit);
}
-
+
@Override
public <T> Future<T> submit(Callable<T> task) {
return impl.submit(new TraceCallable<T>(task));
}
-
+
@Override
public <T> Future<T> submit(Runnable task, T result) {
return impl.submit(new TraceRunnable(task), result);
}
-
+
@Override
public Future<?> submit(Runnable task) {
return impl.submit(new TraceRunnable(task));
}
-
+
private <T> Collection<? extends Callable<T>> wrapCollection(Collection<? extends Callable<T>> tasks) {
List<Callable<T>> result = new ArrayList<Callable<T>>();
for (Callable<T> task : tasks) {
@@ -89,28 +89,28 @@ public class TraceExecutorService implements ExecutorService {
}
return result;
}
-
+
@Override
public <T> List<Future<T>> invokeAll(Collection<? extends Callable<T>> tasks) throws InterruptedException {
return impl.invokeAll(wrapCollection(tasks));
}
-
+
@Override
public <T> List<Future<T>> invokeAll(Collection<? extends Callable<T>> tasks, long timeout, TimeUnit unit) throws InterruptedException {
return impl.invokeAll(wrapCollection(tasks), timeout, unit);
}
-
+
@Override
public <T> T invokeAny(Collection<? extends Callable<T>> tasks) throws InterruptedException, ExecutionException {
return impl.invokeAny(wrapCollection(tasks));
}
-
+
@Override
public <T> T invokeAny(Collection<? extends Callable<T>> tasks, long timeout, TimeUnit unit) throws InterruptedException, ExecutionException,
TimeoutException {
return impl.invokeAny(wrapCollection(tasks), timeout, unit);
}
-
+
/**
* Finish a given trace and set the span for the current thread to null.
*/
http://git-wip-us.apache.org/repos/asf/accumulo/blob/6bc67602/core/src/main/java/org/apache/accumulo/core/trace/wrappers/TraceRunnable.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/trace/wrappers/TraceRunnable.java b/core/src/main/java/org/apache/accumulo/core/trace/wrappers/TraceRunnable.java
index 5723b17..a870cbf 100644
--- a/core/src/main/java/org/apache/accumulo/core/trace/wrappers/TraceRunnable.java
+++ b/core/src/main/java/org/apache/accumulo/core/trace/wrappers/TraceRunnable.java
@@ -22,18 +22,18 @@ import org.htrace.TraceScope;
/**
* Wrap a Runnable with a Span that survives a change in threads.
- *
+ *
*/
public class TraceRunnable implements Runnable, Comparable<TraceRunnable> {
-
+
private final Span parent;
private final Runnable runnable;
private final String description;
-
+
public TraceRunnable(Runnable runnable) {
this(Trace.currentSpan(), runnable);
}
-
+
public TraceRunnable(Span parent, Runnable runnable) {
this(parent, runnable, null);
}
@@ -43,7 +43,7 @@ public class TraceRunnable implements Runnable, Comparable<TraceRunnable> {
this.runnable = runnable;
this.description = description;
}
-
+
@Override
public void run() {
if (parent != null) {
@@ -61,16 +61,16 @@ public class TraceRunnable implements Runnable, Comparable<TraceRunnable> {
private String getDescription() {
return this.description == null ? Thread.currentThread().getName() : description;
}
-
+
@Override
public boolean equals(Object o) {
if (o instanceof TraceRunnable) {
return 0 == this.compareTo((TraceRunnable) o);
}
-
+
return false;
}
-
+
@SuppressWarnings({"rawtypes", "unchecked"})
@Override
public int compareTo(TraceRunnable o) {
http://git-wip-us.apache.org/repos/asf/accumulo/blob/6bc67602/core/src/main/java/org/apache/accumulo/core/trace/wrappers/TraceWrap.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/trace/wrappers/TraceWrap.java b/core/src/main/java/org/apache/accumulo/core/trace/wrappers/TraceWrap.java
index f675c53..bbfa386 100644
--- a/core/src/main/java/org/apache/accumulo/core/trace/wrappers/TraceWrap.java
+++ b/core/src/main/java/org/apache/accumulo/core/trace/wrappers/TraceWrap.java
@@ -22,7 +22,7 @@ import java.lang.reflect.Proxy;
/**
* To move trace data from client to server, the RPC call must be annotated to take a TInfo object as its first argument. The user can simply pass null, so long
* as they wrap their Client and Service objects with these functions.
- *
+ *
* <pre>
* Trace.on("remoteMethod");
* Iface c = new Client();
@@ -30,11 +30,11 @@ import java.lang.reflect.Proxy;
* c.remoteMethod(null, arg2, arg3);
* Trace.off();
* </pre>
- *
+ *
* The wrapper will see the annotated method and send or re-establish the trace information.
- *
+ *
* Note that the result of these calls is a Proxy object that conforms to the basic interfaces, but is not your concrete instance.
- *
+ *
*/
public class TraceWrap {
http://git-wip-us.apache.org/repos/asf/accumulo/blob/6bc67602/core/src/main/java/org/apache/accumulo/core/util/AddressUtil.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/util/AddressUtil.java b/core/src/main/java/org/apache/accumulo/core/util/AddressUtil.java
index bd9a5ca..1426239 100644
--- a/core/src/main/java/org/apache/accumulo/core/util/AddressUtil.java
+++ b/core/src/main/java/org/apache/accumulo/core/util/AddressUtil.java
@@ -20,7 +20,6 @@ import com.google.common.net.HostAndPort;
public class AddressUtil extends org.apache.accumulo.fate.util.AddressUtil {
-
static public HostAndPort parseAddress(String address) throws NumberFormatException {
return parseAddress(address, false);
}
@@ -30,7 +29,7 @@ public class AddressUtil extends org.apache.accumulo.fate.util.AddressUtil {
HostAndPort hap = HostAndPort.fromString(address);
if (!ignoreMissingPort && !hap.hasPort())
throw new IllegalArgumentException("Address was expected to contain port. address=" + address);
-
+
return hap;
}
http://git-wip-us.apache.org/repos/asf/accumulo/blob/6bc67602/core/src/main/java/org/apache/accumulo/core/util/BadArgumentException.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/util/BadArgumentException.java b/core/src/main/java/org/apache/accumulo/core/util/BadArgumentException.java
index c2f79ba..80c9beb 100644
--- a/core/src/main/java/org/apache/accumulo/core/util/BadArgumentException.java
+++ b/core/src/main/java/org/apache/accumulo/core/util/BadArgumentException.java
@@ -20,7 +20,7 @@ import java.util.regex.PatternSyntaxException;
public final class BadArgumentException extends PatternSyntaxException {
private static final long serialVersionUID = 1L;
-
+
public BadArgumentException(String desc, String badarg, int index) {
super(desc, badarg, index);
}
http://git-wip-us.apache.org/repos/asf/accumulo/blob/6bc67602/core/src/main/java/org/apache/accumulo/core/util/Base64.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/util/Base64.java b/core/src/main/java/org/apache/accumulo/core/util/Base64.java
index 76de4ed..ce54aae 100644
--- a/core/src/main/java/org/apache/accumulo/core/util/Base64.java
+++ b/core/src/main/java/org/apache/accumulo/core/util/Base64.java
@@ -19,17 +19,15 @@ package org.apache.accumulo.core.util;
import org.apache.commons.codec.binary.StringUtils;
/**
- * A wrapper around commons-codec's Base64 to make sure we get the non-chunked behavior that
- * became the default in commons-codec version 1.5+ while relying on the commons-codec version 1.4
- * that Hadoop Client provides.
+ * A wrapper around commons-codec's Base64 to make sure we get the non-chunked behavior that became the default in commons-codec version 1.5+ while relying on
+ * the commons-codec version 1.4 that Hadoop Client provides.
*/
public final class Base64 {
/**
* Private to prevent instantiation.
*/
- private Base64() {
- }
+ private Base64() {}
/**
* Serialize to Base64 byte array, non-chunked.
http://git-wip-us.apache.org/repos/asf/accumulo/blob/6bc67602/core/src/main/java/org/apache/accumulo/core/util/ByteArrayComparator.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/util/ByteArrayComparator.java b/core/src/main/java/org/apache/accumulo/core/util/ByteArrayComparator.java
index 461ef38..1d7372c 100644
--- a/core/src/main/java/org/apache/accumulo/core/util/ByteArrayComparator.java
+++ b/core/src/main/java/org/apache/accumulo/core/util/ByteArrayComparator.java
@@ -21,21 +21,21 @@ import java.util.Comparator;
public class ByteArrayComparator implements Comparator<byte[]>, Serializable {
private static final long serialVersionUID = 1L;
-
+
@Override
public int compare(byte[] o1, byte[] o2) {
-
+
int minLen = Math.min(o1.length, o2.length);
-
+
for (int i = 0; i < minLen; i++) {
int a = (o1[i] & 0xff);
int b = (o2[i] & 0xff);
-
+
if (a != b) {
return a - b;
}
}
-
+
return o1.length - o2.length;
}
}
http://git-wip-us.apache.org/repos/asf/accumulo/blob/6bc67602/core/src/main/java/org/apache/accumulo/core/util/ByteArraySet.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/util/ByteArraySet.java b/core/src/main/java/org/apache/accumulo/core/util/ByteArraySet.java
index 4b7db82..ca43469 100644
--- a/core/src/main/java/org/apache/accumulo/core/util/ByteArraySet.java
+++ b/core/src/main/java/org/apache/accumulo/core/util/ByteArraySet.java
@@ -25,31 +25,31 @@ import java.util.List;
import java.util.TreeSet;
public class ByteArraySet extends TreeSet<byte[]> {
-
+
private static final long serialVersionUID = 1L;
-
+
public ByteArraySet() {
super(new ByteArrayComparator());
}
-
+
public ByteArraySet(Collection<? extends byte[]> c) {
this();
addAll(c);
}
-
+
public static ByteArraySet fromStrings(Collection<String> c) {
List<byte[]> lst = new ArrayList<byte[]>();
for (String s : c)
lst.add(s.getBytes(UTF_8));
return new ByteArraySet(lst);
}
-
+
public static ByteArraySet fromStrings(String... c) {
return ByteArraySet.fromStrings(Arrays.asList(c));
}
-
+
public List<byte[]> toList() {
return new ArrayList<byte[]>(this);
}
-
+
}
http://git-wip-us.apache.org/repos/asf/accumulo/blob/6bc67602/core/src/main/java/org/apache/accumulo/core/util/ByteBufferUtil.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/util/ByteBufferUtil.java b/core/src/main/java/org/apache/accumulo/core/util/ByteBufferUtil.java
index dbf04dc..f849d5b 100644
--- a/core/src/main/java/org/apache/accumulo/core/util/ByteBufferUtil.java
+++ b/core/src/main/java/org/apache/accumulo/core/util/ByteBufferUtil.java
@@ -33,7 +33,7 @@ public class ByteBufferUtil {
return null;
return Arrays.copyOfRange(buffer.array(), buffer.position(), buffer.limit());
}
-
+
public static List<ByteBuffer> toByteBuffers(Collection<byte[]> bytesList) {
if (bytesList == null)
return null;
@@ -43,7 +43,7 @@ public class ByteBufferUtil {
}
return result;
}
-
+
public static List<byte[]> toBytesList(Collection<ByteBuffer> bytesList) {
if (bytesList == null)
return null;
@@ -53,7 +53,7 @@ public class ByteBufferUtil {
}
return result;
}
-
+
public static Text toText(ByteBuffer bytes) {
if (bytes == null)
return null;
@@ -61,11 +61,11 @@ public class ByteBufferUtil {
result.set(bytes.array(), bytes.position(), bytes.remaining());
return result;
}
-
+
public static String toString(ByteBuffer bytes) {
return new String(bytes.array(), bytes.position(), bytes.remaining(), UTF_8);
}
-
+
public static ByteBuffer toByteBuffers(ByteSequence bs) {
if (bs == null)
return null;
http://git-wip-us.apache.org/repos/asf/accumulo/blob/6bc67602/core/src/main/java/org/apache/accumulo/core/util/CachedConfiguration.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/util/CachedConfiguration.java b/core/src/main/java/org/apache/accumulo/core/util/CachedConfiguration.java
index daf165c..00cc063 100644
--- a/core/src/main/java/org/apache/accumulo/core/util/CachedConfiguration.java
+++ b/core/src/main/java/org/apache/accumulo/core/util/CachedConfiguration.java
@@ -20,13 +20,13 @@ import org.apache.hadoop.conf.Configuration;
public class CachedConfiguration {
private static Configuration configuration = null;
-
+
public synchronized static Configuration getInstance() {
if (configuration == null)
setInstance(new Configuration());
return configuration;
}
-
+
public synchronized static Configuration setInstance(Configuration update) {
Configuration result = configuration;
configuration = update;
http://git-wip-us.apache.org/repos/asf/accumulo/blob/6bc67602/core/src/main/java/org/apache/accumulo/core/util/CleanUp.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/util/CleanUp.java b/core/src/main/java/org/apache/accumulo/core/util/CleanUp.java
index be5a41a..a632fe3 100644
--- a/core/src/main/java/org/apache/accumulo/core/util/CleanUp.java
+++ b/core/src/main/java/org/apache/accumulo/core/util/CleanUp.java
@@ -23,12 +23,12 @@ import org.apache.accumulo.fate.zookeeper.ZooSession;
import org.apache.log4j.Logger;
/**
- *
+ *
*/
public class CleanUp {
-
+
private static final Logger log = Logger.getLogger(CleanUp.class);
-
+
/**
* kills all threads created by internal Accumulo singleton resources. After this method is called, no accumulo client will work in the current classloader.
*/
@@ -37,17 +37,17 @@ public class CleanUp {
ZooSession.shutdown();
waitForZooKeeperClientThreads();
}
-
+
/**
- * As documented in https://issues.apache.org/jira/browse/ZOOKEEPER-1816, ZooKeeper.close()
- * is a non-blocking call. This method will wait on the ZooKeeper internal threads to exit.
+ * As documented in https://issues.apache.org/jira/browse/ZOOKEEPER-1816, ZooKeeper.close() is a non-blocking call. This method will wait on the ZooKeeper
+ * internal threads to exit.
*/
private static void waitForZooKeeperClientThreads() {
Set<Thread> threadSet = Thread.getAllStackTraces().keySet();
- for (Thread thread : threadSet) {
+ for (Thread thread : threadSet) {
// find ZooKeeper threads that were created in the same ClassLoader as the current thread.
- if (thread.getClass().getName().startsWith("org.apache.zookeeper.ClientCnxn") &&
- thread.getContextClassLoader().equals(Thread.currentThread().getContextClassLoader())) {
+ if (thread.getClass().getName().startsWith("org.apache.zookeeper.ClientCnxn")
+ && thread.getContextClassLoader().equals(Thread.currentThread().getContextClassLoader())) {
// wait for the thread the die
while (thread.isAlive()) {