FLUME-1487 (FileChannel format needs to be extensible) is progressing well.
I think mike's design makes sense, a few notes:
-We will have to call doFinal() on every event as we need the exact
byte offset of the start of the next event for retrievals.
-I also think we should use CTR instead of CBC as CBC requires the
decryption of previous blocks before decrypting the current block.
This will cause us problems as we pull the events out of the file in
somewhat of a random order and there is no guarantee we will have
previously decrypted the previous block. Because of a
must use no padding.
-I see a few interfaces here, one to provide KeyStores, one to provide
Encryptor/Decryptor, and the Encryptor/Decryptors themselves.
The KeyStore interface is important because some users may not use a
file based key store but use a centralized key management
I've made some progress on this so I'd like to take this over.