Details

    • Type: Sub-task Sub-task
    • Status: Resolved
    • Priority: Major Major
    • Resolution: Duplicate
    • Affects Version/s: 3.0.0
    • Fix Version/s: 3.0.0
    • Component/s: security
    • Labels:
      None

      Description

      This JIRA task provides three crypto codec implementations based on the Hadoop crypto codec framework. They are:
      1. Simple AES Codec. AES codec implementation based on AES-NI. (Not splittable)
      2. AES Codec. AES codec implementation based on AES-NI in splittable format.

      1. HADOOP-9332.patch
        204 kB
        Yi Liu
      2. HADOOP-9332.patch
        227 kB
        Yi Liu

        Issue Links

          Activity

          Yi Liu created issue -
          Hide
          Yi Liu added a comment -

          Yi, Andrew Purtell and Xiang did this patch.

          Show
          Yi Liu added a comment - Yi, Andrew Purtell and Xiang did this patch.
          Yi Liu made changes -
          Field Original Value New Value
          Attachment HADOOP-9332.patch [ 12570713 ]
          Hide
          Yi Liu added a comment -

          The patch has been attached.

          Show
          Yi Liu added a comment - The patch has been attached.
          Yi Liu made changes -
          Status Open [ 1 ] Patch Available [ 10002 ]
          Jerry Chen made changes -
          Link This issue depends on HADOOP-9333 [ HADOOP-9333 ]
          Hide
          Hadoop QA added a comment -

          -1 overall. Here are the results of testing the latest attachment
          http://issues.apache.org/jira/secure/attachment/12570713/HADOOP-9332.patch
          against trunk revision .

          +1 @author. The patch does not contain any @author tags.

          +1 tests included. The patch appears to include 18 new or modified test files.

          -1 one of tests included doesn't have a timeout.

          -1 javac. The patch appears to cause the build to fail.

          Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/2226//console

          This message is automatically generated.

          Show
          Hadoop QA added a comment - -1 overall . Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12570713/HADOOP-9332.patch against trunk revision . +1 @author . The patch does not contain any @author tags. +1 tests included . The patch appears to include 18 new or modified test files. -1 one of tests included doesn't have a timeout. -1 javac . The patch appears to cause the build to fail. Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/2226//console This message is automatically generated.
          Yi Liu made changes -
          Description This JIRA task provides three crypto codec implementations based on the Hadoop crypto codec framework. They are:
          1. Simple AES Codec. AES codec implementation based on AES-NI. (Not splittable)
          2. AES Codec. AES codec implementation based on AES-NI in splittable format.
          3. A crypto codec implementation for RC4 stream cipher.
          This JIRA task provides three crypto codec implementations based on the Hadoop crypto codec framework. They are:
          1. Simple AES Codec. AES codec implementation based on AES-NI. (Not splittable)
          2. AES Codec. AES codec implementation based on AES-NI in splittable format.
          Yi Liu made changes -
          Summary Crypto codec implementations for AES and RC4 Crypto codec implementations for AES
          Hide
          Yi Liu added a comment -

          Cancel patch for building failure which was caused by dependency.

          Show
          Yi Liu added a comment - Cancel patch for building failure which was caused by dependency.
          Yi Liu made changes -
          Status Patch Available [ 10002 ] Open [ 1 ]
          Hide
          Yi Liu added a comment -

          Update patch to fix test warning.

          Show
          Yi Liu added a comment - Update patch to fix test warning.
          Yi Liu made changes -
          Attachment HADOOP-9332.patch [ 12570749 ]
          Gavin made changes -
          Link This issue depends on HADOOP-9333 [ HADOOP-9333 ]
          Gavin made changes -
          Link This issue depends upon HADOOP-9333 [ HADOOP-9333 ]
          Hide
          Luke Lu added a comment -

          Preliminary comments:

          • I had to dig to find out that both SimpleAESCodec and AESCodec are using CTR mode, which is fine. I was thrown off by the comment in the beginning of the SimpleAESCodec, as we know AES in the default ECB mode is pretty much worthless. Suggest rename the codec to AESCTRCodec, unless you're going to support other modes (CBC etc.), which requires an explicit comment.
          • There is much code duplication between SimpleAESCodec (without compressor option) and AESCodec (with compressor option). Suggest consolidate code in one codec.
          Show
          Luke Lu added a comment - Preliminary comments: I had to dig to find out that both SimpleAESCodec and AESCodec are using CTR mode, which is fine. I was thrown off by the comment in the beginning of the SimpleAESCodec, as we know AES in the default ECB mode is pretty much worthless. Suggest rename the codec to AESCTRCodec, unless you're going to support other modes (CBC etc.), which requires an explicit comment. There is much code duplication between SimpleAESCodec (without compressor option) and AESCodec (with compressor option). Suggest consolidate code in one codec.
          muchine made changes -
          Affects Version/s 3.0.0 [ 12320357 ]
          muchine made changes -
          Affects Version/s 3.0.0 [ 12320357 ]
          Hide
          Yi Liu added a comment -

          Thanks Luke for your comments. Actually SimpleAESCodec and AESCodec were using CBC mode, please refer to NativeOpensslAESCipher.c. For the secondary comment, we could refine SimpleAESCodec and AESCodec which is splittable.

          Show
          Yi Liu added a comment - Thanks Luke for your comments. Actually SimpleAESCodec and AESCodec were using CBC mode, please refer to NativeOpensslAESCipher.c. For the secondary comment, we could refine SimpleAESCodec and AESCodec which is splittable.
          Yi Liu made changes -
          Assignee Yi Liu [ hitliuyi ]
          howie yu made changes -
          Link This issue is depended upon by HADOOP-10528 [ HADOOP-10528 ]
          Hide
          Yi Liu added a comment -

          We will not use this approach any more, instead, we use the approach in HADOOP-10150, so mark this JIRA as duplicate.

          Show
          Yi Liu added a comment - We will not use this approach any more, instead, we use the approach in HADOOP-10150 , so mark this JIRA as duplicate.
          Yi Liu made changes -
          Status Open [ 1 ] Resolved [ 5 ]
          Resolution Duplicate [ 3 ]
          Transition Time In Source Status Execution Times Last Executer Last Execution Date
          Open Open Patch Available Patch Available
          7m 12s 1 Yi Liu 25/Feb/13 03:19
          Patch Available Patch Available Open Open
          5h 10m 1 Yi Liu 25/Feb/13 08:29
          Open Open Resolved Resolved
          512d 6h 48m 1 Yi Liu 22/Jul/14 15:18

            People

            • Assignee:
              Yi Liu
              Reporter:
              Yi Liu
            • Votes:
              0 Vote for this issue
              Watchers:
              17 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development