Details

    • Type: New Feature New Feature
    • Status: Resolved
    • Priority: Major Major
    • Resolution: Duplicate
    • Affects Version/s: 3.0.0
    • Fix Version/s: None
    • Component/s: security
    • Labels:
    • Target Version/s:
    • Release Note:
      Initial patch for CMF functionality

      Description

      The credential management framework consists of library for securing, acquiring and rolling credentials for a given Hadoop service.

      Specifically the library will provide:

      1. Password Indirection or Aliasing
      2. Management of identity and trust keystores
      3. Rolling of key pairs and credentials
      4. Discovery of externally provisioned credentials
      5. Service specific CMF secret protection
      6. Syntax for Aliases within configuration files

      Password Indirection or Aliasing:
      By providing alias based access to actual secrets stored within a service specific JCEKS keystore, we are able to eliminate the need for any secret to be stored in clear text on the filesystem. This is a current redflag during security reviews for many customers.

      Management of Identity and Trust Keystores:
      Service specific identity and trust keystores will be managed by a combination of the HSSO service and CMF.

      Upon registration with the HSSO service a dependent service will be able discover externally provisioned keystores or have them created by the HSSO service on its behalf. The public key of the HSSO service will be provided to the service to be imported into its service specific trust store.

      Service specific keystores and credential stores will be protected with the service specific CMF secret.

      Rolling of Keypairs and Credentials:
      The ability to automate the rolling of PKI keypairs and credentials provide the services a common facility for discovering new HSSO public keys and the need and means to roll their own credentials while being able to retain a number of previous values (as needed).

      Discovery of Externally Provisioned Credentials:
      For environments that want control over the certificate generation and provisioning, CMF provides the ability to discover preprovisioned artifacts based on naming conventions of the artifacts and the use of the service specific CMF secret to access the credentials within the keystores.

      Service Specific CMF Secret Protection:
      By providing a common facility to prompt for and optionally persist a service specific CMF secret at service installation/startup, we enable the ability to protect all the service specific security artifacts with this protected secret. It is protected with a combination of AES 128 bit encryption and file permissions set for only the service specific OS user.

      Syntax for Aliases within configuration files:
      In order to facilitate the use of aliases but also preserve backward compatibility of config files, we will introduce a syntax for marking a value in a configuration file as an alias. A getSecret(String value) type utility method will encapsulate the recognition and parsing of an alias and the retrieval from CMF or return the provided value as the password.

      For instance, if a properties file were to require a password to be provided instead of:

      passwd=supersecret

      we would provide an alias as such:

      passwd=$

      {ALIAS=supersecret}

      At runtime, the value from the properties file is provided to the CMF.getSecret(value) method and it either resolves the alias (where it finds the alias syntax) or returns the value (when there is no alias syntax).

      1. HADOOP-9534.patch
        88 kB
        Larry McCay
      2. HADOOP-9534.patch
        88 kB
        Larry McCay
      3. HADOOP-9534.patch
        88 kB
        Larry McCay
      4. HADOOP-9534.patch
        88 kB
        Larry McCay
      5. CMF-overview.txt
        6 kB
        Larry McCay
      6. 0002-HADOOP-9534-Credential-Management-Framework-second-iteration-.patch
        82 kB
        Larry McCay
      7. 0001-HADOOP-9534-Credential-Management-Framework-initial-.patch
        83 kB
        Larry McCay

        Issue Links

          Activity

          Hide
          Larry McCay added a comment -

          This is an initial patch for the credential management framework.

          Show
          Larry McCay added a comment - This is an initial patch for the credential management framework.
          Hide
          Larry McCay added a comment -

          Initial Patch

          Show
          Larry McCay added a comment - Initial Patch
          Hide
          Hadoop QA added a comment -

          -1 overall. Here are the results of testing the latest attachment
          http://issues.apache.org/jira/secure/attachment/12594495/0001-HADOOP-9534-Credential-Management-Framework-initial-.patch
          against trunk revision .

          +1 @author. The patch does not contain any @author tags.

          +1 tests included. The patch appears to include 2 new or modified test files.

          -1 javac. The applied patch generated 1192 javac compiler warnings (more than the trunk's current 1151 warnings).

          -1 javadoc. The javadoc tool appears to have generated 24 warning messages.

          +1 eclipse:eclipse. The patch built with eclipse:eclipse.

          -1 findbugs. The patch appears to introduce 11 new Findbugs (version 1.3.9) warnings.

          -1 release audit. The applied patch generated 1 release audit warnings.

          +1 core tests. The patch passed unit tests in hadoop-common-project/hadoop-cmf.

          +1 contrib tests. The patch passed contrib unit tests.

          Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/2857//testReport/
          Release audit warnings: https://builds.apache.org/job/PreCommit-HADOOP-Build/2857//artifact/trunk/patchprocess/patchReleaseAuditProblems.txt
          Findbugs warnings: https://builds.apache.org/job/PreCommit-HADOOP-Build/2857//artifact/trunk/patchprocess/newPatchFindbugsWarningshadoop-cmf.html
          Javac warnings: https://builds.apache.org/job/PreCommit-HADOOP-Build/2857//artifact/trunk/patchprocess/diffJavacWarnings.txt
          Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/2857//console

          This message is automatically generated.

          Show
          Hadoop QA added a comment - -1 overall . Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12594495/0001-HADOOP-9534-Credential-Management-Framework-initial-.patch against trunk revision . +1 @author . The patch does not contain any @author tags. +1 tests included . The patch appears to include 2 new or modified test files. -1 javac . The applied patch generated 1192 javac compiler warnings (more than the trunk's current 1151 warnings). -1 javadoc . The javadoc tool appears to have generated 24 warning messages. +1 eclipse:eclipse . The patch built with eclipse:eclipse. -1 findbugs . The patch appears to introduce 11 new Findbugs (version 1.3.9) warnings. -1 release audit . The applied patch generated 1 release audit warnings. +1 core tests . The patch passed unit tests in hadoop-common-project/hadoop-cmf. +1 contrib tests . The patch passed contrib unit tests. Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/2857//testReport/ Release audit warnings: https://builds.apache.org/job/PreCommit-HADOOP-Build/2857//artifact/trunk/patchprocess/patchReleaseAuditProblems.txt Findbugs warnings: https://builds.apache.org/job/PreCommit-HADOOP-Build/2857//artifact/trunk/patchprocess/newPatchFindbugsWarningshadoop-cmf.html Javac warnings: https://builds.apache.org/job/PreCommit-HADOOP-Build/2857//artifact/trunk/patchprocess/diffJavacWarnings.txt Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/2857//console This message is automatically generated.
          Hide
          Larry McCay added a comment -

          I will investigate the QA related issues.

          Show
          Larry McCay added a comment - I will investigate the QA related issues.
          Hide
          Larry McCay added a comment -

          Canceling the previously attached patch due to QA findings.

          Show
          Larry McCay added a comment - Canceling the previously attached patch due to QA findings.
          Hide
          Larry McCay added a comment -

          This patch addresses the previous iteration's Hadoop QA findings - except for the use of sun classes. These are required at the moment and are in line with precedence set within the codebase already.

          Show
          Larry McCay added a comment - This patch addresses the previous iteration's Hadoop QA findings - except for the use of sun classes. These are required at the moment and are in line with precedence set within the codebase already.
          Hide
          Larry McCay added a comment -

          This patch addresses the previous iteration's Hadoop QA findings - except for the use of sun classes. These are required at the moment and are in line with precedence set within the codebase already.

          Show
          Larry McCay added a comment - This patch addresses the previous iteration's Hadoop QA findings - except for the use of sun classes. These are required at the moment and are in line with precedence set within the codebase already.
          Hide
          Hadoop QA added a comment -

          -1 overall. Here are the results of testing the latest attachment
          http://issues.apache.org/jira/secure/attachment/12594596/0002-HADOOP-9534-Credential-Management-Framework-second-iteration-.patch
          against trunk revision .

          +1 @author. The patch does not contain any @author tags.

          +1 tests included. The patch appears to include 2 new or modified test files.

          -1 javac. The patch appears to cause the build to fail.

          Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/2859//console

          This message is automatically generated.

          Show
          Hadoop QA added a comment - -1 overall . Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12594596/0002-HADOOP-9534-Credential-Management-Framework-second-iteration-.patch against trunk revision . +1 @author . The patch does not contain any @author tags. +1 tests included . The patch appears to include 2 new or modified test files. -1 javac . The patch appears to cause the build to fail. Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/2859//console This message is automatically generated.
          Hide
          Larry McCay added a comment -

          Can't reproduce a build failure - is there a way to trigger another build?

          Show
          Larry McCay added a comment - Can't reproduce a build failure - is there a way to trigger another build?
          Hide
          Larry McCay added a comment -

          Have javadoc issues to resolve.

          Show
          Larry McCay added a comment - Have javadoc issues to resolve.
          Hide
          Jason Lowe added a comment -

          Can't reproduce a build failure - is there a way to trigger another build?

          Uploading the same patch again is what most people do to trigger Jenkins again. Those with sufficient permissions on the build servers can trigger an explicit Jenkins build without uploading another patch.

          As for the build failure itself, you can see the details of the failure at https://builds.apache.org/job/PreCommit-HADOOP-Build/2859/artifact/trunk/patchprocess/patchJavacWarnings.txt. The build is complaining about MasterHolder, and that appears to be missing from the patch. Was a new file missed when the patch was generated?

          Show
          Jason Lowe added a comment - Can't reproduce a build failure - is there a way to trigger another build? Uploading the same patch again is what most people do to trigger Jenkins again. Those with sufficient permissions on the build servers can trigger an explicit Jenkins build without uploading another patch. As for the build failure itself, you can see the details of the failure at https://builds.apache.org/job/PreCommit-HADOOP-Build/2859/artifact/trunk/patchprocess/patchJavacWarnings.txt . The build is complaining about MasterHolder , and that appears to be missing from the patch. Was a new file missed when the patch was generated?
          Hide
          Larry McCay added a comment -

          Thanks, Jason!
          Yes, I failed to stage and commit the new file with the next patch.
          Should have tried to reproduce in a fresh clone instead of dev environment.
          Thanks again.

          Show
          Larry McCay added a comment - Thanks, Jason! Yes, I failed to stage and commit the new file with the next patch. Should have tried to reproduce in a fresh clone instead of dev environment. Thanks again.
          Hide
          Larry McCay added a comment -

          Cleaned up findbugs, javadocs, build failure, etc.

          Show
          Larry McCay added a comment - Cleaned up findbugs, javadocs, build failure, etc.
          Hide
          Hadoop QA added a comment -

          -1 overall. Here are the results of testing the latest attachment
          http://issues.apache.org/jira/secure/attachment/12594717/HADOOP-9534.patch
          against trunk revision .

          +1 @author. The patch does not contain any @author tags.

          +1 tests included. The patch appears to include 2 new or modified test files.

          -1 javac. The applied patch generated 1192 javac compiler warnings (more than the trunk's current 1151 warnings).

          -1 javadoc. The javadoc tool appears to have generated 11 warning messages.

          +1 eclipse:eclipse. The patch built with eclipse:eclipse.

          +1 findbugs. The patch does not introduce any new Findbugs (version 1.3.9) warnings.

          +1 release audit. The applied patch does not increase the total number of release audit warnings.

          +1 core tests. The patch passed unit tests in hadoop-common-project/hadoop-cmf.

          +1 contrib tests. The patch passed contrib unit tests.

          Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/2864//testReport/
          Javac warnings: https://builds.apache.org/job/PreCommit-HADOOP-Build/2864//artifact/trunk/patchprocess/diffJavacWarnings.txt
          Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/2864//console

          This message is automatically generated.

          Show
          Hadoop QA added a comment - -1 overall . Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12594717/HADOOP-9534.patch against trunk revision . +1 @author . The patch does not contain any @author tags. +1 tests included . The patch appears to include 2 new or modified test files. -1 javac . The applied patch generated 1192 javac compiler warnings (more than the trunk's current 1151 warnings). -1 javadoc . The javadoc tool appears to have generated 11 warning messages. +1 eclipse:eclipse . The patch built with eclipse:eclipse. +1 findbugs . The patch does not introduce any new Findbugs (version 1.3.9) warnings. +1 release audit . The applied patch does not increase the total number of release audit warnings. +1 core tests . The patch passed unit tests in hadoop-common-project/hadoop-cmf. +1 contrib tests . The patch passed contrib unit tests. Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/2864//testReport/ Javac warnings: https://builds.apache.org/job/PreCommit-HADOOP-Build/2864//artifact/trunk/patchprocess/diffJavacWarnings.txt Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/2864//console This message is automatically generated.
          Hide
          Larry McCay added a comment -

          The javac warnings are all for the sun specific security classes that CMF is using for creating keystores and generating self-signed certs. Is there a justification and/or warning suppression mechanism in place for this sort of situation?

          Here is a sample warning:
          > [WARNING] /home/jenkins/jenkins-slave/workspace/PreCommit-HADOOP-Build/trunk/hadoop-common-project/hadoop-cmf/src/main/java/org/apache/hadoop/security/cmf/impl/AbstractKeystoreService.java:[47,24] sun.security.x509.AlgorithmId is Sun proprietary API and may be removed in a future release

          Show
          Larry McCay added a comment - The javac warnings are all for the sun specific security classes that CMF is using for creating keystores and generating self-signed certs. Is there a justification and/or warning suppression mechanism in place for this sort of situation? Here is a sample warning: > [WARNING] /home/jenkins/jenkins-slave/workspace/PreCommit-HADOOP-Build/trunk/hadoop-common-project/hadoop-cmf/src/main/java/org/apache/hadoop/security/cmf/impl/AbstractKeystoreService.java: [47,24] sun.security.x509.AlgorithmId is Sun proprietary API and may be removed in a future release
          Hide
          Larry McCay added a comment -

          This JIRA is required by 9781 which introduces a JWT SSO token for Hadoop.

          Show
          Larry McCay added a comment - This JIRA is required by 9781 which introduces a JWT SSO token for Hadoop.
          Hide
          Larry McCay added a comment -

          The javac warnings for the use of com.sun classes is something that cannot be avoided and they are not indicative of a real issue in the code.

          Show
          Larry McCay added a comment - The javac warnings for the use of com.sun classes is something that cannot be avoided and they are not indicative of a real issue in the code.
          Hide
          Larry McCay added a comment -

          Latest patch revision.

          Show
          Larry McCay added a comment - Latest patch revision.
          Hide
          Hadoop QA added a comment -

          -1 overall. Here are the results of testing the latest attachment
          http://issues.apache.org/jira/secure/attachment/12595034/HADOOP-9534.patch
          against trunk revision .

          +1 @author. The patch does not contain any @author tags.

          +1 tests included. The patch appears to include 2 new or modified test files.

          -1 javac. The applied patch generated 1193 javac compiler warnings (more than the trunk's current 1152 warnings).

          -1 javadoc. The javadoc tool appears to have generated 11 warning messages.

          +1 eclipse:eclipse. The patch built with eclipse:eclipse.

          +1 findbugs. The patch does not introduce any new Findbugs (version 1.3.9) warnings.

          +1 release audit. The applied patch does not increase the total number of release audit warnings.

          +1 core tests. The patch passed unit tests in hadoop-common-project/hadoop-cmf.

          +1 contrib tests. The patch passed contrib unit tests.

          Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/2886//testReport/
          Javac warnings: https://builds.apache.org/job/PreCommit-HADOOP-Build/2886//artifact/trunk/patchprocess/diffJavacWarnings.txt
          Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/2886//console

          This message is automatically generated.

          Show
          Hadoop QA added a comment - -1 overall . Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12595034/HADOOP-9534.patch against trunk revision . +1 @author . The patch does not contain any @author tags. +1 tests included . The patch appears to include 2 new or modified test files. -1 javac . The applied patch generated 1193 javac compiler warnings (more than the trunk's current 1152 warnings). -1 javadoc . The javadoc tool appears to have generated 11 warning messages. +1 eclipse:eclipse . The patch built with eclipse:eclipse. +1 findbugs . The patch does not introduce any new Findbugs (version 1.3.9) warnings. +1 release audit . The applied patch does not increase the total number of release audit warnings. +1 core tests . The patch passed unit tests in hadoop-common-project/hadoop-cmf. +1 contrib tests . The patch passed contrib unit tests. Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/2886//testReport/ Javac warnings: https://builds.apache.org/job/PreCommit-HADOOP-Build/2886//artifact/trunk/patchprocess/diffJavacWarnings.txt Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/2886//console This message is automatically generated.
          Hide
          Larry McCay added a comment -

          Changed TestCMF to use test.build.data System property for temp directory.

          Show
          Larry McCay added a comment - Changed TestCMF to use test.build.data System property for temp directory.
          Hide
          Hadoop QA added a comment -

          -1 overall. Here are the results of testing the latest attachment
          http://issues.apache.org/jira/secure/attachment/12595177/HADOOP-9534.patch
          against trunk revision .

          +1 @author. The patch does not contain any @author tags.

          +1 tests included. The patch appears to include 2 new or modified test files.

          -1 javac. The applied patch generated 1193 javac compiler warnings (more than the trunk's current 1152 warnings).

          -1 javadoc. The javadoc tool appears to have generated 11 warning messages.

          +1 eclipse:eclipse. The patch built with eclipse:eclipse.

          +1 findbugs. The patch does not introduce any new Findbugs (version 1.3.9) warnings.

          +1 release audit. The applied patch does not increase the total number of release audit warnings.

          +1 core tests. The patch passed unit tests in hadoop-common-project/hadoop-cmf.

          +1 contrib tests. The patch passed contrib unit tests.

          Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/2893//testReport/
          Javac warnings: https://builds.apache.org/job/PreCommit-HADOOP-Build/2893//artifact/trunk/patchprocess/diffJavacWarnings.txt
          Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/2893//console

          This message is automatically generated.

          Show
          Hadoop QA added a comment - -1 overall . Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12595177/HADOOP-9534.patch against trunk revision . +1 @author . The patch does not contain any @author tags. +1 tests included . The patch appears to include 2 new or modified test files. -1 javac . The applied patch generated 1193 javac compiler warnings (more than the trunk's current 1152 warnings). -1 javadoc . The javadoc tool appears to have generated 11 warning messages. +1 eclipse:eclipse . The patch built with eclipse:eclipse. +1 findbugs . The patch does not introduce any new Findbugs (version 1.3.9) warnings. +1 release audit . The applied patch does not increase the total number of release audit warnings. +1 core tests . The patch passed unit tests in hadoop-common-project/hadoop-cmf. +1 contrib tests . The patch passed contrib unit tests. Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/2893//testReport/ Javac warnings: https://builds.apache.org/job/PreCommit-HADOOP-Build/2893//artifact/trunk/patchprocess/diffJavacWarnings.txt Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/2893//console This message is automatically generated.
          Hide
          Larry McCay added a comment -

          The remaining 11 javadoc warnings are related to the same use of sun classes for certificate generation. They cannot be avoided and do not indicate any real issue with the code.

          Show
          Larry McCay added a comment - The remaining 11 javadoc warnings are related to the same use of sun classes for certificate generation. They cannot be avoided and do not indicate any real issue with the code.
          Hide
          Larry McCay added a comment -

          I would like to request a review of this patch at this time.

          Show
          Larry McCay added a comment - I would like to request a review of this patch at this time.
          Hide
          Larry McCay added a comment -

          Overview of the CMF library

          Show
          Larry McCay added a comment - Overview of the CMF library
          Hide
          Hadoop QA added a comment -

          -1 overall. Here are the results of testing the latest attachment
          http://issues.apache.org/jira/secure/attachment/12595768/CMF-overview.txt
          against trunk revision .

          -1 patch. The patch command could not apply the patch.

          Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/2918//console

          This message is automatically generated.

          Show
          Hadoop QA added a comment - -1 overall . Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12595768/CMF-overview.txt against trunk revision . -1 patch . The patch command could not apply the patch. Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/2918//console This message is automatically generated.
          Hide
          Larry McCay added a comment -

          hmmmmm, it seems that attaching any other file kicks off the jenkins job for a patch if you still have an available patch. Should really check that it is grabbing the most recent .patch file. I apologize for the Hadoop QA spam. I guess I will reattach the most recent patch so that it has it as the most recent attachment.

          Show
          Larry McCay added a comment - hmmmmm, it seems that attaching any other file kicks off the jenkins job for a patch if you still have an available patch. Should really check that it is grabbing the most recent .patch file. I apologize for the Hadoop QA spam. I guess I will reattach the most recent patch so that it has it as the most recent attachment.
          Hide
          Larry McCay added a comment -

          Most recent patch revision.

          Show
          Larry McCay added a comment - Most recent patch revision.
          Hide
          Hadoop QA added a comment -

          -1 overall. Here are the results of testing the latest attachment
          http://issues.apache.org/jira/secure/attachment/12595769/HADOOP-9534.patch
          against trunk revision .

          +1 @author. The patch does not contain any @author tags.

          +1 tests included. The patch appears to include 2 new or modified test files.

          -1 javac. The applied patch generated 1190 javac compiler warnings (more than the trunk's current 1149 warnings).

          -1 javadoc. The javadoc tool appears to have generated 11 warning messages.

          +1 eclipse:eclipse. The patch built with eclipse:eclipse.

          +1 findbugs. The patch does not introduce any new Findbugs (version 1.3.9) warnings.

          +1 release audit. The applied patch does not increase the total number of release audit warnings.

          +1 core tests. The patch passed unit tests in hadoop-common-project/hadoop-cmf.

          +1 contrib tests. The patch passed contrib unit tests.

          Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/2919//testReport/
          Javac warnings: https://builds.apache.org/job/PreCommit-HADOOP-Build/2919//artifact/trunk/patchprocess/diffJavacWarnings.txt
          Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/2919//console

          This message is automatically generated.

          Show
          Hadoop QA added a comment - -1 overall . Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12595769/HADOOP-9534.patch against trunk revision . +1 @author . The patch does not contain any @author tags. +1 tests included . The patch appears to include 2 new or modified test files. -1 javac . The applied patch generated 1190 javac compiler warnings (more than the trunk's current 1149 warnings). -1 javadoc . The javadoc tool appears to have generated 11 warning messages. +1 eclipse:eclipse . The patch built with eclipse:eclipse. +1 findbugs . The patch does not introduce any new Findbugs (version 1.3.9) warnings. +1 release audit . The applied patch does not increase the total number of release audit warnings. +1 core tests . The patch passed unit tests in hadoop-common-project/hadoop-cmf. +1 contrib tests . The patch passed contrib unit tests. Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/2919//testReport/ Javac warnings: https://builds.apache.org/job/PreCommit-HADOOP-Build/2919//artifact/trunk/patchprocess/diffJavacWarnings.txt Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/2919//console This message is automatically generated.
          Hide
          Daryn Sharp added a comment -

          Instead of the sun classes, is it possible to use the java.security and javax.security classes? Sometimes javax is providing a wrapper for sun classes to buffer the jdk from future removal. At first glance, it looks like you may have reimplemented some of them.

          Show
          Daryn Sharp added a comment - Instead of the sun classes, is it possible to use the java.security and javax.security classes? Sometimes javax is providing a wrapper for sun classes to buffer the jdk from future removal. At first glance, it looks like you may have reimplemented some of them.
          Hide
          Larry McCay added a comment -

          Thanks for taking a look at this, Daryn! I didn't think that there were any in those spaces. I will reinvestigate. Do you have any specific ones in mind that I may have reimplemented?

          Show
          Larry McCay added a comment - Thanks for taking a look at this, Daryn! I didn't think that there were any in those spaces. I will reinvestigate. Do you have any specific ones in mind that I may have reimplemented?
          Hide
          Larry McCay added a comment -

          I can't find any java/x.security classes for signing X509 certs. I have often wondered why this has been left this way. Bouncy Castle is the only other alternative that I can think of and we don't need all of that.

          Show
          Larry McCay added a comment - I can't find any java/x.security classes for signing X509 certs. I have often wondered why this has been left this way. Bouncy Castle is the only other alternative that I can think of and we don't need all of that.
          Hide
          Owen O'Malley added a comment -

          I think we should separate the key alias concerns from the encryption concerns. In particular, applications like the crypto file system (cfs) are going to want to use a different style of encryption than the one proposed here. I'd also like to support key versions so that the keys can be rolled while supporting the old key versions.

          Show
          Owen O'Malley added a comment - I think we should separate the key alias concerns from the encryption concerns. In particular, applications like the crypto file system (cfs) are going to want to use a different style of encryption than the one proposed here. I'd also like to support key versions so that the keys can be rolled while supporting the old key versions.
          Hide
          Larry McCay added a comment -

          Agreed, crypto should be left to the consumers of CMF. Adding it here is overstepping. I will remove the crypto aspect, and refactor the design to accommodate versioning of keys under a given alias. I believe this is what you mean. I have also converted this Jira from a subtask to an issue to stand on its own - since it will have additional consumers.
          Thank you for the review!

          Show
          Larry McCay added a comment - Agreed, crypto should be left to the consumers of CMF. Adding it here is overstepping. I will remove the crypto aspect, and refactor the design to accommodate versioning of keys under a given alias. I believe this is what you mean. I have also converted this Jira from a subtask to an issue to stand on its own - since it will have additional consumers. Thank you for the review!
          Hide
          Larry McCay added a comment -

          This jira has been superseded by HADOOP-10141 and HADOOP-10607. All related work will be done there.

          Show
          Larry McCay added a comment - This jira has been superseded by HADOOP-10141 and HADOOP-10607 . All related work will be done there.

            People

            • Assignee:
              Larry McCay
              Reporter:
              Larry McCay
            • Votes:
              0 Vote for this issue
              Watchers:
              24 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Time Tracking

                Estimated:
                Original Estimate - 504h
                504h
                Remaining:
                Remaining Estimate - 504h
                504h
                Logged:
                Time Spent - Not Specified
                Not Specified

                  Development