Uploaded image for project: 'Hadoop HDFS'
  1. Hadoop HDFS
  2. HDFS-15284

Add SM4 encryption method for HDFS

VotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

    Details

    • Type: New Feature
    • Status: Resolved
    • Priority: Major
    • Resolution: Duplicate
    • Affects Version/s: 3.4.0
    • Fix Version/s: None
    • Component/s: hdfs
    • Labels:
      None

      Description

      SM4 (formerly SMS4)is a block cipher used in the Chinese National Standard for Wireless LAN WAPI (Wired Authentication and Privacy Infrastructure). please see:
      https://en.wikipedia.org/wiki/SM4_(cipher)

      patch to hadoop trunk branch

      Use sm4 on hdfs as follows:
      1.download Bouncy Castle Crypto APIs from bouncycastle.org
      https://bouncycastle.org/download/bcprov-ext-jdk15on-165.jar
      2.Configure JDK
      Place bcprov-ext-jdk15on-165.jar in $JAVA_HOME/jre/lib/ext directory,
      add "security.provider.10=org.bouncycastle.jce.provider.BouncyCastleProvider" to $JAVA_HOME/jre/lib/security/java.security file
      3.Configure Hadoop KMS
      4.test HDFS sm4
      hadoop key create key1 -cipher 'SM4/CTR/NoPadding'
      hdfs dfs -mkdir /benchmarks
      hdfs crypto -createZone -keyName key1 -path /benchmarks

      requires:
      1.openssl version >=1.1.1
      2.configure Bouncy Castle Crypto on JDK

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              zZtai zZtai

              Dates

              • Created:
                Updated:
                Resolved:

                Issue deployment