[HDFS-15284] Add SM4 encryption method for HDFS - ASF JIRA

Voters

Watch issue

Watchers

Create sub-task

Link

Clone

Update Comment Author

Replace String in Comment

Update Comment Visibility

Delete Comments

XML

Word

Printable

JSON

Details

Type: New Feature
Status: Resolved
Priority: Major
Resolution: Duplicate
Affects Version/s: 3.4.0
Fix Version/s: None
Component/s: hdfs
Labels:
None

Description

SM4 (formerly SMS4)is a block cipher used in the Chinese National Standard for Wireless LAN WAPI (Wired Authentication and Privacy Infrastructure). please see:
https://en.wikipedia.org/wiki/SM4_(cipher)

patch to hadoop trunk branch

Use sm4 on hdfs as follows:
1.download Bouncy Castle Crypto APIs from bouncycastle.org
https://bouncycastle.org/download/bcprov-ext-jdk15on-165.jar
2.Configure JDK
Place bcprov-ext-jdk15on-165.jar in $JAVA_HOME/jre/lib/ext directory,
add "security.provider.10=org.bouncycastle.jce.provider.BouncyCastleProvider" to $JAVA_HOME/jre/lib/security/java.security file
3.Configure Hadoop KMS
4.test HDFS sm4
hadoop key create key1 -cipher 'SM4/CTR/NoPadding'
hdfs dfs -mkdir /benchmarks
hdfs crypto -createZone -keyName key1 -path /benchmarks

requires:
1.openssl version >=1.1.1
2.configure Bouncy Castle Crypto on JDK

Attachments

Activity

Comment

$i18n.getText('security.level.explanation', $currentSelection) Viewable by All Users

Cancel

People

Assignee:

Unassigned

Reporter:

zZtai

Votes:

0 Vote for this issue

Watchers:

1 Start watching this issue

Dates

Created:

17/Apr/20 06:50

Updated:

29/Apr/20 09:51

Resolved:

29/Apr/20 09:51

Agile

View on Board