diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/regionserver/wal/SecureWALCellCodec.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/regionserver/wal/SecureWALCellCodec.java index 4ee3738..a516fef 100644 --- a/hbase-server/src/main/java/org/apache/hadoop/hbase/regionserver/wal/SecureWALCellCodec.java +++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/regionserver/wal/SecureWALCellCodec.java @@ -46,6 +46,10 @@ public class SecureWALCellCodec extends WALCellCodec { private Encryptor encryptor; private Decryptor decryptor; + public SecureWALCellCodec(Configuration conf, CompressionContext compression) { + super(conf, compression); + } + public SecureWALCellCodec(Configuration conf, Encryptor encryptor) { super(conf, null); this.encryptor = encryptor; @@ -68,11 +72,16 @@ public class SecureWALCellCodec extends WALCellCodec { public EncryptedKvDecoder(InputStream in, Decryptor decryptor) { super(in); this.decryptor = decryptor; - this.iv = new byte[decryptor.getIvLength()]; + if (decryptor != null) { + this.iv = new byte[decryptor.getIvLength()]; + } } @Override protected Cell parseCell() throws IOException { + if (this.iv == null) { + return super.parseCell(); + } int ivLength = 0; try { ivLength = StreamUtils.readRawVarint32(in); @@ -171,6 +180,10 @@ public class SecureWALCellCodec extends WALCellCodec { @Override public void write(Cell cell) throws IOException { if (!(cell instanceof KeyValue)) throw new IOException("Cannot write non-KV cells to WAL"); + if (encryptor == null) { + super.write(cell); + return; + } KeyValue kv = (KeyValue)cell; byte[] kvBuffer = kv.getBuffer(); diff --git a/hbase-server/src/test/java/org/apache/hadoop/hbase/regionserver/wal/TestHLogReaderOnSecureHLog.java b/hbase-server/src/test/java/org/apache/hadoop/hbase/regionserver/wal/TestHLogReaderOnSecureHLog.java index a7657e0..4a9a395 100644 --- a/hbase-server/src/test/java/org/apache/hadoop/hbase/regionserver/wal/TestHLogReaderOnSecureHLog.java +++ b/hbase-server/src/test/java/org/apache/hadoop/hbase/regionserver/wal/TestHLogReaderOnSecureHLog.java @@ -43,7 +43,6 @@ import org.apache.hadoop.hbase.testclassification.RegionServerTests; import org.apache.hadoop.hbase.TableName; import org.apache.hadoop.hbase.io.crypto.KeyProviderForTesting; import org.apache.hadoop.hbase.protobuf.generated.ZooKeeperProtos.SplitLogTask.RecoveryMode; -import org.apache.hadoop.hbase.regionserver.wal.TestCustomWALCellCodec.CustomWALCellCodec; import org.apache.hadoop.hbase.util.Bytes; import org.apache.hadoop.hbase.util.FSUtils; import org.apache.hadoop.hbase.zookeeper.ZKSplitLog; @@ -74,11 +73,16 @@ public class TestHLogReaderOnSecureHLog { conf.setBoolean(HConstants.ENABLE_WAL_ENCRYPTION, true); } - private Path writeWAL(String tblName) throws IOException { + private Path writeWAL(String tblName, boolean encrypt) throws IOException { Configuration conf = TEST_UTIL.getConfiguration(); String clsName = conf.get(WALCellCodec.WAL_CELL_CODEC_CLASS_KEY, WALCellCodec.class.getName()); - conf.setClass(WALCellCodec.WAL_CELL_CODEC_CLASS_KEY, CustomWALCellCodec.class, + conf.setClass(WALCellCodec.WAL_CELL_CODEC_CLASS_KEY, SecureWALCellCodec.class, WALCellCodec.class); + if (encrypt) { + conf.set("hbase.regionserver.wal.encryption", "true"); + } else { + conf.set("hbase.regionserver.wal.encryption", "false"); + } TableName tableName = TableName.valueOf(tblName); HTableDescriptor htd = new HTableDescriptor(tableName); htd.addFamily(new HColumnDescriptor(tableName.getName())); @@ -116,7 +120,7 @@ public class TestHLogReaderOnSecureHLog { conf.setClass("hbase.regionserver.hlog.writer.impl", SecureProtobufLogWriter.class, HLog.Writer.class); FileSystem fs = TEST_UTIL.getTestFileSystem(); - Path walPath = writeWAL("testHLogReaderOnSecureHLog"); + Path walPath = writeWAL("testHLogReaderOnSecureHLog", true); // Insure edits are not plaintext long length = fs.getFileStatus(walPath).getLen(); @@ -160,7 +164,7 @@ public class TestHLogReaderOnSecureHLog { conf.setClass("hbase.regionserver.hlog.writer.impl", ProtobufLogWriter.class, HLog.Writer.class); FileSystem fs = TEST_UTIL.getTestFileSystem(); - Path walPath = writeWAL("testSecureHLogReaderOnHLog"); + Path walPath = writeWAL("testSecureHLogReaderOnHLog", false); // Ensure edits are plaintext long length = fs.getFileStatus(walPath).getLen();