public _PrivilegedExceptionAction_478(KMSClientProvider _enclosing, Uri url, string doAsUser) { this._enclosing = _enclosing; this.url = url; this.doAsUser = doAsUser; }
public virtual void TestLoadBalancing() { Configuration conf = new Configuration(); KMSClientProvider p1 = Org.Mockito.Mockito.Mock <KMSClientProvider>(); Org.Mockito.Mockito.When(p1.CreateKey(Org.Mockito.Mockito.AnyString(), Org.Mockito.Mockito .Any <KeyProvider.Options>())).ThenReturn(new KMSClientProvider.KMSKeyVersion("p1" , "v1", new byte[0])); KMSClientProvider p2 = Org.Mockito.Mockito.Mock <KMSClientProvider>(); Org.Mockito.Mockito.When(p2.CreateKey(Org.Mockito.Mockito.AnyString(), Org.Mockito.Mockito .Any <KeyProvider.Options>())).ThenReturn(new KMSClientProvider.KMSKeyVersion("p2" , "v2", new byte[0])); KMSClientProvider p3 = Org.Mockito.Mockito.Mock <KMSClientProvider>(); Org.Mockito.Mockito.When(p3.CreateKey(Org.Mockito.Mockito.AnyString(), Org.Mockito.Mockito .Any <KeyProvider.Options>())).ThenReturn(new KMSClientProvider.KMSKeyVersion("p3" , "v3", new byte[0])); KeyProvider kp = new LoadBalancingKMSClientProvider(new KMSClientProvider[] { p1, p2, p3 }, 0, conf); Assert.Equal("p1", kp.CreateKey("test1", new KeyProvider.Options (conf)).GetName()); Assert.Equal("p2", kp.CreateKey("test2", new KeyProvider.Options (conf)).GetName()); Assert.Equal("p3", kp.CreateKey("test3", new KeyProvider.Options (conf)).GetName()); Assert.Equal("p1", kp.CreateKey("test4", new KeyProvider.Options (conf)).GetName()); }
/// <exception cref="System.IO.IOException"/> private KeyProvider CreateProvider(URI providerUri, Configuration conf, Uri origUrl , int port, string hostsPart) { string[] hosts = hostsPart.Split(";"); if (hosts.Length == 1) { return(new KMSClientProvider(providerUri, conf)); } else { KMSClientProvider[] providers = new KMSClientProvider[hosts.Length]; for (int i = 0; i < hosts.Length; i++) { try { providers[i] = new KMSClientProvider(new URI("kms", origUrl.Scheme, hosts[i], port , origUrl.AbsolutePath, null, null), conf); } catch (URISyntaxException e) { throw new IOException("Could not instantiate KMSProvider..", e); } } return(new LoadBalancingKMSClientProvider(providers, conf)); } }
public virtual void TestLoadBalancingWithFailure() { Configuration conf = new Configuration(); KMSClientProvider p1 = Org.Mockito.Mockito.Mock <KMSClientProvider>(); Org.Mockito.Mockito.When(p1.CreateKey(Org.Mockito.Mockito.AnyString(), Org.Mockito.Mockito .Any <KeyProvider.Options>())).ThenReturn(new KMSClientProvider.KMSKeyVersion("p1" , "v1", new byte[0])); Org.Mockito.Mockito.When(p1.GetKMSUrl()).ThenReturn("p1"); // This should not be retried KMSClientProvider p2 = Org.Mockito.Mockito.Mock <KMSClientProvider>(); Org.Mockito.Mockito.When(p2.CreateKey(Org.Mockito.Mockito.AnyString(), Org.Mockito.Mockito .Any <KeyProvider.Options>())).ThenThrow(new NoSuchAlgorithmException("p2")); Org.Mockito.Mockito.When(p2.GetKMSUrl()).ThenReturn("p2"); KMSClientProvider p3 = Org.Mockito.Mockito.Mock <KMSClientProvider>(); Org.Mockito.Mockito.When(p3.CreateKey(Org.Mockito.Mockito.AnyString(), Org.Mockito.Mockito .Any <KeyProvider.Options>())).ThenReturn(new KMSClientProvider.KMSKeyVersion("p3" , "v3", new byte[0])); Org.Mockito.Mockito.When(p3.GetKMSUrl()).ThenReturn("p3"); // This should be retried KMSClientProvider p4 = Org.Mockito.Mockito.Mock <KMSClientProvider>(); Org.Mockito.Mockito.When(p4.CreateKey(Org.Mockito.Mockito.AnyString(), Org.Mockito.Mockito .Any <KeyProvider.Options>())).ThenThrow(new IOException("p4")); Org.Mockito.Mockito.When(p4.GetKMSUrl()).ThenReturn("p4"); KeyProvider kp = new LoadBalancingKMSClientProvider(new KMSClientProvider[] { p1, p2, p3, p4 }, 0, conf); Assert.Equal("p1", kp.CreateKey("test4", new KeyProvider.Options (conf)).GetName()); // Exceptions other than IOExceptions will not be retried try { kp.CreateKey("test1", new KeyProvider.Options(conf)).GetName(); NUnit.Framework.Assert.Fail("Should fail since its not an IOException"); } catch (Exception e) { Assert.True(e is NoSuchAlgorithmException); } Assert.Equal("p3", kp.CreateKey("test2", new KeyProvider.Options (conf)).GetName()); // IOException will trigger retry in next provider Assert.Equal("p1", kp.CreateKey("test3", new KeyProvider.Options (conf)).GetName()); }
/* It's possible to specify a timeout, in seconds, in the config file */ /* Number of times to retry authentication in the event of auth failure * (normally happens due to stale authToken) */ /// <exception cref="System.IO.IOException"/> public virtual void FillQueueForKey(string keyName, Queue <KeyProviderCryptoExtension.EncryptedKeyVersion > keyQueue, int numEKVs) { KMSClientProvider.CheckNotNull(keyName, "keyName"); IDictionary <string, string> @params = new Dictionary <string, string>(); @params[KMSRESTConstants.EekOp] = KMSRESTConstants.EekGenerate; @params[KMSRESTConstants.EekNumKeys] = string.Empty + numEKVs; Uri url = this._enclosing.CreateURL(KMSRESTConstants.KeyResource, keyName, KMSRESTConstants .EekSubResource, @params); HttpURLConnection conn = this._enclosing.CreateConnection(url, KMSClientProvider. HttpGet); conn.SetRequestProperty(KMSClientProvider.ContentType, KMSClientProvider.ApplicationJsonMime ); IList response = this._enclosing.Call <IList>(conn, null, HttpURLConnection.HttpOk ); IList <KeyProviderCryptoExtension.EncryptedKeyVersion> ekvs = KMSClientProvider.ParseJSONEncKeyVersion (keyName, response); Collections.AddAll(keyQueue, ekvs); }
/// <exception cref="System.IO.IOException"/> private T DoOp <T>(LoadBalancingKMSClientProvider.ProviderCallable <T> op, int currPos ) { IOException ex = null; for (int i = 0; i < providers.Length; i++) { KMSClientProvider provider = providers[(currPos + i) % providers.Length]; try { return(op.Call(provider)); } catch (IOException ioe) { Log.Warn("KMS provider at [{}] threw an IOException [{}]!!", provider.GetKMSUrl() , ioe.Message); ex = ioe; } catch (Exception e) { if (e is RuntimeException) { throw (RuntimeException)e; } else { throw new LoadBalancingKMSClientProvider.WrapperException(e); } } } if (ex != null) { Log.Warn("Aborting since the Request has failed with all KMS" + " providers in the group. !!" ); throw ex; } throw new IOException("No providers configured !!"); }
public virtual void TestLoadBalancingWithAllBadNodes() { Configuration conf = new Configuration(); KMSClientProvider p1 = Org.Mockito.Mockito.Mock <KMSClientProvider>(); Org.Mockito.Mockito.When(p1.CreateKey(Org.Mockito.Mockito.AnyString(), Org.Mockito.Mockito .Any <KeyProvider.Options>())).ThenThrow(new IOException("p1")); KMSClientProvider p2 = Org.Mockito.Mockito.Mock <KMSClientProvider>(); Org.Mockito.Mockito.When(p2.CreateKey(Org.Mockito.Mockito.AnyString(), Org.Mockito.Mockito .Any <KeyProvider.Options>())).ThenThrow(new IOException("p2")); KMSClientProvider p3 = Org.Mockito.Mockito.Mock <KMSClientProvider>(); Org.Mockito.Mockito.When(p3.CreateKey(Org.Mockito.Mockito.AnyString(), Org.Mockito.Mockito .Any <KeyProvider.Options>())).ThenThrow(new IOException("p3")); KMSClientProvider p4 = Org.Mockito.Mockito.Mock <KMSClientProvider>(); Org.Mockito.Mockito.When(p4.CreateKey(Org.Mockito.Mockito.AnyString(), Org.Mockito.Mockito .Any <KeyProvider.Options>())).ThenThrow(new IOException("p4")); Org.Mockito.Mockito.When(p1.GetKMSUrl()).ThenReturn("p1"); Org.Mockito.Mockito.When(p2.GetKMSUrl()).ThenReturn("p2"); Org.Mockito.Mockito.When(p3.GetKMSUrl()).ThenReturn("p3"); Org.Mockito.Mockito.When(p4.GetKMSUrl()).ThenReturn("p4"); KeyProvider kp = new LoadBalancingKMSClientProvider(new KMSClientProvider[] { p1, p2, p3, p4 }, 0, conf); try { kp.CreateKey("test3", new KeyProvider.Options(conf)).GetName(); NUnit.Framework.Assert.Fail("Should fail since all providers threw an IOException" ); } catch (Exception e) { Assert.True(e is IOException); } }
/// <exception cref="System.IO.IOException"/> public KeyProvider.KeyVersion Call(KMSClientProvider provider) { return(provider.GetKeyVersion(versionName)); }
/// <exception cref="System.IO.IOException"/> /// <exception cref="NoSuchAlgorithmException"/> public KeyProvider.KeyVersion Call(KMSClientProvider provider) { return(provider.RollNewVersion(name)); }
/// <exception cref="System.IO.IOException"/> public Void Call(KMSClientProvider provider) { provider.DeleteKey(name); return(null); }
/// <exception cref="System.IO.IOException"/> /// <exception cref="NoSuchAlgorithmException"/> public KeyProvider.KeyVersion Call(KMSClientProvider provider) { return(provider.CreateKey(name, options)); }
/// <exception cref="System.IO.IOException"/> public KeyProvider.Metadata Call(KMSClientProvider provider) { return(provider.GetMetadata(name)); }
/// <exception cref="System.IO.IOException"/> public KeyProvider.KeyVersion Call(KMSClientProvider provider) { return(provider.GetCurrentKey(name)); }
/// <exception cref="System.IO.IOException"/> public IList <KeyProvider.KeyVersion> Call(KMSClientProvider provider) { return(provider.GetKeyVersions(name)); }
/// <exception cref="System.IO.IOException"/> public KeyProvider.Metadata[] Call(KMSClientProvider provider) { return(provider.GetKeysMetadata(names)); }
/// <exception cref="System.IO.IOException"/> public IList <string> Call(KMSClientProvider provider) { return(provider.GetKeys()); }
internal EncryptedQueueRefiller(KMSClientProvider _enclosing) { this._enclosing = _enclosing; }
/// <exception cref="System.IO.IOException"/> /// <exception cref="GeneralSecurityException"/> public KeyProvider.KeyVersion Call(KMSClientProvider provider) { return(provider.DecryptEncryptedKey(encryptedKeyVersion)); }
/// <exception cref="System.IO.IOException"/> /// <exception cref="GeneralSecurityException"/> public KeyProviderCryptoExtension.EncryptedKeyVersion Call(KMSClientProvider provider ) { return(provider.GenerateEncryptedKey(encryptionKeyName)); }
/// <exception cref="System.IO.IOException"/> public Org.Apache.Hadoop.Security.Token.Token <object>[] Call(KMSClientProvider provider ) { return(provider.AddDelegationTokens(renewer, credentials)); }