public virtual void TestOptions()
{
Configuration conf = new Configuration();
conf.Set(KeyProvider.DefaultCipherName, "myCipher");
conf.SetInt(KeyProvider.DefaultBitlengthName, 512);
IDictionary <string, string> attributes = new Dictionary <string, string>();
attributes["a"] = "A";
KeyProvider.Options options = KeyProvider.Options(conf);
Assert.Equal("myCipher", options.GetCipher());
Assert.Equal(512, options.GetBitLength());
options.SetCipher("yourCipher");
options.SetDescription("description");
options.SetAttributes(attributes);
options.SetBitLength(128);
Assert.Equal("yourCipher", options.GetCipher());
Assert.Equal(128, options.GetBitLength());
Assert.Equal("description", options.GetDescription());
Assert.Equal(attributes, options.GetAttributes());
options = KeyProvider.Options(new Configuration());
Assert.Equal(KeyProvider.DefaultCipher, options.GetCipher());
Assert.Equal(KeyProvider.DefaultBitlength, options.GetBitLength
());
}
public CreateCommand(KeyShell _enclosing, string keyName, KeyProvider.Options options
)
: base(_enclosing)
{
this._enclosing = _enclosing;
this.keyName = keyName;
this.options = options;
}
public static void Setup()
{
conf = new Configuration();
kp = new UserProvider.Factory().CreateProvider(new URI("user:///"), conf);
kpExt = KeyProviderCryptoExtension.CreateKeyProviderCryptoExtension(kp);
options = new KeyProvider.Options(conf);
options.SetCipher(Cipher);
options.SetBitLength(128);
encryptionKey = kp.CreateKey(EncryptionKeyName, SecureRandom.GetSeed(16), options
);
}
public virtual void TestMaterialGeneration()
{
TestKeyProvider.MyKeyProvider kp = new TestKeyProvider.MyKeyProvider(new Configuration
());
KeyProvider.Options options = new KeyProvider.Options(new Configuration());
options.SetCipher(Cipher);
options.SetBitLength(128);
kp.CreateKey("hello", options);
Assert.Equal(128, kp.size);
Assert.Equal(Cipher, kp.algorithm);
NUnit.Framework.Assert.IsNotNull(kp.material);
kp = new TestKeyProvider.MyKeyProvider(new Configuration());
kp.RollNewVersion("hello");
Assert.Equal(128, kp.size);
Assert.Equal(Cipher, kp.algorithm);
NUnit.Framework.Assert.IsNotNull(kp.material);
}
/// <summary>Create a new key generating the material for it.</summary>
/// <remarks>
/// Create a new key generating the material for it.
/// The given key must not already exist.
/// <p/>
/// This implementation generates the key material and calls the
/// <see cref="CreateKey(string, byte[], Options)"/>
/// method.
/// </remarks>
/// <param name="name">the base name of the key</param>
/// <param name="options">the options for the new key.</param>
/// <returns>the version name of the first version of the key.</returns>
/// <exception cref="System.IO.IOException"/>
/// <exception cref="NoSuchAlgorithmException"/>
public virtual KeyProvider.KeyVersion CreateKey(string name, KeyProvider.Options
options)
{
byte[] material = GenerateKey(options.GetBitLength(), options.GetCipher());
return(CreateKey(name, material, options));
}
/// <summary>Create a new key.</summary>
/// <remarks>Create a new key. The given key must not already exist.</remarks>
/// <param name="name">the base name of the key</param>
/// <param name="material">the key material for the first version of the key.</param>
/// <param name="options">the options for the new key.</param>
/// <returns>the version name of the first version of the key.</returns>
/// <exception cref="System.IO.IOException"/>
public abstract KeyProvider.KeyVersion CreateKey(string name, byte[] material, KeyProvider.Options
options);
/// <exception cref="System.IO.IOException"/>
public override KeyProvider.KeyVersion CreateKey(string name, byte[] material, KeyProvider.Options
options)
{
this.material = material;
return(null);
}
/// <exception cref="System.IO.IOException"/>
public override KeyProvider.KeyVersion CreateKey(string name, byte[] material, KeyProvider.Options
options)
{
Preconditions.CheckArgument(name.Equals(StringUtils.ToLowerCase(name)), "Uppercase key names are unsupported: %s"
, name);
writeLock.Lock();
try
{
try
{
if (keyStore.ContainsAlias(name) || cache.Contains(name))
{
throw new IOException("Key " + name + " already exists in " + this);
}
}
catch (KeyStoreException e)
{
throw new IOException("Problem looking up key " + name + " in " + this, e);
}
KeyProvider.Metadata meta = new KeyProvider.Metadata(options.GetCipher(), options
.GetBitLength(), options.GetDescription(), options.GetAttributes(), new DateTime
(), 1);
if (options.GetBitLength() != 8 * material.Length)
{
throw new IOException("Wrong key length. Required " + options.GetBitLength() + ", but got "
+ (8 * material.Length));
}
cache[name] = meta;
string versionName = BuildVersionName(name, 0);
return(InnerSetKeyVersion(name, versionName, material, meta.GetCipher()));
}
finally
{
writeLock.Unlock();
}
}
/// <summary>
/// Parse the command line arguments and initialize the data
/// <pre>
/// % hadoop key create keyName [-size size] [-cipher algorithm]
/// [-provider providerPath]
/// % hadoop key roll keyName [-provider providerPath]
/// % hadoop key list [-provider providerPath]
/// % hadoop key delete keyName [-provider providerPath] [-i]
/// </pre>
/// </summary>
/// <param name="args">Command line arguments.</param>
/// <returns>0 on success, 1 on failure.</returns>
/// <exception cref="System.IO.IOException"/>
private int Init(string[] args)
{
KeyProvider.Options options = KeyProvider.Options(GetConf());
IDictionary <string, string> attributes = new Dictionary <string, string>();
for (int i = 0; i < args.Length; i++)
{
// parse command line
bool moreTokens = (i < args.Length - 1);
if (args[i].Equals("create"))
{
string keyName = "-help";
if (moreTokens)
{
keyName = args[++i];
}
command = new KeyShell.CreateCommand(this, keyName, options);
if ("-help".Equals(keyName))
{
PrintKeyShellUsage();
return(1);
}
}
else
{
if (args[i].Equals("delete"))
{
string keyName = "-help";
if (moreTokens)
{
keyName = args[++i];
}
command = new KeyShell.DeleteCommand(this, keyName);
if ("-help".Equals(keyName))
{
PrintKeyShellUsage();
return(1);
}
}
else
{
if (args[i].Equals("roll"))
{
string keyName = "-help";
if (moreTokens)
{
keyName = args[++i];
}
command = new KeyShell.RollCommand(this, keyName);
if ("-help".Equals(keyName))
{
PrintKeyShellUsage();
return(1);
}
}
else
{
if ("list".Equals(args[i]))
{
command = new KeyShell.ListCommand(this);
}
else
{
if ("-size".Equals(args[i]) && moreTokens)
{
options.SetBitLength(System.Convert.ToInt32(args[++i]));
}
else
{
if ("-cipher".Equals(args[i]) && moreTokens)
{
options.SetCipher(args[++i]);
}
else
{
if ("-description".Equals(args[i]) && moreTokens)
{
options.SetDescription(args[++i]);
}
else
{
if ("-attr".Equals(args[i]) && moreTokens)
{
string[] attrval = args[++i].Split("=", 2);
string attr = attrval[0].Trim();
string val = attrval[1].Trim();
if (attr.IsEmpty() || val.IsEmpty())
{
@out.WriteLine("\nAttributes must be in attribute=value form, " + "or quoted\nlike \"attribute = value\"\n"
);
PrintKeyShellUsage();
return(1);
}
if (attributes.Contains(attr))
{
@out.WriteLine("\nEach attribute must correspond to only one value:\n" + "atttribute \""
+ attr + "\" was repeated\n");
PrintKeyShellUsage();
return(1);
}
attributes[attr] = val;
}
else
{
if ("-provider".Equals(args[i]) && moreTokens)
{
userSuppliedProvider = true;
GetConf().Set(KeyProviderFactory.KeyProviderPath, args[++i]);
}
else
{
if ("-metadata".Equals(args[i]))
{
GetConf().SetBoolean(ListMetadata, true);
}
else
{
if ("-f".Equals(args[i]) || ("-force".Equals(args[i])))
{
interactive = false;
}
else
{
if ("-help".Equals(args[i]))
{
PrintKeyShellUsage();
return(1);
}
else
{
PrintKeyShellUsage();
ToolRunner.PrintGenericCommandUsage(System.Console.Error);
return(1);
}
}
}
}
}
}
}
}
}
}
}
}
}
if (command == null)
{
PrintKeyShellUsage();
return(1);
}
if (!attributes.IsEmpty())
{
options.SetAttributes(attributes);
}
return(0);
}
/// <exception cref="NoSuchAlgorithmException"/>
/// <exception cref="System.IO.IOException"/>
public override KeyProvider.KeyVersion CreateKey(string name, KeyProvider.Options
options)
{
return(keyProvider.CreateKey(name, options));
}
/// <exception cref="System.IO.IOException"/>
public override KeyProvider.KeyVersion CreateKey(string name, byte[] material, KeyProvider.Options
options)
{
lock (this)
{
Text nameT = new Text(name);
if (credentials.GetSecretKey(nameT) != null)
{
throw new IOException("Key " + name + " already exists in " + this);
}
if (options.GetBitLength() != 8 * material.Length)
{
throw new IOException("Wrong key length. Required " + options.GetBitLength() + ", but got "
+ (8 * material.Length));
}
KeyProvider.Metadata meta = new KeyProvider.Metadata(options.GetCipher(), options
.GetBitLength(), options.GetDescription(), options.GetAttributes(), new DateTime
(), 1);
cache[name] = meta;
string versionName = BuildVersionName(name, 0);
credentials.AddSecretKey(nameT, meta.Serialize());
credentials.AddSecretKey(new Text(versionName), material);
return(new KeyProvider.KeyVersion(name, versionName, material));
}
}