Example #1
0
 @Override
 public synchronized KeyVersion createKey(String name, byte[] material, Options options)
     throws IOException {
   Text nameT = new Text(name);
   if (credentials.getSecretKey(nameT) != null) {
     throw new IOException("Key " + name + " already exists in " + this);
   }
   if (options.getBitLength() != 8 * material.length) {
     throw new IOException(
         "Wrong key length. Required "
             + options.getBitLength()
             + ", but got "
             + (8 * material.length));
   }
   Metadata meta =
       new Metadata(
           options.getCipher(),
           options.getBitLength(),
           options.getDescription(),
           options.getAttributes(),
           new Date(),
           1);
   cache.put(name, meta);
   String versionName = buildVersionName(name, 0);
   credentials.addSecretKey(nameT, meta.serialize());
   credentials.addSecretKey(new Text(versionName), material);
   return new KeyVersion(name, versionName, material);
 }
Example #2
0
  @SuppressWarnings("unchecked")
  private void readTokensFromFiles(Configuration conf, Credentials credentials) throws IOException {
    // add tokens and secrets coming from a token storage file
    String binaryTokenFilename = conf.get("mapreduce.job.credentials.binary");
    if (binaryTokenFilename != null) {
      Credentials binary =
          Credentials.readTokenStorageFile(new Path("file:///" + binaryTokenFilename), conf);
      credentials.addAll(binary);
    }
    // add secret keys coming from a json file
    String tokensFileName = conf.get("mapreduce.job.credentials.json");
    if (tokensFileName != null) {
      LOG.info("loading user's secret keys from " + tokensFileName);
      String localFileName = new Path(tokensFileName).toUri().getPath();

      boolean json_error = false;
      try {
        // read JSON
        ObjectMapper mapper = new ObjectMapper();
        Map<String, String> nm = mapper.readValue(new File(localFileName), Map.class);

        for (Map.Entry<String, String> ent : nm.entrySet()) {
          credentials.addSecretKey(new Text(ent.getKey()), ent.getValue().getBytes());
        }
      } catch (JsonMappingException e) {
        json_error = true;
      } catch (JsonParseException e) {
        json_error = true;
      }
      if (json_error) LOG.warn("couldn't parse Token Cache JSON file with user secret keys");
    }
  }
Example #3
0
 @Override
 public synchronized KeyVersion rollNewVersion(String name, byte[] material) throws IOException {
   Metadata meta = getMetadata(name);
   if (meta == null) {
     throw new IOException("Key " + name + " not found");
   }
   if (meta.getBitLength() != 8 * material.length) {
     throw new IOException(
         "Wrong key length. Required "
             + meta.getBitLength()
             + ", but got "
             + (8 * material.length));
   }
   int nextVersion = meta.addVersion();
   credentials.addSecretKey(new Text(name), meta.serialize());
   String versionName = buildVersionName(name, nextVersion);
   credentials.addSecretKey(new Text(versionName), material);
   return new KeyVersion(name, versionName, material);
 }