@Override
public synchronized KeyVersion createKey(String name, byte[] material, Options options)
throws IOException {
Text nameT = new Text(name);
if (credentials.getSecretKey(nameT) != null) {
throw new IOException("Key " + name + " already exists in " + this);
}
if (options.getBitLength() != 8 * material.length) {
throw new IOException(
"Wrong key length. Required "
+ options.getBitLength()
+ ", but got "
+ (8 * material.length));
}
Metadata meta =
new Metadata(
options.getCipher(),
options.getBitLength(),
options.getDescription(),
options.getAttributes(),
new Date(),
1);
cache.put(name, meta);
String versionName = buildVersionName(name, 0);
credentials.addSecretKey(nameT, meta.serialize());
credentials.addSecretKey(new Text(versionName), material);
return new KeyVersion(name, versionName, material);
}
@SuppressWarnings("unchecked")
private void readTokensFromFiles(Configuration conf, Credentials credentials) throws IOException {
// add tokens and secrets coming from a token storage file
String binaryTokenFilename = conf.get("mapreduce.job.credentials.binary");
if (binaryTokenFilename != null) {
Credentials binary =
Credentials.readTokenStorageFile(new Path("file:///" + binaryTokenFilename), conf);
credentials.addAll(binary);
}
// add secret keys coming from a json file
String tokensFileName = conf.get("mapreduce.job.credentials.json");
if (tokensFileName != null) {
LOG.info("loading user's secret keys from " + tokensFileName);
String localFileName = new Path(tokensFileName).toUri().getPath();
boolean json_error = false;
try {
// read JSON
ObjectMapper mapper = new ObjectMapper();
Map<String, String> nm = mapper.readValue(new File(localFileName), Map.class);
for (Map.Entry<String, String> ent : nm.entrySet()) {
credentials.addSecretKey(new Text(ent.getKey()), ent.getValue().getBytes());
}
} catch (JsonMappingException e) {
json_error = true;
} catch (JsonParseException e) {
json_error = true;
}
if (json_error) LOG.warn("couldn't parse Token Cache JSON file with user secret keys");
}
}
@Override
public synchronized KeyVersion rollNewVersion(String name, byte[] material) throws IOException {
Metadata meta = getMetadata(name);
if (meta == null) {
throw new IOException("Key " + name + " not found");
}
if (meta.getBitLength() != 8 * material.length) {
throw new IOException(
"Wrong key length. Required "
+ meta.getBitLength()
+ ", but got "
+ (8 * material.length));
}
int nextVersion = meta.addVersion();
credentials.addSecretKey(new Text(name), meta.serialize());
String versionName = buildVersionName(name, nextVersion);
credentials.addSecretKey(new Text(versionName), material);
return new KeyVersion(name, versionName, material);
}
