rdblue commented on code in PR #7770:
URL: https://github.com/apache/iceberg/pull/7770#discussion_r1676543810
##########
core/src/main/java/org/apache/iceberg/SnapshotParser.java:
##########
@@ -147,6 +169,42 @@ static Snapshot fromJson(JsonNode node) {
if (node.has(MANIFEST_LIST)) {
// the manifest list is stored in a manifest list file
String manifestList = JsonUtil.getString(MANIFEST_LIST, node);
+
+ ByteBuffer manifestListKeyMetadata = null;
+ ByteBuffer wrappedManifestListKeyMetadata = null;
+ String wrappedKeyEncryptionKey = null;
+
+ // Manifest list can be encrypted
+ if (node.has(MANIFEST_LIST_KEY_METADATA)) {
+ // Decode and decrypt manifest list key with metadata key
+ String manifestListKeyMetadataString =
JsonUtil.getString(MANIFEST_LIST_KEY_METADATA, node);
+ wrappedManifestListKeyMetadata =
+
ByteBuffer.wrap(Base64.getDecoder().decode(manifestListKeyMetadataString));
+
+ NativeEncryptionKeyMetadata nativeWrappedKeyMetadata =
+ EncryptionUtil.parseKeyMetadata(wrappedManifestListKeyMetadata);
Review Comment:
`StandardKeyMetadata` is not intended to contain an encrypted key. I think
using it this way is going to lead to confusion because the
`NativeEncryptionKeyMetadata` produced cannot actually be used to decrypt the
manifest list. The key must first be decrypted.
Instead, I think that the entire key metadata payload should be encrypted,
including the AAD. That's a simpler process and maintains the expectations of
the key metadata objects.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@iceberg.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@iceberg.apache.org
For additional commands, e-mail: issues-h...@iceberg.apache.org
