rdblue commented on code in PR #7770:
URL: https://github.com/apache/iceberg/pull/7770#discussion_r1676552264
##########
core/src/main/java/org/apache/iceberg/encryption/StandardEncryptionManager.java:
##########
@@ -92,13 +94,45 @@ public ByteBuffer wrapKey(ByteBuffer secretKey) {
public ByteBuffer unwrapKey(ByteBuffer wrappedSecretKey) {
if (kmsClient == null) {
- throw new IllegalStateException(
- "Cannot wrap key after called after serialization (missing KMS
client)");
+ throw new IllegalStateException("Cannot unwrap key after serialization
(missing KMS client)");
}
return kmsClient.unwrapKey(wrappedSecretKey, tableKeyId);
}
+ public String wrappedKeyEncryptionKey() {
Review Comment:
As I noted above, I don't think that the encryption manager is the right
place to track this key. I think that it should be part of `TableMetadata` or
just part of `Snapshot`. The `EncryptionManager` should work with any version
of the table and should not have mutable state based on the `TableMetadata` or
`Snapshot` that it is currently working with.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@iceberg.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@iceberg.apache.org
For additional commands, e-mail: issues-h...@iceberg.apache.org
