ggershinsky commented on code in PR #7770:
URL: https://github.com/apache/iceberg/pull/7770#discussion_r1703116600
##########
core/src/main/java/org/apache/iceberg/encryption/EncryptionUtil.java:
##########
@@ -70,31 +76,105 @@ public static KeyManagementClient
createKmsClient(Map<String, String> catalogPro
return kmsClient;
}
+ /**
+ * @deprecated will be removed in 2.0.0. use {@link
#createEncryptionManager(String, int,
+ * KeyManagementClient, long)} instead.
+ */
+ @Deprecated
public static EncryptionManager createEncryptionManager(
Map<String, String> tableProperties, KeyManagementClient kmsClient) {
- Preconditions.checkArgument(kmsClient != null, "Invalid KMS client: null");
String tableKeyId =
tableProperties.get(TableProperties.ENCRYPTION_TABLE_KEY);
-
- if (null == tableKeyId) {
- // Unencrypted table
- return PlaintextEncryptionManager.instance();
- }
-
int dataKeyLength =
PropertyUtil.propertyAsInt(
tableProperties,
TableProperties.ENCRYPTION_DEK_LENGTH,
TableProperties.ENCRYPTION_DEK_LENGTH_DEFAULT);
+ return createEncryptionManager(
+ tableKeyId, dataKeyLength, kmsClient,
CatalogProperties.KEK_CACHE_TIMEOUT_MS_DEFAULT);
+ }
+
+ public static EncryptionManager createEncryptionManager(
Review Comment:
The original signature took the table properties. The new parameter
(`kekCacheTimeout`, to be renamed to something like `writerKekTimeout`) is
taken from the catalog properties. But if we use a default value (per the other
comments), then no need to pass it here for now.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@iceberg.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@iceberg.apache.org
For additional commands, e-mail: issues-h...@iceberg.apache.org
