ggershinsky commented on code in PR #6450: URL: https://github.com/apache/iceberg/pull/6450#discussion_r1104574502
########## core/src/main/java/org/apache/iceberg/encryption/envelope/AvroKeyRecord.java: ########## @@ -0,0 +1,139 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.iceberg.encryption.envelope; + +import java.io.IOException; +import java.nio.ByteBuffer; +import org.apache.avro.AvroRuntimeException; +import org.apache.avro.SchemaBuilder; +import org.apache.avro.specific.SpecificRecordBase; +import org.apache.avro.specific.SpecificRecordBuilderBase; + +public class AvroKeyRecord extends SpecificRecordBase { Review Comment: Ok, will handle. ########## core/src/main/java/org/apache/iceberg/encryption/envelope/AvroKeyRecord.java: ########## @@ -0,0 +1,139 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.iceberg.encryption.envelope; + +import java.io.IOException; +import java.nio.ByteBuffer; +import org.apache.avro.AvroRuntimeException; +import org.apache.avro.SchemaBuilder; +import org.apache.avro.specific.SpecificRecordBase; +import org.apache.avro.specific.SpecificRecordBuilderBase; + +public class AvroKeyRecord extends SpecificRecordBase { + public static final org.apache.avro.Schema SCHEMA$ = + SchemaBuilder.record("AvroKeyRecord") + .namespace("iceberg.encryption") + .fields() + .requiredBytes("encryptionKey") + .optionalString("wrappingKeyId") + .optionalBytes("aadPrefix") + .endRecord(); + private ByteBuffer encryptionKey; + private CharSequence wrappingKeyId; + private ByteBuffer aadPrefix; + + private AvroKeyRecord() {} + + public org.apache.avro.Schema getSchema() { + return SCHEMA$; + } + // Used by DatumWriter. Applications should not call. + public Object get(int field) { + switch (field) { + case 0: + return encryptionKey; + case 1: + return wrappingKeyId; + case 2: + return aadPrefix; + default: + throw new AvroRuntimeException("Bad index"); + } + } + // Used by DatumReader. Applications should not call. + @SuppressWarnings(value = "unchecked") + public void put(int field, Object value) { + switch (field) { + case 0: + encryptionKey = (ByteBuffer) value; + break; + case 1: + wrappingKeyId = (CharSequence) value; + break; + case 2: + aadPrefix = (ByteBuffer) value; + break; + default: + throw new AvroRuntimeException("Bad index"); + } + } + + public ByteBuffer getEncryptionKey() { + return encryptionKey; + } + + public CharSequence getWrappingKeyId() { + return wrappingKeyId; + } + + public ByteBuffer getAadPrefix() { + return aadPrefix; + } + + public static Builder newBuilder() { + return new Builder(); + } + + public static class Builder extends SpecificRecordBuilderBase<AvroKeyRecord> { + private ByteBuffer encryptionKey; + private CharSequence wrappingKeyId; + private ByteBuffer aadPrefix; + + private Builder() { + super(SCHEMA$); + } + + public Builder setEncryptionKey(ByteBuffer value) { + validate(fields()[0], value); + this.encryptionKey = value; + fieldSetFlags()[0] = true; + return this; + } + + public Builder setWrappingKeyId(CharSequence value) { Review Comment: Yep; seems to be a standard / popular term, per google search (I looked for "encryption key wrapping") ########## core/src/main/java/org/apache/iceberg/encryption/BaseEncryptedOutputFile.java: ########## @@ -20,12 +20,13 @@ import org.apache.iceberg.io.OutputFile; -class BaseEncryptedOutputFile implements EncryptedOutputFile { +public class BaseEncryptedOutputFile implements EncryptedOutputFile { Review Comment: to be available in the _envelope_ subpackage; but since we move classes to the encryption package, no need in this change anymore, I'll remove. ########## core/src/main/java/org/apache/iceberg/encryption/envelope/EnvelopeEncryptionManager.java: ########## @@ -0,0 +1,100 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.iceberg.encryption.envelope; + +import java.nio.ByteBuffer; +import java.security.SecureRandom; +import java.util.Map; +import org.apache.iceberg.encryption.BaseEncryptedOutputFile; +import org.apache.iceberg.encryption.EncryptedInputFile; +import org.apache.iceberg.encryption.EncryptedOutputFile; +import org.apache.iceberg.encryption.EncryptionManager; +import org.apache.iceberg.io.InputFile; +import org.apache.iceberg.io.OutputFile; +import org.apache.iceberg.relocated.com.google.common.base.Preconditions; +import org.apache.iceberg.util.PropertyUtil; + +public class EnvelopeEncryptionManager implements EncryptionManager { + public static final String ENCRYPTION_TABLE_KEY = "encryption.table.key.id"; + + public static final String ENCRYPTION_DEK_LENGTH = "encryption.data.key.length"; + public static final int ENCRYPTION_DEK_LENGTH_DEFAULT = 16; + + public static final int ENCRYPTION_AAD_LENGTH_DEFAULT = 16; + + /** Implementation of the KMS client for envelope encryption */ + public static final String ENCRYPTION_KMS_CLIENT_IMPL = "encryption.kms.client-impl"; + + private final KmsClient kmsClient; + private String tableKeyId; + private int dataKeyLength; + private boolean kmsGeneratedKeys; + + private transient volatile SecureRandom workerRNG = null; + + /** + * @param tableKeyId table encryption key id + * @param kmsClient Client of KMS used to wrap/unwrap keys in envelope encryption + * @param encryptionProperties encryption properties + */ + public EnvelopeEncryptionManager( + String tableKeyId, KmsClient kmsClient, Map<String, String> encryptionProperties) { Review Comment: Sure, will move this to a separate PR ########## core/src/main/java/org/apache/iceberg/encryption/envelope/EnvelopeKeyMetadata.java: ########## @@ -0,0 +1,122 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.iceberg.encryption.envelope; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.nio.ByteBuffer; +import org.apache.avro.io.BinaryDecoder; +import org.apache.avro.io.BinaryEncoder; +import org.apache.avro.io.DatumReader; +import org.apache.avro.io.DatumWriter; +import org.apache.avro.io.DecoderFactory; +import org.apache.avro.io.EncoderFactory; +import org.apache.avro.specific.SpecificDatumReader; +import org.apache.avro.specific.SpecificDatumWriter; +import org.apache.iceberg.encryption.EncryptionKeyMetadata; + +public class EnvelopeKeyMetadata implements EncryptionKeyMetadata { Review Comment: Ok, will handle this. ########## core/src/main/java/org/apache/iceberg/encryption/envelope/AvroKeyRecord.java: ########## @@ -0,0 +1,139 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.iceberg.encryption.envelope; + +import java.io.IOException; +import java.nio.ByteBuffer; +import org.apache.avro.AvroRuntimeException; +import org.apache.avro.SchemaBuilder; +import org.apache.avro.specific.SpecificRecordBase; +import org.apache.avro.specific.SpecificRecordBuilderBase; + +public class AvroKeyRecord extends SpecificRecordBase { + public static final org.apache.avro.Schema SCHEMA$ = + SchemaBuilder.record("AvroKeyRecord") + .namespace("iceberg.encryption") + .fields() + .requiredBytes("encryptionKey") + .optionalString("wrappingKeyId") + .optionalBytes("aadPrefix") + .endRecord(); + private ByteBuffer encryptionKey; + private CharSequence wrappingKeyId; + private ByteBuffer aadPrefix; + + private AvroKeyRecord() {} + + public org.apache.avro.Schema getSchema() { + return SCHEMA$; + } + // Used by DatumWriter. Applications should not call. + public Object get(int field) { + switch (field) { + case 0: + return encryptionKey; + case 1: + return wrappingKeyId; + case 2: + return aadPrefix; + default: + throw new AvroRuntimeException("Bad index"); + } + } + // Used by DatumReader. Applications should not call. + @SuppressWarnings(value = "unchecked") + public void put(int field, Object value) { + switch (field) { + case 0: + encryptionKey = (ByteBuffer) value; + break; + case 1: + wrappingKeyId = (CharSequence) value; + break; + case 2: + aadPrefix = (ByteBuffer) value; + break; + default: + throw new AvroRuntimeException("Bad index"); + } + } + + public ByteBuffer getEncryptionKey() { + return encryptionKey; + } + + public CharSequence getWrappingKeyId() { + return wrappingKeyId; + } + + public ByteBuffer getAadPrefix() { + return aadPrefix; + } + + public static Builder newBuilder() { + return new Builder(); + } + + public static class Builder extends SpecificRecordBuilderBase<AvroKeyRecord> { Review Comment: Ok ########## core/src/main/java/org/apache/iceberg/encryption/envelope/AvroKeyRecord.java: ########## @@ -0,0 +1,139 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.iceberg.encryption.envelope; + +import java.io.IOException; +import java.nio.ByteBuffer; +import org.apache.avro.AvroRuntimeException; +import org.apache.avro.SchemaBuilder; +import org.apache.avro.specific.SpecificRecordBase; +import org.apache.avro.specific.SpecificRecordBuilderBase; + +public class AvroKeyRecord extends SpecificRecordBase { + public static final org.apache.avro.Schema SCHEMA$ = + SchemaBuilder.record("AvroKeyRecord") + .namespace("iceberg.encryption") + .fields() + .requiredBytes("encryptionKey") + .optionalString("wrappingKeyId") + .optionalBytes("aadPrefix") + .endRecord(); + private ByteBuffer encryptionKey; + private CharSequence wrappingKeyId; + private ByteBuffer aadPrefix; + + private AvroKeyRecord() {} + + public org.apache.avro.Schema getSchema() { + return SCHEMA$; + } + // Used by DatumWriter. Applications should not call. + public Object get(int field) { + switch (field) { + case 0: + return encryptionKey; + case 1: + return wrappingKeyId; + case 2: + return aadPrefix; + default: + throw new AvroRuntimeException("Bad index"); + } + } + // Used by DatumReader. Applications should not call. + @SuppressWarnings(value = "unchecked") + public void put(int field, Object value) { + switch (field) { + case 0: + encryptionKey = (ByteBuffer) value; + break; + case 1: + wrappingKeyId = (CharSequence) value; + break; + case 2: + aadPrefix = (ByteBuffer) value; + break; + default: + throw new AvroRuntimeException("Bad index"); + } + } + + public ByteBuffer getEncryptionKey() { Review Comment: auto-generated code (here, and in the 2 comments above..). I'll change this. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@iceberg.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@iceberg.apache.org For additional commands, e-mail: issues-h...@iceberg.apache.org
