org.apache.hadoop.hdfs.security.token.block

Class BlockTokenSecretManager

java.lang.Object

org.apache.hadoop.security.token.SecretManager<BlockTokenIdentifier>

org.apache.hadoop.hdfs.security.token.block.BlockTokenSecretManager

@InterfaceAudience.Private
public class BlockTokenSecretManager
extends SecretManager<BlockTokenIdentifier>

BlockTokenSecretManager can be instantiated in 2 modes, master mode and slave mode. Master can generate new block keys and export block keys to slaves, while slaves can only import and use block keys received from master. Both master and slave can generate and verify block tokens. Typically, master mode is used by NN and slave mode is used by DN.

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	BlockTokenSecretManager.AccessMode

Nested classes/interfaces inherited from class org.apache.hadoop.security.token.SecretManager

SecretManager.InvalidToken

Field Summary

Fields

Modifier and Type	Field and Description
static Token<BlockTokenIdentifier>	DUMMY_TOKEN
static org.apache.commons.logging.Log	LOG

Constructor Summary

Constructors

Constructor and Description
BlockTokenSecretManager(long keyUpdateInterval, long tokenLifetime, int nnIndex, String blockPoolId, String encryptionAlgorithm) Constructor for masters.
BlockTokenSecretManager(long keyUpdateInterval, long tokenLifetime, String blockPoolId, String encryptionAlgorithm) Constructor for slaves.

Method Summary

Methods

Modifier and Type	Method and Description
void	addKeys(ExportedBlockKeys exportedKeys) Set block keys, only to be used in slave mode
void	checkAccess(BlockTokenIdentifier id, String userId, ExtendedBlock block, BlockTokenSecretManager.AccessMode mode) Check if access should be allowed.
void	checkAccess(Token<BlockTokenIdentifier> token, String userId, ExtendedBlock block, BlockTokenSecretManager.AccessMode mode) Check if access should be allowed.
void	clearAllKeysForTesting()
BlockTokenIdentifier	createIdentifier() Create an empty block token identifier
protected byte[]	createPassword(BlockTokenIdentifier identifier) Create a new password/secret for the given block token identifier.
ExportedBlockKeys	exportKeys() Export block keys, only to be used in master mode
DataEncryptionKey	generateDataEncryptionKey() Generate a data encryption key for this block pool, using the current BlockKey.
Token<BlockTokenIdentifier>	generateToken(ExtendedBlock block, EnumSet<BlockTokenSecretManager.AccessMode> modes) Generate an block token for current user
Token<BlockTokenIdentifier>	generateToken(String userId, ExtendedBlock block, EnumSet<BlockTokenSecretManager.AccessMode> modes) Generate a block token for a specified user
int	getSerialNoForTesting()
byte[]	retrieveDataEncryptionKey(int keyId, byte[] nonce) Recreate an encryption key based on the given key id and nonce.
byte[]	retrievePassword(BlockTokenIdentifier identifier) Look up the token password/secret for the given block token identifier.
void	setBlockPoolId(String blockPoolId)
void	setKeyUpdateIntervalForTesting(long millis)
void	setSerialNo(int serialNo)
void	setTokenLifetime(long tokenLifetime) set token lifetime.
boolean	updateKeys(long updateTime) Update block keys if update time > update interval.

Methods inherited from class org.apache.hadoop.security.token.SecretManager

checkAvailableForRead, createPassword, createSecretKey, generateSecret

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

LOG

public static final org.apache.commons.logging.Log LOG

DUMMY_TOKEN

public static final Token<BlockTokenIdentifier> DUMMY_TOKEN

Constructor Detail

BlockTokenSecretManager

public BlockTokenSecretManager(long keyUpdateInterval,
                       long tokenLifetime,
                       String blockPoolId,
                       String encryptionAlgorithm)

Constructor for slaves.

Parameters:

keyUpdateInterval - how often a new key will be generated

tokenLifetime - how long an individual token is valid

BlockTokenSecretManager

public BlockTokenSecretManager(long keyUpdateInterval,
                       long tokenLifetime,
                       int nnIndex,
                       String blockPoolId,
                       String encryptionAlgorithm)

Constructor for masters.

Parameters:

keyUpdateInterval - how often a new key will be generated

tokenLifetime - how long an individual token is valid

isHaEnabled - whether or not HA is enabled

thisNnId - the NN ID of this NN in an HA setup

otherNnId - the NN ID of the other NN in an HA setup

Method Detail

setSerialNo

public void setSerialNo(int serialNo)

setBlockPoolId

public void setBlockPoolId(String blockPoolId)

exportKeys

public ExportedBlockKeys exportKeys()

Export block keys, only to be used in master mode

addKeys

public void addKeys(ExportedBlockKeys exportedKeys)
             throws IOException

Set block keys, only to be used in slave mode

Throws:

IOException

updateKeys

public boolean updateKeys(long updateTime)
                   throws IOException

Update block keys if update time > update interval.

Returns:

true if the keys are updated.

Throws:

IOException

generateToken

public Token<BlockTokenIdentifier> generateToken(ExtendedBlock block,
                                        EnumSet<BlockTokenSecretManager.AccessMode> modes)
                                          throws IOException

Generate an block token for current user

Throws:

IOException

generateToken

public Token<BlockTokenIdentifier> generateToken(String userId,
                                        ExtendedBlock block,
                                        EnumSet<BlockTokenSecretManager.AccessMode> modes)
                                          throws IOException

Generate a block token for a specified user

Throws:

IOException

checkAccess

public void checkAccess(BlockTokenIdentifier id,
               String userId,
               ExtendedBlock block,
               BlockTokenSecretManager.AccessMode mode)
                 throws SecretManager.InvalidToken

Check if access should be allowed. userID is not checked if null. This method doesn't check if token password is correct. It should be used only when token password has already been verified (e.g., in the RPC layer).

Throws:

SecretManager.InvalidToken

checkAccess

public void checkAccess(Token<BlockTokenIdentifier> token,
               String userId,
               ExtendedBlock block,
               BlockTokenSecretManager.AccessMode mode)
                 throws SecretManager.InvalidToken

Check if access should be allowed. userID is not checked if null

Throws:

SecretManager.InvalidToken

setTokenLifetime

public void setTokenLifetime(long tokenLifetime)

set token lifetime.

createIdentifier

public BlockTokenIdentifier createIdentifier()

Create an empty block token identifier

Specified by:

createIdentifier in class SecretManager<BlockTokenIdentifier>

Returns:

a newly created empty block token identifier

createPassword

protected byte[] createPassword(BlockTokenIdentifier identifier)

Create a new password/secret for the given block token identifier.

Specified by:

createPassword in class SecretManager<BlockTokenIdentifier>

Parameters:

identifier - the block token identifier

Returns:

token password/secret

retrievePassword

public byte[] retrievePassword(BlockTokenIdentifier identifier)
                        throws SecretManager.InvalidToken

Look up the token password/secret for the given block token identifier.

Specified by:

retrievePassword in class SecretManager<BlockTokenIdentifier>

Parameters:

identifier - the block token identifier to look up

Returns:

token password/secret as byte[]

Throws:

InvalidToken

SecretManager.InvalidToken

generateDataEncryptionKey

public DataEncryptionKey generateDataEncryptionKey()

Generate a data encryption key for this block pool, using the current BlockKey.

Returns:

a data encryption key which may be used to encrypt traffic over the DataTransferProtocol

retrieveDataEncryptionKey

public byte[] retrieveDataEncryptionKey(int keyId,
                               byte[] nonce)
                                 throws InvalidEncryptionKeyException

Recreate an encryption key based on the given key id and nonce.

Parameters:

keyId - identifier of the secret key used to generate the encryption key.

nonce - random value used to create the encryption key

Returns:

the encryption key which corresponds to this (keyId, blockPoolId, nonce)

Throws:

InvalidToken

InvalidEncryptionKeyException

setKeyUpdateIntervalForTesting

public void setKeyUpdateIntervalForTesting(long millis)

clearAllKeysForTesting

public void clearAllKeysForTesting()

getSerialNoForTesting

public int getSerialNoForTesting()