hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/security/OzoneSecretKey.java - hadoop - Git at Google

 /**
  * Licensed to the Apache Software Foundation (ASF) under one or more
  * contributor license agreements.  See the NOTICE file distributed with this
  * work for additional information regarding copyright ownership.  The ASF
  * licenses this file to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  * <p>
  * http://www.apache.org/licenses/LICENSE-2.0
  * <p>
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
  * License for the specific language governing permissions and limitations under
  * the License.
  */
 package org.apache.hadoop.ozone.security;

 import com.google.common.base.Preconditions;
 import com.google.protobuf.ByteString;
 import java.io.ByteArrayInputStream;
 import java.io.DataInput;
 import java.io.DataInputStream;
 import java.io.DataOutput;
 import java.io.IOException;
 import java.security.KeyPair;
 import java.security.PrivateKey;
 import java.security.PublicKey;
 import org.apache.commons.lang3.builder.EqualsBuilder;
 import org.apache.commons.lang3.builder.HashCodeBuilder;
 import org.apache.hadoop.classification.InterfaceAudience;
 import org.apache.hadoop.classification.InterfaceStability;
 import org.apache.hadoop.hdds.conf.OzoneConfiguration;
 import org.apache.hadoop.hdds.security.x509.SecurityConfig;
 import org.apache.hadoop.hdds.security.x509.keys.SecurityUtil;
 import org.apache.hadoop.io.Writable;
 import org.apache.hadoop.ozone.protocol.proto.OzoneManagerProtocolProtos.SecretKeyProto;

 /**
  * Wrapper class for Ozone/Hdds secret keys. Used in delegation tokens and block
  * tokens.
  */
 @InterfaceAudience.Private
 @InterfaceStability.Unstable
 public class OzoneSecretKey implements Writable {

   private int keyId;
   private long expiryDate;
   private PrivateKey privateKey;
   private PublicKey publicKey;
   private SecurityConfig securityConfig;

   public OzoneSecretKey(int keyId, long expiryDate, KeyPair keyPair) {
     Preconditions.checkNotNull(keyId);
     this.keyId = keyId;
     this.expiryDate = expiryDate;
     this.privateKey = keyPair.getPrivate();
     this.publicKey = keyPair.getPublic();
   }

   /*
    * Create new instance using default signature algorithm and provider.
    * */
   public OzoneSecretKey(int keyId, long expiryDate, byte[] pvtKey,
       byte[] publicKey) {
     Preconditions.checkNotNull(pvtKey);
     Preconditions.checkNotNull(publicKey);

     this.securityConfig = new SecurityConfig(new OzoneConfiguration());
     this.keyId = keyId;
     this.expiryDate = expiryDate;
     this.privateKey = SecurityUtil.getPrivateKey(pvtKey, securityConfig);
     this.publicKey = SecurityUtil.getPublicKey(publicKey, securityConfig);
   }

   public int getKeyId() {
     return keyId;
   }

   public long getExpiryDate() {
     return expiryDate;
   }

   public PrivateKey getPrivateKey() {
     return privateKey;
   }

   public PublicKey getPublicKey() {
     return publicKey;
   }

   public byte[] getEncodedPrivateKey() {
     return privateKey.getEncoded();
   }

   public byte[] getEncodedPubliceKey() {
     return publicKey.getEncoded();
   }

   public void setExpiryDate(long expiryDate) {
     this.expiryDate = expiryDate;
   }

   @Override
   public void write(DataOutput out) throws IOException {
     SecretKeyProto token = SecretKeyProto.newBuilder()
         .setKeyId(getKeyId())
         .setExpiryDate(getExpiryDate())
         .setPrivateKeyBytes(ByteString.copyFrom(getEncodedPrivateKey()))
         .setPublicKeyBytes(ByteString.copyFrom(getEncodedPubliceKey()))
         .build();
     out.write(token.toByteArray());
   }

   @Override
   public void readFields(DataInput in) throws IOException {
     SecretKeyProto secretKey = SecretKeyProto.parseFrom((DataInputStream) in);
     expiryDate = secretKey.getExpiryDate();
     keyId = secretKey.getKeyId();
     privateKey = SecurityUtil.getPrivateKey(secretKey.getPrivateKeyBytes()
         .toByteArray(), securityConfig);
     publicKey = SecurityUtil.getPublicKey(secretKey.getPublicKeyBytes()
         .toByteArray(), securityConfig);
   }

   @Override
   public int hashCode() {
     HashCodeBuilder hashCodeBuilder = new HashCodeBuilder(537, 963);
     hashCodeBuilder.append(getExpiryDate())
         .append(getKeyId())
         .append(getEncodedPrivateKey())
         .append(getEncodedPubliceKey());

     return hashCodeBuilder.build();
   }

   @Override
   public boolean equals(Object obj) {
     if (obj == this) {
       return true;
     }

     if (obj instanceof OzoneSecretKey) {
       OzoneSecretKey that = (OzoneSecretKey) obj;
       return new EqualsBuilder()
           .append(this.keyId, that.keyId)
           .append(this.expiryDate, that.expiryDate)
           .append(this.privateKey, that.privateKey)
           .append(this.publicKey, that.publicKey)
           .build();
     }
     return false;
   }

   /**
    * Reads protobuf encoded input stream to construct {@link OzoneSecretKey}.
    */
   static OzoneSecretKey readProtoBuf(DataInput in) throws IOException {
     Preconditions.checkNotNull(in);
     SecretKeyProto key = SecretKeyProto.parseFrom((DataInputStream) in);
     return new OzoneSecretKey(key.getKeyId(), key.getExpiryDate(),
         key.getPrivateKeyBytes().toByteArray(),
         key.getPublicKeyBytes().toByteArray());
   }

   /**
    * Reads protobuf encoded input stream to construct {@link OzoneSecretKey}.
    */
   static OzoneSecretKey readProtoBuf(byte[] identifier) throws IOException {
     Preconditions.checkNotNull(identifier);
     DataInputStream in = new DataInputStream(new ByteArrayInputStream(
         identifier));
     return readProtoBuf(in);
   }

 }
	/**
	* Licensed to the Apache Software Foundation (ASF) under one or more
	* contributor license agreements. See the NOTICE file distributed with this
	* work for additional information regarding copyright ownership. The ASF
	* licenses this file to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	* <p>
	* http://www.apache.org/licenses/LICENSE-2.0
	* <p>
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
	* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
	* License for the specific language governing permissions and limitations under
	* the License.
	*/
	package org.apache.hadoop.ozone.security;

	import com.google.common.base.Preconditions;
	import com.google.protobuf.ByteString;
	import java.io.ByteArrayInputStream;
	import java.io.DataInput;
	import java.io.DataInputStream;
	import java.io.DataOutput;
	import java.io.IOException;
	import java.security.KeyPair;
	import java.security.PrivateKey;
	import java.security.PublicKey;
	import org.apache.commons.lang3.builder.EqualsBuilder;
	import org.apache.commons.lang3.builder.HashCodeBuilder;
	import org.apache.hadoop.classification.InterfaceAudience;
	import org.apache.hadoop.classification.InterfaceStability;
	import org.apache.hadoop.hdds.conf.OzoneConfiguration;
	import org.apache.hadoop.hdds.security.x509.SecurityConfig;
	import org.apache.hadoop.hdds.security.x509.keys.SecurityUtil;
	import org.apache.hadoop.io.Writable;
	import org.apache.hadoop.ozone.protocol.proto.OzoneManagerProtocolProtos.SecretKeyProto;

	/**
	* Wrapper class for Ozone/Hdds secret keys. Used in delegation tokens and block
	* tokens.
	*/
	@InterfaceAudience.Private
	@InterfaceStability.Unstable
	public class OzoneSecretKey implements Writable {

	private int keyId;
	private long expiryDate;
	private PrivateKey privateKey;
	private PublicKey publicKey;
	private SecurityConfig securityConfig;

	public OzoneSecretKey(int keyId, long expiryDate, KeyPair keyPair) {
	Preconditions.checkNotNull(keyId);
	this.keyId = keyId;
	this.expiryDate = expiryDate;
	this.privateKey = keyPair.getPrivate();
	this.publicKey = keyPair.getPublic();
	}

	/*
	* Create new instance using default signature algorithm and provider.
	* */
	public OzoneSecretKey(int keyId, long expiryDate, byte[] pvtKey,
	byte[] publicKey) {
	Preconditions.checkNotNull(pvtKey);
	Preconditions.checkNotNull(publicKey);

	this.securityConfig = new SecurityConfig(new OzoneConfiguration());
	this.keyId = keyId;
	this.expiryDate = expiryDate;
	this.privateKey = SecurityUtil.getPrivateKey(pvtKey, securityConfig);
	this.publicKey = SecurityUtil.getPublicKey(publicKey, securityConfig);
	}

	public int getKeyId() {
	return keyId;
	}

	public long getExpiryDate() {
	return expiryDate;
	}

	public PrivateKey getPrivateKey() {
	return privateKey;
	}

	public PublicKey getPublicKey() {
	return publicKey;
	}

	public byte[] getEncodedPrivateKey() {
	return privateKey.getEncoded();
	}

	public byte[] getEncodedPubliceKey() {
	return publicKey.getEncoded();
	}

	public void setExpiryDate(long expiryDate) {
	this.expiryDate = expiryDate;
	}

	@Override
	public void write(DataOutput out) throws IOException {
	SecretKeyProto token = SecretKeyProto.newBuilder()
	.setKeyId(getKeyId())
	.setExpiryDate(getExpiryDate())
	.setPrivateKeyBytes(ByteString.copyFrom(getEncodedPrivateKey()))
	.setPublicKeyBytes(ByteString.copyFrom(getEncodedPubliceKey()))
	.build();
	out.write(token.toByteArray());
	}

	@Override
	public void readFields(DataInput in) throws IOException {
	SecretKeyProto secretKey = SecretKeyProto.parseFrom((DataInputStream) in);
	expiryDate = secretKey.getExpiryDate();
	keyId = secretKey.getKeyId();
	privateKey = SecurityUtil.getPrivateKey(secretKey.getPrivateKeyBytes()
	.toByteArray(), securityConfig);
	publicKey = SecurityUtil.getPublicKey(secretKey.getPublicKeyBytes()
	.toByteArray(), securityConfig);
	}

	@Override
	public int hashCode() {
	HashCodeBuilder hashCodeBuilder = new HashCodeBuilder(537, 963);
	hashCodeBuilder.append(getExpiryDate())
	.append(getKeyId())
	.append(getEncodedPrivateKey())
	.append(getEncodedPubliceKey());

	return hashCodeBuilder.build();
	}

	@Override
	public boolean equals(Object obj) {
	if (obj == this) {
	return true;
	}

	if (obj instanceof OzoneSecretKey) {
	OzoneSecretKey that = (OzoneSecretKey) obj;
	return new EqualsBuilder()
	.append(this.keyId, that.keyId)
	.append(this.expiryDate, that.expiryDate)
	.append(this.privateKey, that.privateKey)
	.append(this.publicKey, that.publicKey)
	.build();
	}
	return false;
	}

	/**
	* Reads protobuf encoded input stream to construct {@link OzoneSecretKey}.
	*/
	static OzoneSecretKey readProtoBuf(DataInput in) throws IOException {
	Preconditions.checkNotNull(in);
	SecretKeyProto key = SecretKeyProto.parseFrom((DataInputStream) in);
	return new OzoneSecretKey(key.getKeyId(), key.getExpiryDate(),
	key.getPrivateKeyBytes().toByteArray(),
	key.getPublicKeyBytes().toByteArray());
	}

	/**
	* Reads protobuf encoded input stream to construct {@link OzoneSecretKey}.
	*/
	static OzoneSecretKey readProtoBuf(byte[] identifier) throws IOException {
	Preconditions.checkNotNull(identifier);
	DataInputStream in = new DataInputStream(new ByteArrayInputStream(
	identifier));
	return readProtoBuf(in);
	}

	}