Package org.apache.parquet.crypto.keytools

Class PropertiesDrivenCryptoFactory

    • Field Detail

      • COLUMN_KEYS_PROPERTY_NAME

        public static final String COLUMN_KEYS_PROPERTY_NAME
        List of columns to encrypt, with master key IDs (see HIVE-21848). Format: "masterKeyID:colName,colName;masterKeyID:colName..."
        See Also:
        Constant Field Values

      • FOOTER_KEY_PROPERTY_NAME

        public static final String FOOTER_KEY_PROPERTY_NAME
        Master key ID for footer encryption/signing.
        See Also:
        Constant Field Values

      • ENCRYPTION_ALGORITHM_PROPERTY_NAME

        public static final String ENCRYPTION_ALGORITHM_PROPERTY_NAME
        Parquet encryption algorithm. Can be "AES_GCM_V1" (default), or "AES_GCM_CTR_V1".
        See Also:
        Constant Field Values

      • PLAINTEXT_FOOTER_PROPERTY_NAME

        public static final String PLAINTEXT_FOOTER_PROPERTY_NAME
        Write files with plaintext footer. By default, false - Parquet footers are encrypted.
        See Also:
        Constant Field Values

      • ENCRYPTION_ALGORITHM_DEFAULT

        public static final String ENCRYPTION_ALGORITHM_DEFAULT

      • PLAINTEXT_FOOTER_DEFAULT

        public static final boolean PLAINTEXT_FOOTER_DEFAULT
        See Also:
        Constant Field Values

    • Constructor Detail

      • PropertiesDrivenCryptoFactory

        public PropertiesDrivenCryptoFactory()

    • Method Detail

      • getFileEncryptionProperties

        public FileEncryptionProperties getFileEncryptionProperties​(org.apache.hadoop.conf.Configuration fileHadoopConfig,
                                                            org.apache.hadoop.fs.Path tempFilePath,
                                                            WriteSupport.WriteContext fileWriteContext)
                                                     throws ParquetCryptoRuntimeException
        Description copied from interface: EncryptionPropertiesFactory
        Get FileEncryptionProperties object which is created by the implementation of this interface. Please see the unit test SampleEncryptionPropertiesFactory for example
        Specified by:
        getFileEncryptionProperties in interface EncryptionPropertiesFactory
        Parameters:
        fileHadoopConfig - Configuration that is used to pass the needed information, e.g. KMS uri
        tempFilePath - File path of the parquet file being written. Can be used for AAD prefix creation, key material management, etc. Implementations must not presume the path is permanent, as the file can be moved or renamed later
        fileWriteContext - WriteContext to provide information like schema to build the FileEncryptionProperties
        Returns:
        object with class of FileEncryptionProperties. Null return value means the file should not be encrypted.
        Throws:
        ParquetCryptoRuntimeException - if there is an exception while creating the object

      • getFileDecryptionProperties

        public FileDecryptionProperties getFileDecryptionProperties​(org.apache.hadoop.conf.Configuration hadoopConfig,
                                                            org.apache.hadoop.fs.Path filePath)
                                                     throws ParquetCryptoRuntimeException
        Description copied from interface: DecryptionPropertiesFactory
        Get FileDecryptionProperties object which is created by the implementation of this interface. Please see the unit test SampleDecryptionPropertiesFactory for example
        Specified by:
        getFileDecryptionProperties in interface DecryptionPropertiesFactory
        Parameters:
        hadoopConfig - Configuration that is used to pass the needed information, e.g. KMS uri
        filePath - File path of the parquet file Can be used for AAD prefix verification, part of key metadata etc
        Returns:
        object with class of FileDecryptionProperties. Null return value means no decryption properties are available for the file (not required for plaintext files. Or for plaintext columns in encrypted files with plaintext footer).
        Throws:
        ParquetCryptoRuntimeException - if there is an exception while creating the object