org.apache.hadoop.security.token.delegation.DelegationKey Maven / Gradle / Ivy
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.hadoop.security.token.delegation;
import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.classification.InterfaceStability;
import java.io.DataInput;
import java.io.DataOutput;
import java.io.IOException;
import javax.crypto.SecretKey;
import org.apache.hadoop.io.Writable;
import org.apache.hadoop.io.WritableUtils;
import org.apache.avro.reflect.Nullable;
/**
* Key used for generating and verifying delegation tokens
*/
@InterfaceAudience.LimitedPrivate({"HDFS", "MapReduce"})
@InterfaceStability.Evolving
public class DelegationKey implements Writable {
private int keyId;
private long expiryDate;
@Nullable
private byte[] keyBytes = null;
private static final int MAX_KEY_LEN = 1024 * 1024;
/** Default constructore required for Writable */
public DelegationKey() {
this(0, 0L, (SecretKey)null);
}
public DelegationKey(int keyId, long expiryDate, SecretKey key) {
this(keyId, expiryDate, key != null ? key.getEncoded() : null);
}
public DelegationKey(int keyId, long expiryDate, byte[] encodedKey) {
this.keyId = keyId;
this.expiryDate = expiryDate;
if (encodedKey != null) {
if (encodedKey.length > MAX_KEY_LEN) {
throw new RuntimeException("can't create " + encodedKey.length +
" byte long DelegationKey.");
}
this.keyBytes = encodedKey;
}
}
public int getKeyId() {
return keyId;
}
public long getExpiryDate() {
return expiryDate;
}
public SecretKey getKey() {
if (keyBytes == null || keyBytes.length == 0) {
return null;
} else {
SecretKey key = AbstractDelegationTokenSecretManager.createSecretKey(keyBytes);
return key;
}
}
public byte[] getEncodedKey() {
return keyBytes;
}
public void setExpiryDate(long expiryDate) {
this.expiryDate = expiryDate;
}
/**
*/
public void write(DataOutput out) throws IOException {
WritableUtils.writeVInt(out, keyId);
WritableUtils.writeVLong(out, expiryDate);
if (keyBytes == null) {
WritableUtils.writeVInt(out, -1);
} else {
WritableUtils.writeVInt(out, keyBytes.length);
out.write(keyBytes);
}
}
/**
*/
public void readFields(DataInput in) throws IOException {
keyId = WritableUtils.readVInt(in);
expiryDate = WritableUtils.readVLong(in);
int len = WritableUtils.readVIntInRange(in, -1, MAX_KEY_LEN);
if (len == -1) {
keyBytes = null;
} else {
keyBytes = new byte[len];
in.readFully(keyBytes);
}
}
}