Source code

001/*
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements.  See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership.  The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License.  You may obtain a copy of the License at
009 *
010 *     http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software
013 * distributed under the License is distributed on an "AS IS" BASIS,
014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015 * See the License for the specific language governing permissions and
016 * limitations under the License.
017 */
018package org.apache.hadoop.hbase.regionserver;
019
020import org.apache.hadoop.conf.Configuration;
021import org.apache.hadoop.hbase.DoNotRetryIOException;
022import org.apache.hadoop.hbase.HBaseClassTestRule;
023import org.apache.hadoop.hbase.HBaseTestingUtil;
024import org.apache.hadoop.hbase.HConstants;
025import org.apache.hadoop.hbase.TableName;
026import org.apache.hadoop.hbase.client.ColumnFamilyDescriptorBuilder;
027import org.apache.hadoop.hbase.client.TableDescriptorBuilder;
028import org.apache.hadoop.hbase.io.crypto.Encryption;
029import org.apache.hadoop.hbase.io.crypto.KeyProviderForTesting;
030import org.apache.hadoop.hbase.testclassification.MasterTests;
031import org.apache.hadoop.hbase.testclassification.MediumTests;
032import org.apache.hadoop.hbase.util.Bytes;
033import org.apache.hadoop.hbase.util.TableDescriptorChecker;
034import org.junit.AfterClass;
035import org.junit.BeforeClass;
036import org.junit.ClassRule;
037import org.junit.Rule;
038import org.junit.Test;
039import org.junit.experimental.categories.Category;
040import org.junit.rules.ExpectedException;
041
042@Category({ MasterTests.class, MediumTests.class })
043public class TestEncryptionDisabled {
044
045  @ClassRule
046  public static final HBaseClassTestRule CLASS_RULE =
047    HBaseClassTestRule.forClass(TestEncryptionDisabled.class);
048
049  @Rule
050  public ExpectedException exception = ExpectedException.none();
051
052  private static final HBaseTestingUtil TEST_UTIL = new HBaseTestingUtil();
053  private static Configuration conf = TEST_UTIL.getConfiguration();
054  private static TableDescriptorBuilder tdb;
055
056  @BeforeClass
057  public static void setUp() throws Exception {
058    conf.setInt("hfile.format.version", 3);
059    conf.set(HConstants.CRYPTO_KEYPROVIDER_CONF_KEY, KeyProviderForTesting.class.getName());
060    conf.set(HConstants.CRYPTO_MASTERKEY_NAME_CONF_KEY, "hbase");
061    conf.set(Encryption.CRYPTO_ENABLED_CONF_KEY, "false");
062    conf.set(TableDescriptorChecker.TABLE_SANITY_CHECKS, "true");
063
064    // Start the minicluster
065    TEST_UTIL.startMiniCluster(1);
066  }
067
068  @AfterClass
069  public static void tearDown() throws Exception {
070    TEST_UTIL.shutdownMiniCluster();
071  }
072
073  @Test
074  public void testEncryptedTableShouldNotBeCreatedWhenEncryptionDisabled() throws Exception {
075    // Create the table schema
076    // Specify an encryption algorithm without a key (normally HBase would generate a random key)
077    tdb =
078      TableDescriptorBuilder.newBuilder(TableName.valueOf("default", "TestEncryptionDisabledFail"));
079    ColumnFamilyDescriptorBuilder columnFamilyDescriptorBuilder =
080      ColumnFamilyDescriptorBuilder.newBuilder(Bytes.toBytes("cf"));
081    String algorithm = conf.get(HConstants.CRYPTO_KEY_ALGORITHM_CONF_KEY, HConstants.CIPHER_AES);
082    columnFamilyDescriptorBuilder.setEncryptionType(algorithm);
083    tdb.setColumnFamily(columnFamilyDescriptorBuilder.build());
084
085    // Create the test table, we expect to get back an exception
086    exception.expect(DoNotRetryIOException.class);
087    exception.expectMessage("encryption is disabled on the cluster");
088    TEST_UTIL.getAdmin().createTable(tdb.build());
089  }
090
091  @Test
092  public void testNonEncryptedTableShouldBeCreatedWhenEncryptionDisabled() throws Exception {
093    // Create the table schema
094    tdb = TableDescriptorBuilder
095      .newBuilder(TableName.valueOf("default", "TestEncryptionDisabledSuccess"));
096    ColumnFamilyDescriptorBuilder columnFamilyDescriptorBuilder =
097      ColumnFamilyDescriptorBuilder.newBuilder(Bytes.toBytes("cf"));
098    tdb.setColumnFamily(columnFamilyDescriptorBuilder.build());
099
100    // Create the test table, this should succeed, as we don't use encryption
101    TEST_UTIL.getAdmin().createTable(tdb.build());
102    TEST_UTIL.waitTableAvailable(tdb.build().getTableName(), 5000);
103  }
104
105}