hbase-server/src/test/java/org/apache/hadoop/hbase/regionserver/TestEncryptionDisabled.java

   1 /**
   2  * Licensed to the Apache Software Foundation (ASF) under one
   3  * or more contributor license agreements.  See the NOTICE file
   4  * distributed with this work for additional information
   5  * regarding copyright ownership.  The ASF licenses this file
   6  * to you under the Apache License, Version 2.0 (the
   7  * "License"); you may not use this file except in compliance
   8  * with the License.  You may obtain a copy of the License at
   9  *
  10  *     http://www.apache.org/licenses/LICENSE-2.0
  11  *
  12  * Unless required by applicable law or agreed to in writing, software
  13  * distributed under the License is distributed on an "AS IS" BASIS,
  14  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  15  * See the License for the specific language governing permissions and
  16  * limitations under the License.
  17  */
  18 package org.apache.hadoop.hbase.regionserver;
  19
  20 import org.apache.hadoop.conf.Configuration;
  21 import org.apache.hadoop.hbase.DoNotRetryIOException;
  22 import org.apache.hadoop.hbase.HBaseClassTestRule;
  23 import org.apache.hadoop.hbase.HBaseTestingUtil;
  24 import org.apache.hadoop.hbase.HConstants;
  25 import org.apache.hadoop.hbase.TableName;
  26 import org.apache.hadoop.hbase.client.ColumnFamilyDescriptorBuilder;
  27 import org.apache.hadoop.hbase.client.TableDescriptorBuilder;
  28 import org.apache.hadoop.hbase.io.crypto.Encryption;
  29 import org.apache.hadoop.hbase.io.crypto.KeyProviderForTesting;
  30 import org.apache.hadoop.hbase.testclassification.MasterTests;
  31 import org.apache.hadoop.hbase.testclassification.MediumTests;
  32 import org.apache.hadoop.hbase.util.Bytes;
  33 import org.apache.hadoop.hbase.util.TableDescriptorChecker;
  34 import org.junit.AfterClass;
  35 import org.junit.BeforeClass;
  36 import org.junit.ClassRule;
  37 import org.junit.Rule;
  38 import org.junit.Test;
  39 import org.junit.experimental.categories.Category;
  40 import org.junit.rules.ExpectedException;
  41
  42 @Category({MasterTests.class, MediumTests.class})
  43 public class TestEncryptionDisabled {
  44
  45   @ClassRule
  46   public static final HBaseClassTestRule CLASS_RULE =
  47       HBaseClassTestRule.forClass(TestEncryptionDisabled.class);
  48
  49   @Rule
  50   public ExpectedException exception = ExpectedException.none();
  51
  52   private static final HBaseTestingUtil TEST_UTIL = new HBaseTestingUtil();
  53   private static Configuration conf = TEST_UTIL.getConfiguration();
  54   private static TableDescriptorBuilder tdb;
  55
  56
  57   @BeforeClass
  58   public static void setUp() throws Exception {
  59     conf.setInt("hfile.format.version", 3);
  60     conf.set(HConstants.CRYPTO_KEYPROVIDER_CONF_KEY, KeyProviderForTesting.class.getName());
  61     conf.set(HConstants.CRYPTO_MASTERKEY_NAME_CONF_KEY, "hbase");
  62     conf.set(Encryption.CRYPTO_ENABLED_CONF_KEY, "false");
  63     conf.set(TableDescriptorChecker.TABLE_SANITY_CHECKS, "true");
  64
  65     // Start the minicluster
  66     TEST_UTIL.startMiniCluster(1);
  67   }
  68
  69   @AfterClass
  70   public static void tearDown() throws Exception {
  71     TEST_UTIL.shutdownMiniCluster();
  72   }
  73
  74   @Test
  75   public void testEncryptedTableShouldNotBeCreatedWhenEncryptionDisabled() throws Exception {
  76     // Create the table schema
  77     // Specify an encryption algorithm without a key (normally HBase would generate a random key)
  78     tdb = TableDescriptorBuilder.newBuilder(TableName.valueOf("default",
  79       "TestEncryptionDisabledFail"));
  80     ColumnFamilyDescriptorBuilder columnFamilyDescriptorBuilder =
  81       ColumnFamilyDescriptorBuilder.newBuilder(Bytes.toBytes("cf"));
  82     String algorithm = conf.get(HConstants.CRYPTO_KEY_ALGORITHM_CONF_KEY, HConstants.CIPHER_AES);
  83     columnFamilyDescriptorBuilder.setEncryptionType(algorithm);
  84     tdb.setColumnFamily(columnFamilyDescriptorBuilder.build());
  85
  86     // Create the test table, we expect to get back an exception
  87     exception.expect(DoNotRetryIOException.class);
  88     exception.expectMessage("encryption is disabled on the cluster");
  89     TEST_UTIL.getAdmin().createTable(tdb.build());
  90   }
  91
  92   @Test
  93   public void testNonEncryptedTableShouldBeCreatedWhenEncryptionDisabled() throws Exception {
  94     // Create the table schema
  95     tdb = TableDescriptorBuilder.newBuilder(TableName.valueOf("default",
  96       "TestEncryptionDisabledSuccess"));
  97     ColumnFamilyDescriptorBuilder columnFamilyDescriptorBuilder =
  98       ColumnFamilyDescriptorBuilder.newBuilder(Bytes.toBytes("cf"));
  99     tdb.setColumnFamily(columnFamilyDescriptorBuilder.build());
 100
 101     // Create the test table, this should succeed, as we don't use encryption
 102     TEST_UTIL.getAdmin().createTable(tdb.build());
 103     TEST_UTIL.waitTableAvailable(tdb.build().getTableName(), 5000);
 104   }
 105
 106 }