From 8233b047cb4e74b02120b10fae28457c60905eea Mon Sep 17 00:00:00 2001 From: Robert Yokota Date: Thu, 26 Oct 2023 19:30:29 -0700 Subject: [PATCH] MINOR expose dek registry apis for use by schema linking (#2809) * MINOR expose dek registry apis for use by schema linking * Add helper method --- .../dekregistry/storage/DataEncryptionKey.java | 5 +++++ .../dekregistry/storage/DekRegistry.java | 18 +++++++++--------- .../dekregistry/storage/EncryptionKey.java | 2 ++ .../dekregistry/storage/KeyEncryptionKey.java | 5 +++++ 4 files changed, 21 insertions(+), 9 deletions(-) diff --git a/dek-registry/src/main/java/io/confluent/dekregistry/storage/DataEncryptionKey.java b/dek-registry/src/main/java/io/confluent/dekregistry/storage/DataEncryptionKey.java index bc5bebb3ece..9ef051aa531 100644 --- a/dek-registry/src/main/java/io/confluent/dekregistry/storage/DataEncryptionKey.java +++ b/dek-registry/src/main/java/io/confluent/dekregistry/storage/DataEncryptionKey.java @@ -123,6 +123,11 @@ public int hashCode() { super.hashCode(), kekName, subject, algorithm, version, encryptedKeyMaterial); } + @Override + public DataEncryptionKeyId toKey(String tenant) { + return new DataEncryptionKeyId(tenant, kekName, subject, algorithm, version); + } + public Dek toDekEntity() { return new Dek( kekName, subject, version, algorithm, encryptedKeyMaterial, keyMaterial, timestamp, diff --git a/dek-registry/src/main/java/io/confluent/dekregistry/storage/DekRegistry.java b/dek-registry/src/main/java/io/confluent/dekregistry/storage/DekRegistry.java index d6330a7e90e..c4704900837 100644 --- a/dek-registry/src/main/java/io/confluent/dekregistry/storage/DekRegistry.java +++ b/dek-registry/src/main/java/io/confluent/dekregistry/storage/DekRegistry.java @@ -441,7 +441,7 @@ private Kek forwardCreateKekRequestToLeader(CreateKekRequest request, } } - private KeyEncryptionKey createKek(CreateKekRequest request) + public KeyEncryptionKey createKek(CreateKekRequest request) throws SchemaRegistryException { // Ensure cache is up-to-date keys.sync(); @@ -527,7 +527,7 @@ private Dek forwardCreateDekRequestToLeader(String kekName, } } - private DataEncryptionKey createDek(String kekName, CreateDekRequest request) + public DataEncryptionKey createDek(String kekName, CreateDekRequest request) throws SchemaRegistryException { // Ensure cache is up-to-date keys.sync(); @@ -650,7 +650,7 @@ private Kek forwardPutKekRequestToLeader(String name, } } - private KeyEncryptionKey putKek(String name, UpdateKekRequest request) + public KeyEncryptionKey putKek(String name, UpdateKekRequest request) throws SchemaRegistryException { // Ensure cache is up-to-date keys.sync(); @@ -718,7 +718,7 @@ private void forwardDeleteKekRequestToLeader(String name, boolean permanentDelet } } - private void deleteKek(String name, boolean permanentDelete) throws SchemaRegistryException { + public void deleteKek(String name, boolean permanentDelete) throws SchemaRegistryException { // Ensure cache is up-to-date keys.sync(); @@ -794,7 +794,7 @@ private void forwardDeleteDekRequestToLeader(String name, String subject, DekFor } } - private void deleteDek(String name, String subject, DekFormat algorithm, boolean permanentDelete) + public void deleteDek(String name, String subject, DekFormat algorithm, boolean permanentDelete) throws SchemaRegistryException { // Ensure cache is up-to-date keys.sync(); @@ -877,7 +877,7 @@ private void forwardDeleteDekVersionRequestToLeader(String name, String subject, } } - private void deleteDekVersion(String name, String subject, int version, + public void deleteDekVersion(String name, String subject, int version, DekFormat algorithm, boolean permanentDelete) throws SchemaRegistryException { // Ensure cache is up-to-date @@ -948,7 +948,7 @@ private void forwardUndeleteKekRequestToLeader(String name, Map } } - private void undeleteKek(String name) throws SchemaRegistryException { + public void undeleteKek(String name) throws SchemaRegistryException { // Ensure cache is up-to-date keys.sync(); @@ -1012,7 +1012,7 @@ private void forwardUndeleteDekRequestToLeader(String name, String subject, DekF } } - private void undeleteDek(String name, String subject, DekFormat algorithm) + public void undeleteDek(String name, String subject, DekFormat algorithm) throws SchemaRegistryException { // Ensure cache is up-to-date keys.sync(); @@ -1089,7 +1089,7 @@ private void forwardUndeleteDekVersionRequestToLeader(String name, String subjec } } - private void undeleteDekVersion(String name, String subject, int version, + public void undeleteDekVersion(String name, String subject, int version, DekFormat algorithm) throws SchemaRegistryException { // Ensure cache is up-to-date keys.sync(); diff --git a/dek-registry/src/main/java/io/confluent/dekregistry/storage/EncryptionKey.java b/dek-registry/src/main/java/io/confluent/dekregistry/storage/EncryptionKey.java index 851714c56e3..f73bfb70602 100644 --- a/dek-registry/src/main/java/io/confluent/dekregistry/storage/EncryptionKey.java +++ b/dek-registry/src/main/java/io/confluent/dekregistry/storage/EncryptionKey.java @@ -95,4 +95,6 @@ public boolean equals(Object o) { public int hashCode() { return Objects.hash(type, deleted); } + + public abstract EncryptionKeyId toKey(String tenant); } diff --git a/dek-registry/src/main/java/io/confluent/dekregistry/storage/KeyEncryptionKey.java b/dek-registry/src/main/java/io/confluent/dekregistry/storage/KeyEncryptionKey.java index a7be8667bfd..9ede1b61f1b 100644 --- a/dek-registry/src/main/java/io/confluent/dekregistry/storage/KeyEncryptionKey.java +++ b/dek-registry/src/main/java/io/confluent/dekregistry/storage/KeyEncryptionKey.java @@ -126,6 +126,11 @@ public int hashCode() { return Objects.hash(super.hashCode(), name, kmsType, kmsKeyId, kmsProps, doc, shared); } + @Override + public KeyEncryptionKeyId toKey(String tenant) { + return new KeyEncryptionKeyId(tenant, name); + } + public Kek toKekEntity() { return new Kek(name, kmsType, kmsKeyId, kmsProps, doc, shared, timestamp, deleted ? true : null);