org.apache.accumulo.core.security.crypto
Interface CryptoModule

All Known Implementing Classes:
DefaultCryptoModule

Deprecated.

@Deprecated
public interface CryptoModule

Classes that obey this interface may be used to provide encrypting and decrypting streams to the rest of Accumulo. Classes that obey this interface may be configured as the crypto module by setting the property crypto.module.class in the accumulo-site.xml file. Note that this first iteration of this API is considered deprecated because we anticipate it changing in non-backwards compatible ways as we explore the requirements for encryption in Accumulo. So, your mileage is gonna vary a lot as we go forward.


Nested Class Summary
static class CryptoModule.CryptoInitProperty
          Deprecated.  
 
Method Summary
 InputStream getDecryptingInputStream(InputStream in, Map<String,String> cryptoOpts)
          Deprecated. Wraps an InputStream and returns a decrypting input stream.
 InputStream getDecryptingInputStream(InputStream in, Map<String,String> cryptoOpts, Map<CryptoModule.CryptoInitProperty,Object> cryptoInitParams)
          Deprecated. Wraps an InputStream and returns a decrypting input stream.
 OutputStream getEncryptingOutputStream(OutputStream out, Map<String,String> cryptoOpts)
          Deprecated. Wraps an OutputStream in an encrypting OutputStream.
 OutputStream getEncryptingOutputStream(OutputStream out, Map<String,String> conf, Map<CryptoModule.CryptoInitProperty,Object> cryptoInitParams)
          Deprecated. Wraps an OutputStream in an encrypting OutputStream.
 

Method Detail

getEncryptingOutputStream

OutputStream getEncryptingOutputStream(OutputStream out,
                                       Map<String,String> cryptoOpts)
                                       throws IOException
Deprecated. 
Wraps an OutputStream in an encrypting OutputStream. The given map contains the settings for the cryptographic algorithm to use. Callers of this method should expect that the given OutputStream will be written to before cryptographic writes occur. These writes contain the cryptographic information used to encrypt the following bytes (these data include the initialization vector, encrypted session key, and so on). If writing arbitrarily to the underlying stream is not desirable, users should call the other flavor of getEncryptingOutputStream which accepts these data as parameters.

Parameters:
out - the OutputStream to wrap
cryptoOpts - the cryptographic parameters to use; specific string names to look for will depend on the various implementations
Returns:
an OutputStream that wraps the given parameter
Throws:
IOException

getDecryptingInputStream

InputStream getDecryptingInputStream(InputStream in,
                                     Map<String,String> cryptoOpts)
                                     throws IOException
Deprecated. 
Wraps an InputStream and returns a decrypting input stream. The given map contains the settings for the intended cryptographic operations, but implementors should take care to ensure that the crypto from the given input stream matches their expectations about what they will use to decrypt it, as the parameters may have changed. Also, care should be taken around transitioning between non-encrypting and encrypting streams; implementors should handle the case where the given input stream is not encrypted at all. It is expected that this version of getDecryptingInputStream is called in conjunction with the getEncryptingOutputStream from above. It should expect its input streams to contain the data written by getEncryptingOutputStream.

Parameters:
in - the InputStream to wrap
cryptoOpts - the cryptographic parameters to use; specific string names to look for will depend on the various implementations
Returns:
an InputStream that wraps the given parameter
Throws:
IOException

getEncryptingOutputStream

OutputStream getEncryptingOutputStream(OutputStream out,
                                       Map<String,String> conf,
                                       Map<CryptoModule.CryptoInitProperty,Object> cryptoInitParams)
Deprecated. 
Wraps an OutputStream in an encrypting OutputStream. The given map contains the settings for the cryptographic algorithm to use. The cryptoInitParams map contains all the cryptographic details to construct a key (or keys), initialization vectors, etc. and use them to properly initialize the stream for writing. These initialization parameters must be persisted elsewhere, along with the cryptographic configuration (algorithm, mode, etc.), so that they may be read in at the time of reading the encrypted content.

Parameters:
out - the OutputStream to wrap
conf - the cryptographic algorithm configuration
cryptoInitParams - the initialization parameters for the algorithm, usually including initialization vector and session key
Returns:
a wrapped output stream

getDecryptingInputStream

InputStream getDecryptingInputStream(InputStream in,
                                     Map<String,String> cryptoOpts,
                                     Map<CryptoModule.CryptoInitProperty,Object> cryptoInitParams)
                                     throws IOException
Deprecated. 
Wraps an InputStream and returns a decrypting input stream. The given map contains the settings for the intended cryptographic operations, but implementors should take care to ensure that the crypto from the given input stream matches their expectations about what they will use to decrypt it, as the parameters may have changed. Also, care should be taken around transitioning between non-encrypting and encrypting streams; implementors should handle the case where the given input stream is not encrypted at all. The cryptoInitParams contains all necessary information to properly initialize the given cipher, usually including things like initialization vector and secret key.

Throws:
IOException


Copyright © 2013 Apache Accumulo Project. All Rights Reserved.