org.apache.accumulo.core.security.crypto
public class DefaultCryptoModule extends Object implements CryptoModule
CryptoModule
interface, defining how calling applications can receive encrypted input and output streams. While the default
implementation given here allows for a lot of flexibility in terms of choices of algorithm, key encryption strategies, and so on, some Accumulo users may
choose to swap out this implementation for others, and can base their implementation details off of this class's work.
In general, the module is quite straightforward: provide it with crypto-related settings and an input/output stream, and it will hand back those streams
wrapped in encrypting (or decrypting) streams.Constructor and Description |
---|
DefaultCryptoModule() |
Modifier and Type | Method and Description |
---|---|
CryptoModuleParameters |
generateNewRandomSessionKey(CryptoModuleParameters params)
Generates a random session key and sets it into the
CryptoModuleParameters.getPlaintextKey() property. |
CryptoModuleParameters |
getDecryptingInputStream(CryptoModuleParameters params)
|
CryptoModuleParameters |
getEncryptingOutputStream(CryptoModuleParameters params)
Takes a
CryptoModuleParameters object containing an OutputStream to wrap within a CipherOutputStream . |
CryptoModuleParameters |
initializeCipher(CryptoModuleParameters params)
Generates a
Cipher object based on the parameters in the given CryptoModuleParameters object and places it into the
CryptoModuleParameters.getCipher() property. |
public CryptoModuleParameters initializeCipher(CryptoModuleParameters params)
CryptoModule
Cipher
object based on the parameters in the given CryptoModuleParameters
object and places it into the
CryptoModuleParameters.getCipher()
property. Callers may choose to use this method if they want to get the initialization vector from the cipher
before proceeding to create wrapped streams.initializeCipher
in interface CryptoModule
params
- a CryptoModuleParameters
object contained a correctly instantiated set of properties.CryptoModuleParameters
object with the cipher set.public CryptoModuleParameters getEncryptingOutputStream(CryptoModuleParameters params) throws IOException
CryptoModule
CryptoModuleParameters
object containing an OutputStream
to wrap within a CipherOutputStream
. The various other parts of
the CryptoModuleParameters
object specify the details about the type of encryption to use. Callers should pay special attention to the
CryptoModuleParameters.getRecordParametersToStream()
and CryptoModuleParameters.getCloseUnderylingStreamAfterCryptoStreamClose()
flags
within the CryptoModuleParameters
object, as they control whether or not this method will write to the given OutputStream
in
CryptoModuleParameters.getPlaintextOutputStream()
.
This method returns a CryptoModuleParameters
object. Implementers of this interface maintain a contract that the returned object is the same
as the one passed in, always. Return values are enclosed within that object, as some other calls will typically return more than one value.
getEncryptingOutputStream
in interface CryptoModule
params
- the CryptoModuleParameters
object that specifies how to set up the encrypted stream.CryptoModuleParameters
object with the CryptoModuleParameters.getEncryptedOutputStream()
set to a stream that is not null.
That stream may be exactly the same stream as CryptoModuleParameters.getPlaintextInputStream()
if the params object specifies no
cryptography.IOException
public CryptoModuleParameters getDecryptingInputStream(CryptoModuleParameters params) throws IOException
CryptoModule
CryptoModuleParameters
object containing an InputStream
to wrap within a CipherInputStream
. The various other parts of the
CryptoModuleParameters
object specify the details about the type of encryption to use. Callers should pay special attention to the
CryptoModuleParameters.getRecordParametersToStream()
and CryptoModuleParameters.getCloseUnderylingStreamAfterCryptoStreamClose()
flags
within the CryptoModuleParameters
object, as they control whether or not this method will read from the given InputStream
in
CryptoModuleParameters.getEncryptedInputStream()
.
This method returns a CryptoModuleParameters
object. Implementers of this interface maintain a contract that the returned object is the same
as the one passed in, always. Return values are enclosed within that object, as some other calls will typically return more than one value.
getDecryptingInputStream
in interface CryptoModule
params
- the CryptoModuleParameters
object that specifies how to set up the encrypted stream.CryptoModuleParameters
object with the CryptoModuleParameters.getPlaintextInputStream()
set to a stream that is not null.
That stream may be exactly the same stream as CryptoModuleParameters.getEncryptedInputStream()
if the params object specifies no
cryptography.IOException
public CryptoModuleParameters generateNewRandomSessionKey(CryptoModuleParameters params)
CryptoModule
CryptoModuleParameters.getPlaintextKey()
property. Saves callers from having to set up their
own secure random provider. Also will set the CryptoModuleParameters.getSecureRandom()
property if it has not already been set by some other
function.generateNewRandomSessionKey
in interface CryptoModule
params
- a CryptoModuleParameters
object contained a correctly instantiated set of properties.CryptoModuleParameters
object with the plaintext key setCopyright © 2011–2016 The Apache Software Foundation. All rights reserved.