public abstract class AbstractAESEncryptor extends Object implements RepositoryObjectEncryptor
| Modifier and Type | Field and Description |
|---|---|
protected AESKeyedCipherProvider |
aesKeyedCipherProvider |
private static String |
ALGORITHM |
private static byte[] |
EM_END_SENTINEL |
private static byte[] |
EM_START_SENTINEL |
protected static byte[] |
EMPTY_IV |
protected static int |
IV_LENGTH |
protected KeyProvider |
keyProvider |
private static org.slf4j.Logger |
logger |
| Constructor and Description |
|---|
AbstractAESEncryptor() |
| Modifier and Type | Method and Description |
|---|---|
void |
initialize(KeyProvider keyProvider)
Initializes the encryptor with a
KeyProvider. |
static RepositoryObjectEncryptionMetadata |
prepareObjectForDecryption(Object ciphertextSource,
String identifier,
String descriptor,
List<String> supportedVersions)
Utility method which extracts the
RepositoryObjectEncryptionMetadata object from the byte[] or
InputStream provided and verifies common validation across both streaming and block decryption. |
(package private) void |
setCipherProvider(AESKeyedCipherProvider cipherProvider)
Available for dependency injection to override the default
AESKeyedCipherProvider if necessary. |
private static final org.slf4j.Logger logger
private static final byte[] EM_START_SENTINEL
private static final byte[] EM_END_SENTINEL
private static String ALGORITHM
protected static final int IV_LENGTH
protected static final byte[] EMPTY_IV
protected KeyProvider keyProvider
protected AESKeyedCipherProvider aesKeyedCipherProvider
public void initialize(KeyProvider keyProvider) throws KeyManagementException
KeyProvider.initialize in interface RepositoryObjectEncryptorkeyProvider - the key provider which will be responsible for accessing keysKeyManagementException - if there is an issue configuring the key providervoid setCipherProvider(AESKeyedCipherProvider cipherProvider)
AESKeyedCipherProvider if necessary.cipherProvider - the AES cipher provider to usepublic static RepositoryObjectEncryptionMetadata prepareObjectForDecryption(Object ciphertextSource, String identifier, String descriptor, List<String> supportedVersions) throws EncryptionException
RepositoryObjectEncryptionMetadata object from the byte[] or
InputStream provided and verifies common validation across both streaming and block decryption. Returns
the extracted metadata object.ciphertextSource - the encrypted source -- can be byte[] or InputStreamidentifier - the unique identifier for this sourcedescriptor - the generic name for this source type for logging/error messagessupportedVersions - the list of supported versions for the particular encryptor calling this method (see
RepositoryObjectAESCTREncryptor and
RepositoryObjectAESGCMEncryptor for
SUPPORTED_VERSIONS)RepositoryObjectEncryptionMetadata objectEncryptionException - if there is an exception parsing or validating the sourceCopyright © 2019 Apache NiFi Project. All rights reserved.