Class DefaultCryptoModule
- java.lang.Object
-
- org.apache.accumulo.core.security.crypto.DefaultCryptoModule
-
- All Implemented Interfaces:
CryptoModule
public class DefaultCryptoModule extends Object implements CryptoModule
This class implements theCryptoModuleinterface, defining how calling applications can receive encrypted input and output streams. While the default implementation given here allows for a lot of flexibility in terms of choices of algorithm, key encryption strategies, and so on, some Accumulo users may choose to swap out this implementation for others, and can base their implementation details off of this class's work. In general, the module is quite straightforward: provide it with crypto-related settings and an input/output stream, and it will hand back those streams wrapped in encrypting (or decrypting) streams.
-
-
Constructor Summary
Constructors Constructor Description DefaultCryptoModule()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description CryptoModuleParametersgenerateNewRandomSessionKey(CryptoModuleParameters params)Generates a random session key and sets it into theCryptoModuleParameters.getPlaintextKey()property.CryptoModuleParametersgetDecryptingInputStream(CryptoModuleParameters params)CryptoModuleParametersgetEncryptingOutputStream(CryptoModuleParameters params)Takes aCryptoModuleParametersobject containing anOutputStreamto wrap within aCipherOutputStream.CryptoModuleParametersinitializeCipher(CryptoModuleParameters params)Generates aCipherobject based on the parameters in the givenCryptoModuleParametersobject and places it into theCryptoModuleParameters.getCipher()property.
-
-
-
Method Detail
-
initializeCipher
public CryptoModuleParameters initializeCipher(CryptoModuleParameters params)
Description copied from interface:CryptoModuleGenerates aCipherobject based on the parameters in the givenCryptoModuleParametersobject and places it into theCryptoModuleParameters.getCipher()property. Callers may choose to use this method if they want to get the initialization vector from the cipher before proceeding to create wrapped streams.- Specified by:
initializeCipherin interfaceCryptoModule- Parameters:
params- aCryptoModuleParametersobject contained a correctly instantiated set of properties.- Returns:
- the same
CryptoModuleParametersobject with the cipher set.
-
getEncryptingOutputStream
public CryptoModuleParameters getEncryptingOutputStream(CryptoModuleParameters params) throws IOException
Description copied from interface:CryptoModuleTakes aCryptoModuleParametersobject containing anOutputStreamto wrap within aCipherOutputStream. The various other parts of theCryptoModuleParametersobject specify the details about the type of encryption to use. Callers should pay special attention to theCryptoModuleParameters.getRecordParametersToStream()andCryptoModuleParameters.getCloseUnderylingStreamAfterCryptoStreamClose()flags within theCryptoModuleParametersobject, as they control whether or not this method will write to the givenOutputStreaminCryptoModuleParameters.getPlaintextOutputStream().This method returns a
CryptoModuleParametersobject. Implementers of this interface maintain a contract that the returned object is the same as the one passed in, always. Return values are enclosed within that object, as some other calls will typically return more than one value.- Specified by:
getEncryptingOutputStreamin interfaceCryptoModule- Parameters:
params- theCryptoModuleParametersobject that specifies how to set up the encrypted stream.- Returns:
- the same
CryptoModuleParametersobject with theCryptoModuleParameters.getEncryptedOutputStream()set to a stream that is not null. That stream may be exactly the same stream asCryptoModuleParameters.getPlaintextInputStream()if the params object specifies no cryptography. - Throws:
IOException
-
getDecryptingInputStream
public CryptoModuleParameters getDecryptingInputStream(CryptoModuleParameters params) throws IOException
Description copied from interface:CryptoModuleTakes aCryptoModuleParametersobject containing anInputStreamto wrap within aCipherInputStream. The various other parts of theCryptoModuleParametersobject specify the details about the type of encryption to use. Callers should pay special attention to theCryptoModuleParameters.getRecordParametersToStream()andCryptoModuleParameters.getCloseUnderylingStreamAfterCryptoStreamClose()flags within theCryptoModuleParametersobject, as they control whether or not this method will read from the givenInputStreaminCryptoModuleParameters.getEncryptedInputStream().This method returns a
CryptoModuleParametersobject. Implementers of this interface maintain a contract that the returned object is the same as the one passed in, always. Return values are enclosed within that object, as some other calls will typically return more than one value.- Specified by:
getDecryptingInputStreamin interfaceCryptoModule- Parameters:
params- theCryptoModuleParametersobject that specifies how to set up the encrypted stream.- Returns:
- the same
CryptoModuleParametersobject with theCryptoModuleParameters.getPlaintextInputStream()set to a stream that is not null. That stream may be exactly the same stream asCryptoModuleParameters.getEncryptedInputStream()if the params object specifies no cryptography. - Throws:
IOException
-
generateNewRandomSessionKey
public CryptoModuleParameters generateNewRandomSessionKey(CryptoModuleParameters params)
Description copied from interface:CryptoModuleGenerates a random session key and sets it into theCryptoModuleParameters.getPlaintextKey()property. Saves callers from having to set up their own secure random provider. Also will set theCryptoModuleParameters.getSecureRandom()property if it has not already been set by some other function.- Specified by:
generateNewRandomSessionKeyin interfaceCryptoModule- Parameters:
params- aCryptoModuleParametersobject contained a correctly instantiated set of properties.- Returns:
- the same
CryptoModuleParametersobject with the plaintext key set
-
-