Class DefaultCryptoModule
- java.lang.Object
-
- org.apache.accumulo.core.security.crypto.DefaultCryptoModule
-
- All Implemented Interfaces:
CryptoModule
public class DefaultCryptoModule extends Object implements CryptoModule
This class implements theCryptoModule
interface, defining how calling applications can receive encrypted input and output streams. While the default implementation given here allows for a lot of flexibility in terms of choices of algorithm, key encryption strategies, and so on, some Accumulo users may choose to swap out this implementation for others, and can base their implementation details off of this class's work. In general, the module is quite straightforward: provide it with crypto-related settings and an input/output stream, and it will hand back those streams wrapped in encrypting (or decrypting) streams.
-
-
Constructor Summary
Constructors Constructor Description DefaultCryptoModule()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description CryptoModuleParameters
generateNewRandomSessionKey(CryptoModuleParameters params)
Generates a random session key and sets it into theCryptoModuleParameters.getPlaintextKey()
property.CryptoModuleParameters
getDecryptingInputStream(CryptoModuleParameters params)
CryptoModuleParameters
getEncryptingOutputStream(CryptoModuleParameters params)
Takes aCryptoModuleParameters
object containing anOutputStream
to wrap within aCipherOutputStream
.CryptoModuleParameters
initializeCipher(CryptoModuleParameters params)
Generates aCipher
object based on the parameters in the givenCryptoModuleParameters
object and places it into theCryptoModuleParameters.getCipher()
property.
-
-
-
Method Detail
-
initializeCipher
public CryptoModuleParameters initializeCipher(CryptoModuleParameters params)
Description copied from interface:CryptoModule
Generates aCipher
object based on the parameters in the givenCryptoModuleParameters
object and places it into theCryptoModuleParameters.getCipher()
property. Callers may choose to use this method if they want to get the initialization vector from the cipher before proceeding to create wrapped streams.- Specified by:
initializeCipher
in interfaceCryptoModule
- Parameters:
params
- aCryptoModuleParameters
object contained a correctly instantiated set of properties.- Returns:
- the same
CryptoModuleParameters
object with the cipher set.
-
getEncryptingOutputStream
public CryptoModuleParameters getEncryptingOutputStream(CryptoModuleParameters params) throws IOException
Description copied from interface:CryptoModule
Takes aCryptoModuleParameters
object containing anOutputStream
to wrap within aCipherOutputStream
. The various other parts of theCryptoModuleParameters
object specify the details about the type of encryption to use. Callers should pay special attention to theCryptoModuleParameters.getRecordParametersToStream()
andCryptoModuleParameters.getCloseUnderylingStreamAfterCryptoStreamClose()
flags within theCryptoModuleParameters
object, as they control whether or not this method will write to the givenOutputStream
inCryptoModuleParameters.getPlaintextOutputStream()
.This method returns a
CryptoModuleParameters
object. Implementers of this interface maintain a contract that the returned object is the same as the one passed in, always. Return values are enclosed within that object, as some other calls will typically return more than one value.- Specified by:
getEncryptingOutputStream
in interfaceCryptoModule
- Parameters:
params
- theCryptoModuleParameters
object that specifies how to set up the encrypted stream.- Returns:
- the same
CryptoModuleParameters
object with theCryptoModuleParameters.getEncryptedOutputStream()
set to a stream that is not null. That stream may be exactly the same stream asCryptoModuleParameters.getPlaintextInputStream()
if the params object specifies no cryptography. - Throws:
IOException
-
getDecryptingInputStream
public CryptoModuleParameters getDecryptingInputStream(CryptoModuleParameters params) throws IOException
Description copied from interface:CryptoModule
Takes aCryptoModuleParameters
object containing anInputStream
to wrap within aCipherInputStream
. The various other parts of theCryptoModuleParameters
object specify the details about the type of encryption to use. Callers should pay special attention to theCryptoModuleParameters.getRecordParametersToStream()
andCryptoModuleParameters.getCloseUnderylingStreamAfterCryptoStreamClose()
flags within theCryptoModuleParameters
object, as they control whether or not this method will read from the givenInputStream
inCryptoModuleParameters.getEncryptedInputStream()
.This method returns a
CryptoModuleParameters
object. Implementers of this interface maintain a contract that the returned object is the same as the one passed in, always. Return values are enclosed within that object, as some other calls will typically return more than one value.- Specified by:
getDecryptingInputStream
in interfaceCryptoModule
- Parameters:
params
- theCryptoModuleParameters
object that specifies how to set up the encrypted stream.- Returns:
- the same
CryptoModuleParameters
object with theCryptoModuleParameters.getPlaintextInputStream()
set to a stream that is not null. That stream may be exactly the same stream asCryptoModuleParameters.getEncryptedInputStream()
if the params object specifies no cryptography. - Throws:
IOException
-
generateNewRandomSessionKey
public CryptoModuleParameters generateNewRandomSessionKey(CryptoModuleParameters params)
Description copied from interface:CryptoModule
Generates a random session key and sets it into theCryptoModuleParameters.getPlaintextKey()
property. Saves callers from having to set up their own secure random provider. Also will set theCryptoModuleParameters.getSecureRandom()
property if it has not already been set by some other function.- Specified by:
generateNewRandomSessionKey
in interfaceCryptoModule
- Parameters:
params
- aCryptoModuleParameters
object contained a correctly instantiated set of properties.- Returns:
- the same
CryptoModuleParameters
object with the plaintext key set
-
-