public class DefaultCryptoModule extends Object implements CryptoModule
CryptoModule
interface, defining how calling applications can
receive encrypted input and output streams. While the default implementation given here allows
for a lot of flexibility in terms of choices of algorithm, key encryption strategies, and so on,
some Accumulo users may choose to swap out this implementation for others, and can base their
implementation details off of this class's work.
In general, the module is quite straightforward: provide it with crypto-related settings and an
input/output stream, and it will hand back those streams wrapped in encrypting (or decrypting)
streams.Constructor and Description |
---|
DefaultCryptoModule() |
Modifier and Type | Method and Description |
---|---|
CryptoModuleParameters |
generateNewRandomSessionKey(CryptoModuleParameters params)
Generates a random session key and sets it into the
CryptoModuleParameters.getPlaintextKey() property. |
CryptoModuleParameters |
getDecryptingInputStream(CryptoModuleParameters params)
|
CryptoModuleParameters |
getEncryptingOutputStream(CryptoModuleParameters params)
Takes a
CryptoModuleParameters object containing an OutputStream to wrap within
a CipherOutputStream . |
CryptoModuleParameters |
initializeCipher(CryptoModuleParameters params)
Generates a
Cipher object based on the parameters in the given
CryptoModuleParameters object and places it into the
CryptoModuleParameters.getCipher() property. |
public CryptoModuleParameters initializeCipher(CryptoModuleParameters params)
CryptoModule
Cipher
object based on the parameters in the given
CryptoModuleParameters
object and places it into the
CryptoModuleParameters.getCipher()
property. Callers may choose to use this method if
they want to get the initialization vector from the cipher before proceeding to create wrapped
streams.initializeCipher
in interface CryptoModule
params
- a CryptoModuleParameters
object contained a correctly instantiated set of
properties.CryptoModuleParameters
object with the cipher set.public CryptoModuleParameters getEncryptingOutputStream(CryptoModuleParameters params) throws IOException
CryptoModule
CryptoModuleParameters
object containing an OutputStream
to wrap within
a CipherOutputStream
. The various other parts of the CryptoModuleParameters
object specify the details about the type of encryption to use. Callers should pay special
attention to the CryptoModuleParameters.getRecordParametersToStream()
and
CryptoModuleParameters.getCloseUnderylingStreamAfterCryptoStreamClose()
flags within
the CryptoModuleParameters
object, as they control whether or not this method will
write to the given OutputStream
in
CryptoModuleParameters.getPlaintextOutputStream()
.
This method returns a CryptoModuleParameters
object. Implementers of this interface
maintain a contract that the returned object is the same as the one passed in, always.
Return values are enclosed within that object, as some other calls will typically return more
than one value.
getEncryptingOutputStream
in interface CryptoModule
params
- the CryptoModuleParameters
object that specifies how to set up the encrypted
stream.CryptoModuleParameters
object with the
CryptoModuleParameters.getEncryptedOutputStream()
set to a stream that is not
null. That stream may be exactly the same stream as
CryptoModuleParameters.getPlaintextInputStream()
if the params object specifies
no cryptography.IOException
public CryptoModuleParameters getDecryptingInputStream(CryptoModuleParameters params) throws IOException
CryptoModule
CryptoModuleParameters
object containing an InputStream
to wrap within
a CipherInputStream
. The various other parts of the CryptoModuleParameters
object specify the details about the type of encryption to use. Callers should pay special
attention to the CryptoModuleParameters.getRecordParametersToStream()
and
CryptoModuleParameters.getCloseUnderylingStreamAfterCryptoStreamClose()
flags within
the CryptoModuleParameters
object, as they control whether or not this method will read
from the given InputStream
in CryptoModuleParameters.getEncryptedInputStream()
.
This method returns a CryptoModuleParameters
object. Implementers of this interface
maintain a contract that the returned object is the same as the one passed in, always.
Return values are enclosed within that object, as some other calls will typically return more
than one value.
getDecryptingInputStream
in interface CryptoModule
params
- the CryptoModuleParameters
object that specifies how to set up the encrypted
stream.CryptoModuleParameters
object with the
CryptoModuleParameters.getPlaintextInputStream()
set to a stream that is not
null. That stream may be exactly the same stream as
CryptoModuleParameters.getEncryptedInputStream()
if the params object specifies
no cryptography.IOException
public CryptoModuleParameters generateNewRandomSessionKey(CryptoModuleParameters params)
CryptoModule
CryptoModuleParameters.getPlaintextKey()
property. Saves callers from having to set up
their own secure random provider. Also will set the
CryptoModuleParameters.getSecureRandom()
property if it has not already been set by
some other function.generateNewRandomSessionKey
in interface CryptoModule
params
- a CryptoModuleParameters
object contained a correctly instantiated set of
properties.CryptoModuleParameters
object with the plaintext key setCopyright © 2011–2019 The Apache Software Foundation. All rights reserved.