001/*
002 * Licensed to the Apache Software Foundation (ASF) under one or more
003 * contributor license agreements. See the NOTICE file distributed with this
004 * work for additional information regarding copyright ownership. The ASF
005 * licenses this file to you under the Apache License, Version 2.0 (the
006 * "License"); you may not use this file except in compliance with the License.
007 * You may obtain a copy of the License at
008 *
009 * http://www.apache.org/licenses/LICENSE-2.0
010 *
011 * Unless required by applicable law or agreed to in writing, software
012 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
013 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
014 * License for the specific language governing permissions and limitations under
015 * the License.
016 */
017package org.apache.hadoop.hbase.io.crypto;
018
019import java.security.Key;
020
021import org.apache.hadoop.conf.Configurable;
022import org.apache.hadoop.conf.Configuration;
023import org.apache.hadoop.hbase.HBaseConfiguration;
024import org.apache.hadoop.hbase.util.MD5Hash;
025import org.apache.yetus.audience.InterfaceAudience;
026
027import org.apache.hbase.thirdparty.com.google.common.base.Preconditions;
028
029/**
030 * Crypto context. Encapsulates an encryption algorithm and its key material.
031 */
032@InterfaceAudience.Public
033public class Context implements Configurable {
034  private Configuration conf;
035  private Cipher cipher;
036  private Key key;
037  private String keyHash;
038
039  Context(Configuration conf) {
040    this.conf = conf;
041  }
042
043  Context() {
044    this(HBaseConfiguration.create());
045  }
046
047  @Override
048  public Configuration getConf() {
049    return conf;
050  }
051
052  @Override
053  public void setConf(Configuration conf) {
054    this.conf = conf;
055  }
056
057  @Override
058  public String toString() {
059    return "cipher=" + (cipher != null ? cipher.getName() : "NONE")
060        + " keyHash=" + (keyHash != null ? keyHash.substring(0, 8) + "..." : "NONE");
061  }
062
063  public Cipher getCipher() {
064    return cipher;
065  }
066
067  public Context setCipher(Cipher cipher) {
068    this.cipher = cipher;
069    return this;
070  }
071
072  public byte[] getKeyBytes() {
073    return key.getEncoded();
074  }
075
076  public String getKeyBytesHash() {
077    return keyHash;
078  }
079
080  public String getKeyFormat() {
081    return key.getFormat();
082  }
083
084  public Key getKey() {
085    return key;
086  }
087
088  public Context setKey(Key key) {
089    Preconditions.checkNotNull(cipher, "Context does not have a cipher");
090    // validate the key length
091    byte[] encoded = key.getEncoded();
092    if (encoded.length != cipher.getKeyLength()) {
093      throw new RuntimeException("Illegal key length, have=" + encoded.length +
094        ", want=" + cipher.getKeyLength());
095    }
096    this.key = key;
097    this.keyHash = MD5Hash.getMD5AsHex(encoded);
098    return this;
099  }
100}