Source code

001/*
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements.  See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership.  The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License.  You may obtain a copy of the License at
009 *
010 *     http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software
013 * distributed under the License is distributed on an "AS IS" BASIS,
014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015 * See the License for the specific language governing permissions and
016 * limitations under the License.
017 */
018package org.apache.hadoop.hbase.io.crypto.aes;
019
020import java.io.OutputStream;
021import java.security.InvalidAlgorithmParameterException;
022import java.security.InvalidKeyException;
023import java.security.Key;
024import java.security.SecureRandom;
025import javax.crypto.spec.IvParameterSpec;
026import org.apache.hadoop.hbase.io.crypto.Encryptor;
027import org.apache.yetus.audience.InterfaceAudience;
028import org.apache.yetus.audience.InterfaceStability;
029
030import org.apache.hbase.thirdparty.com.google.common.base.Preconditions;
031
032@InterfaceAudience.Private
033@InterfaceStability.Evolving
034public class AESEncryptor implements Encryptor {
035
036  private javax.crypto.Cipher cipher;
037  private SecureRandom rng;
038  private Key key;
039  private byte[] iv;
040  private boolean initialized = false;
041
042  public AESEncryptor(javax.crypto.Cipher cipher, SecureRandom rng) {
043    this.cipher = cipher;
044    this.rng = rng;
045  }
046
047  javax.crypto.Cipher getCipher() {
048    return cipher;
049  }
050
051  @Override
052  public void setKey(Key key) {
053    this.key = key;
054  }
055
056  @Override
057  public int getIvLength() {
058    return AES.IV_LENGTH;
059  }
060
061  @Override
062  public int getBlockSize() {
063    return AES.BLOCK_SIZE;
064  }
065
066  @Override
067  public byte[] getIv() {
068    return iv;
069  }
070
071  @Override
072  public void setIv(byte[] iv) {
073    if (iv != null) {
074      Preconditions.checkArgument(iv.length == AES.IV_LENGTH, "Invalid IV length");
075    }
076    this.iv = iv;
077  }
078
079  @Override
080  public OutputStream createEncryptionStream(OutputStream out) {
081    if (!initialized) {
082      init();
083    }
084    return new javax.crypto.CipherOutputStream(out, cipher);
085  }
086
087  @Override
088  public void reset() {
089    init();
090  }
091
092  protected void init() {
093    try {
094      if (iv == null) {
095        iv = new byte[getIvLength()];
096        rng.nextBytes(iv);
097      }
098      cipher.init(javax.crypto.Cipher.ENCRYPT_MODE, key, new IvParameterSpec(iv));
099    } catch (InvalidKeyException e) {
100      throw new RuntimeException(e);
101    } catch (InvalidAlgorithmParameterException e) {
102      throw new RuntimeException(e);
103    }
104    initialized = true;
105  }
106
107}