Source code

001/*
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements.  See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership.  The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License.  You may obtain a copy of the License at
009 *
010 *     http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software
013 * distributed under the License is distributed on an "AS IS" BASIS,
014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015 * See the License for the specific language governing permissions and
016 * limitations under the License.
017 */
018package org.apache.hadoop.hbase.io.crypto;
019
020import java.security.Key;
021import org.apache.commons.codec.binary.Hex;
022import org.apache.hadoop.conf.Configurable;
023import org.apache.hadoop.conf.Configuration;
024import org.apache.hadoop.hbase.HBaseConfiguration;
025import org.apache.yetus.audience.InterfaceAudience;
026
027import org.apache.hbase.thirdparty.com.google.common.base.Preconditions;
028
029/**
030 * Crypto context. Encapsulates an encryption algorithm and its key material.
031 */
032@InterfaceAudience.Public
033public class Context implements Configurable {
034  private Configuration conf;
035  private Cipher cipher;
036  private Key key;
037  private String keyHash;
038
039  Context(Configuration conf) {
040    this.conf = conf;
041  }
042
043  Context() {
044    this(HBaseConfiguration.create());
045  }
046
047  @Override
048  public Configuration getConf() {
049    return conf;
050  }
051
052  @Override
053  public void setConf(Configuration conf) {
054    this.conf = conf;
055  }
056
057  @Override
058  public String toString() {
059    return "cipher=" + (cipher != null ? cipher.getName() : "NONE") + " keyHash="
060      + (keyHash != null ? keyHash.substring(0, 8) + "..." : "NONE");
061  }
062
063  public Cipher getCipher() {
064    return cipher;
065  }
066
067  public Context setCipher(Cipher cipher) {
068    this.cipher = cipher;
069    return this;
070  }
071
072  public byte[] getKeyBytes() {
073    return key.getEncoded();
074  }
075
076  public String getKeyBytesHash() {
077    return keyHash;
078  }
079
080  public String getKeyFormat() {
081    return key.getFormat();
082  }
083
084  public Key getKey() {
085    return key;
086  }
087
088  public Context setKey(Key key) {
089    Preconditions.checkNotNull(cipher, "Context does not have a cipher");
090    // validate the key length
091    byte[] encoded = key.getEncoded();
092    if (encoded.length != cipher.getKeyLength()) {
093      throw new RuntimeException(
094        "Illegal key length, have=" + encoded.length + ", want=" + cipher.getKeyLength());
095    }
096    this.key = key;
097    this.keyHash = new String(Hex.encodeHex(Encryption.computeCryptoKeyHash(conf, encoded)));
098    return this;
099  }
100}