/** * This method returns a crypto module based on settings in the given configuration parameter. * * @return a class implementing the CryptoModule interface. It will *never* return null; rather, * it will return a class which obeys the interface but makes no changes to the underlying * data. */ public static CryptoModule getCryptoModule(AccumuloConfiguration conf) { String cryptoModuleClassname = conf.get(Property.CRYPTO_MODULE_CLASS); return getCryptoModule(cryptoModuleClassname); }
public static CryptoModuleParameters createParamsObjectFromAccumuloConfiguration( AccumuloConfiguration conf) { CryptoModuleParameters params = new CryptoModuleParameters(); return fillParamsObjectFromConfiguration(params, conf); }
public void read(DataInput in) throws IOException { Map<String,String> optionsFromFile = new HashMap<>(); int numContextEntries = in.readInt(); for (int i = 0; i < numContextEntries; i++) { optionsFromFile.put(in.readUTF(), in.readUTF()); } CryptoModuleFactory.fillParamsObjectFromStringMap(this, optionsFromFile); // Read opaque key encryption ID setOpaqueKeyEncryptionKeyID(in.readUTF()); // Read encrypted secret key int encryptedSecretKeyLength = in.readInt(); byte[] encryptedSecretKey = new byte[encryptedSecretKeyLength]; in.readFully(encryptedSecretKey); setEncryptedKey(encryptedSecretKey); }
private void setupCryptoFromCachedData(BlockRead cachedCryptoParams) throws IOException { BCFileCryptoModuleParameters params = new BCFileCryptoModuleParameters(); params.read(cachedCryptoParams); if (Arrays.equals(params.getEncryptedKey(), NO_CRYPTO.getEncryptedKey()) && NO_CRYPTO.getOpaqueKeyEncryptionKeyID().equals(params.getOpaqueKeyEncryptionKeyID())) { this.cryptoParams = null; this.cryptoModule = null; this.secretKeyEncryptionStrategy = null; } else { this.cryptoModule = CryptoModuleFactory .getCryptoModule(params.getAllOptions().get(Property.CRYPTO_MODULE_CLASS.getKey())); this.secretKeyEncryptionStrategy = CryptoModuleFactory .getSecretKeyEncryptionStrategy(params.getKeyEncryptionStrategyClass()); // This call should put the decrypted session key within the cryptoParameters object cryptoParams = (BCFileCryptoModuleParameters) secretKeyEncryptionStrategy .decryptSecretKey(params); } }
this.cryptoModule = CryptoModuleFactory.getCryptoModule(accumuloConfiguration); this.cryptoParams = new BCFileCryptoModuleParameters(); CryptoModuleFactory.fillParamsObjectFromConfiguration(cryptoParams, accumuloConfiguration); this.cryptoParams = (BCFileCryptoModuleParameters) cryptoModule .generateNewRandomSessionKey(cryptoParams); .getSecretKeyEncryptionStrategy(accumuloConfiguration); this.cryptoParams = (BCFileCryptoModuleParameters) secretKeyEncryptionStrategy .encryptSecretKey(cryptoParams);
CryptoModule cryptoModule = CryptoModuleFactory.getCryptoModule(cryptoModuleClassname); .createParamsObjectFromAccumuloConfiguration(conf); params.setEncryptedInputStream(input); .getCryptoModule(DefaultCryptoModule.class.getName()); .createParamsObjectFromAccumuloConfiguration(conf);
.get(Property.CRYPTO_SECRET_KEY_ENCRYPTION_STRATEGY_CLASS.getKey())); } else { params = CryptoModuleFactory.fillParamsObjectFromStringMap(params, paramsFromFile); .getSecretKeyEncryptionStrategy(params.getKeyEncryptionStrategyClass());
public static SecretKeyEncryptionStrategy getSecretKeyEncryptionStrategy( AccumuloConfiguration conf) { String className = conf.get(Property.CRYPTO_SECRET_KEY_ENCRYPTION_STRATEGY_CLASS); return getSecretKeyEncryptionStrategy(className); }
public static CryptoModule getCryptoModule(String cryptoModuleClassname) { if (cryptoModuleClassname != null) { cryptoModuleClassname = cryptoModuleClassname.trim(); } if (cryptoModuleClassname == null || cryptoModuleClassname.equals("NullCryptoModule")) { return new NullCryptoModule(); } CryptoModule cryptoModule = null; synchronized (cryptoModulesCache) { if (cryptoModulesCache.containsKey(cryptoModuleClassname)) { cryptoModule = cryptoModulesCache.get(cryptoModuleClassname); } else { cryptoModule = instantiateCryptoModule(cryptoModuleClassname); cryptoModulesCache.put(cryptoModuleClassname, cryptoModule); } } return cryptoModule; }
public static SecretKeyEncryptionStrategy getSecretKeyEncryptionStrategy(String className) { if (className != null) { className = className.trim(); } if (className == null || className.equals("NullSecretKeyEncryptionStrategy")) { return new NullSecretKeyEncryptionStrategy(); } SecretKeyEncryptionStrategy strategy = null; synchronized (secretKeyEncryptionStrategyCache) { if (secretKeyEncryptionStrategyCache.containsKey(className)) { strategy = secretKeyEncryptionStrategyCache.get(className); } else { strategy = instantiateSecreteKeyEncryptionStrategy(className); secretKeyEncryptionStrategyCache.put(className, strategy); } } return strategy; }
public static CryptoModuleParameters fillParamsObjectFromStringMap(CryptoModuleParameters params, Map<String,String> cryptoOpts) { // Parse the cipher suite for the mode and padding options String[] cipherTransformParts = parseCipherTransform( cryptoOpts.get(Property.CRYPTO_CIPHER_SUITE.getKey())); // If no encryption has been specified, then we abort here. if (cipherTransformParts[0] == null || cipherTransformParts[0].equals("NullCipher")) { params.setAllOptions(cryptoOpts); params.setAlgorithmName("NullCipher"); return params; } params.setAllOptions(cryptoOpts); params.setAlgorithmName(cryptoOpts.get(Property.CRYPTO_CIPHER_ALGORITHM_NAME.getKey())); params.setEncryptionMode(cipherTransformParts[1]); params.setKeyEncryptionStrategyClass( cryptoOpts.get(Property.CRYPTO_SECRET_KEY_ENCRYPTION_STRATEGY_CLASS.getKey())); params .setKeyLength(Integer.parseInt(cryptoOpts.get(Property.CRYPTO_CIPHER_KEY_LENGTH.getKey()))); params.setOverrideStreamsSecretKeyEncryptionStrategy(Boolean.parseBoolean( cryptoOpts.get(Property.CRYPTO_OVERRIDE_KEY_STRATEGY_WITH_CONFIGURED_STRATEGY.getKey()))); params.setPadding(cipherTransformParts[2]); params.setRandomNumberGenerator(cryptoOpts.get(Property.CRYPTO_SECURE_RNG.getKey())); params.setRandomNumberGeneratorProvider( cryptoOpts.get(Property.CRYPTO_SECURE_RNG_PROVIDER.getKey())); String blockStreamSize = cryptoOpts.get(Property.CRYPTO_BLOCK_STREAM_SIZE.getKey()); if (blockStreamSize != null) params.setBlockStreamSize(Integer.parseInt(blockStreamSize)); return params; }
cache.cacheMetaBlock(CRYPTO_BLOCK_NAME, baos.toByteArray()); this.cryptoModule = CryptoModuleFactory.getCryptoModule( cryptoParams.getAllOptions().get(Property.CRYPTO_MODULE_CLASS.getKey())); this.secretKeyEncryptionStrategy = CryptoModuleFactory .getSecretKeyEncryptionStrategy(cryptoParams.getKeyEncryptionStrategyClass());
.getCryptoModule(conf.getConfiguration().get(Property.CRYPTO_MODULE_CLASS)); .createParamsObjectFromAccumuloConfiguration(conf.getConfiguration());
.getSecretKeyEncryptionStrategy(params.getKeyEncryptionStrategyClass()); params = keyEncryptionStrategy.encryptSecretKey(params);
cryptoParams.read(this.in); this.cryptoModule = CryptoModuleFactory.getCryptoModule( cryptoParams.getAllOptions().get(Property.CRYPTO_MODULE_CLASS.getKey())); .getSecretKeyEncryptionStrategy(cryptoParams.getKeyEncryptionStrategyClass());
.getCryptoModule(cryptoModuleName); @SuppressWarnings("deprecation") InputStream decryptingInputStream = cryptoOps.getDecryptingInputStream(input, cryptoOpts);
public static CryptoModuleParameters fillParamsObjectFromConfiguration( CryptoModuleParameters params, AccumuloConfiguration conf) { // Get all the options from the configuration Map<String,String> cryptoOpts = new HashMap<>( conf.getAllPropertiesWithPrefix(Property.CRYPTO_PREFIX)); cryptoOpts.putAll(conf.getAllPropertiesWithPrefix(Property.INSTANCE_PREFIX)); cryptoOpts.remove(Property.INSTANCE_SECRET.getKey()); cryptoOpts.put(Property.CRYPTO_BLOCK_STREAM_SIZE.getKey(), Integer.toString((int) conf.getMemoryInBytes(Property.CRYPTO_BLOCK_STREAM_SIZE))); return fillParamsObjectFromStringMap(params, cryptoOpts); }
org.apache.accumulo.core.security.crypto.CryptoModule cryptoModule = org.apache.accumulo.core.security.crypto.CryptoModuleFactory.getCryptoModule(conf .getConfiguration().get(Property.CRYPTO_MODULE_CLASS));