/** Check and floor buffer size */ public static int checkBufferSize(CryptoCodec codec, int bufferSize) { Preconditions.checkArgument(bufferSize >= MIN_BUFFER_SIZE, "Minimum value of buffer size is " + MIN_BUFFER_SIZE + "."); return bufferSize - bufferSize % codec.getCipherSuite() .getAlgorithmBlockSize(); }
private byte getPadding(long position) { return (byte)(position % codec.getCipherSuite().getAlgorithmBlockSize()); }
private long getCounter(long position) { return position / codec.getCipherSuite().getAlgorithmBlockSize(); }
/** * Compares two encryption key strengths. * * @param zone1 First EncryptionZone to compare * @param zone2 Second EncryptionZone to compare * @return 1 if zone1 is stronger; 0 if zones are equal; -1 if zone1 is weaker. * @throws IOException If an error occurred attempting to get key metadata */ private int compareKeyStrength(EncryptionZone zone1, EncryptionZone zone2) throws IOException { // zone1, zone2 should already have been checked for nulls. assert zone1 != null && zone2 != null : "Neither EncryptionZone under comparison can be null."; CipherSuite suite1 = zone1.getSuite(); CipherSuite suite2 = zone2.getSuite(); if (suite1 == null && suite2 == null) { return 0; } else if (suite1 == null) { return -1; } else if (suite2 == null) { return 1; } return Integer.compare(suite1.getAlgorithmBlockSize(), suite2.getAlgorithmBlockSize()); } }
/** * Create a FileEncryptionInfo. * * @param suite CipherSuite used to encrypt the file * @param edek encrypted data encryption key (EDEK) of the file * @param iv initialization vector (IV) used to encrypt the file * @param keyName name of the key used for the encryption zone * @param ezKeyVersionName name of the KeyVersion used to encrypt the * encrypted data encryption key. */ public FileEncryptionInfo(final CipherSuite suite, final CryptoProtocolVersion version, final byte[] edek, final byte[] iv, final String keyName, final String ezKeyVersionName) { checkNotNull(suite); checkNotNull(version); checkNotNull(edek); checkNotNull(iv); checkNotNull(keyName); checkNotNull(ezKeyVersionName); checkArgument(iv.length == suite.getAlgorithmBlockSize(), "Unexpected IV length"); this.cipherSuite = suite; this.version = version; this.edek = edek; this.iv = iv; this.keyName = keyName; this.ezKeyVersionName = ezKeyVersionName; }
/** Update the {@link #encryptor}: calculate counter and {@link #padding}. */ private void updateEncryptor() throws IOException { final long counter = streamOffset / codec.getCipherSuite().getAlgorithmBlockSize(); padding = (byte)(streamOffset % codec.getCipherSuite().getAlgorithmBlockSize()); inBuffer.position(padding); // Set proper position for input data. codec.calculateIV(initIV, counter, iv); encryptor.init(key, iv); }
@Override public EncryptedKeyVersion generateEncryptedKey(String encryptionKeyName) throws IOException, GeneralSecurityException { // Fetch the encryption key KeyVersion encryptionKey = keyProvider.getCurrentKey(encryptionKeyName); Preconditions.checkNotNull(encryptionKey, "No KeyVersion exists for key '%s' ", encryptionKeyName); // Generate random bytes for new key and IV CryptoCodec cc = CryptoCodec.getInstance(keyProvider.getConf()); try { final byte[] newKey = new byte[encryptionKey.getMaterial().length]; cc.generateSecureRandom(newKey); final byte[] iv = new byte[cc.getCipherSuite().getAlgorithmBlockSize()]; cc.generateSecureRandom(iv); Encryptor encryptor = cc.createEncryptor(); return generateEncryptedKey(encryptor, encryptionKey, newKey, iv); } finally { cc.close(); } }
/** Check and floor buffer size */ public static int checkBufferSize(CryptoCodec codec, int bufferSize) { Preconditions.checkArgument(bufferSize >= MIN_BUFFER_SIZE, "Minimum value of buffer size is " + MIN_BUFFER_SIZE + "."); return bufferSize - bufferSize % codec.getCipherSuite() .getAlgorithmBlockSize(); }
/** Check and floor buffer size */ public static int checkBufferSize(CryptoCodec codec, int bufferSize) { Preconditions.checkArgument(bufferSize >= MIN_BUFFER_SIZE, "Minimum value of buffer size is " + MIN_BUFFER_SIZE + "."); return bufferSize - bufferSize % codec.getCipherSuite() .getAlgorithmBlockSize(); }
/** Check and floor buffer size */ public static int checkBufferSize(CryptoCodec codec, int bufferSize) { Preconditions.checkArgument(bufferSize >= MIN_BUFFER_SIZE, "Minimum value of buffer size is " + MIN_BUFFER_SIZE + "."); return bufferSize - bufferSize % codec.getCipherSuite() .getAlgorithmBlockSize(); }
private long getCounter(long position) { return position / codec.getCipherSuite().getAlgorithmBlockSize(); }
private byte getPadding(long position) { return (byte)(position % codec.getCipherSuite().getAlgorithmBlockSize()); }
/** Update the {@link #encryptor}: calculate counter and {@link #padding}. */ private void updateEncryptor() throws IOException { final long counter = streamOffset / codec.getCipherSuite().getAlgorithmBlockSize(); padding = (byte)(streamOffset % codec.getCipherSuite().getAlgorithmBlockSize()); inBuffer.position(padding); // Set proper position for input data. codec.calculateIV(initIV, counter, iv); encryptor.init(key, iv); }
/** Update the {@link #encryptor}: calculate counter and {@link #padding}. */ private void updateEncryptor() throws IOException { final long counter = streamOffset / codec.getCipherSuite().getAlgorithmBlockSize(); padding = (byte)(streamOffset % codec.getCipherSuite().getAlgorithmBlockSize()); inBuffer.position(padding); // Set proper position for input data. codec.calculateIV(initIV, counter, iv); encryptor.init(key, iv); }
/** Update the {@link #encryptor}: calculate counter and {@link #padding}. */ private void updateEncryptor() throws IOException { final long counter = streamOffset / codec.getCipherSuite().getAlgorithmBlockSize(); padding = (byte)(streamOffset % codec.getCipherSuite().getAlgorithmBlockSize()); inBuffer.position(padding); // Set proper position for input data. codec.calculateIV(initIV, counter, iv); encryptor.init(key, iv); }
/** Check and floor buffer size */ public static int checkBufferSize(CryptoCodec codec, int bufferSize) { Preconditions.checkArgument(bufferSize >= MIN_BUFFER_SIZE, "Minimum value of buffer size is " + MIN_BUFFER_SIZE + "."); return bufferSize - bufferSize % codec.getCipherSuite() .getAlgorithmBlockSize(); }
public static int cryptoPadding(Configuration conf) { // Sizeof(IV) + long(start-offset) return isEncryptedSpillEnabled(conf) ? CryptoCodec.getInstance(conf) .getCipherSuite().getAlgorithmBlockSize() + 8 : 0; }
public static int cryptoPadding(Configuration conf) { // Sizeof(IV) + long(start-offset) return isEncryptedSpillEnabled(conf) ? CryptoCodec.getInstance(conf) .getCipherSuite().getAlgorithmBlockSize() + 8 : 0; }
public static int cryptoPadding(Configuration conf) { // Sizeof(IV) + long(start-offset) return isEncryptedSpillEnabled(conf) ? CryptoCodec.getInstance(conf) .getCipherSuite().getAlgorithmBlockSize() + 8 : 0; }
public static int cryptoPadding(Configuration conf) { // Sizeof(IV) + long(start-offset) return isEncryptedSpillEnabled(conf) ? CryptoCodec.getInstance(conf) .getCipherSuite().getAlgorithmBlockSize() + 8 : 0; }