/** * Encrypts a block of plaintext with the symmetric key resolved for the given subject * @param out ciphertext * @param in plaintext * @param conf configuration * @param cipher the encryption algorithm * @param iv the initialization vector, can be null * @throws IOException */ public static void encryptWithSubjectKey(OutputStream out, InputStream in, String subject, Configuration conf, Cipher cipher, byte[] iv) throws IOException { Key key = getSecretKeyForSubject(subject, conf); if (key == null) { throw new IOException("No key found for subject '" + subject + "'"); } Encryptor e = cipher.getEncryptor(); e.setKey(key); e.setIv(iv); // can be null encrypt(out, in, e); }
Encryptor encryptor = cipher.getEncryptor(); encryptor.setKey(key); setEncryptor(encryptor);
/** * Encrypt a stream of plaintext given a context and IV * @param out ciphertext * @param in plaintet * @param context * @param iv * @throws IOException */ public static void encrypt(OutputStream out, InputStream in, Context context, byte[] iv) throws IOException { Encryptor e = context.getCipher().getEncryptor(); e.setKey(context.getKey()); e.setIv(iv); // can be null e.reset(); encrypt(out, in, e); }
/** * Encrypt a block of plaintext * @param out ciphertext * @param src plaintext * @param offset * @param length * @param context * @param iv * @throws IOException */ public static void encrypt(OutputStream out, byte[] src, int offset, int length, Context context, byte[] iv) throws IOException { Encryptor e = context.getCipher().getEncryptor(); e.setKey(context.getKey()); e.setIv(iv); // can be null e.reset(); encrypt(out, src, offset, length, e); }
private void checkTransformSymmetry(byte[] keyBytes, byte[] iv, byte[] plaintext) throws Exception { LOG.info("checkTransformSymmetry: AES, plaintext length = " + plaintext.length); Configuration conf = HBaseConfiguration.create(); String algorithm = conf.get(HConstants.CRYPTO_KEY_ALGORITHM_CONF_KEY, HConstants.CIPHER_AES); Cipher aes = Encryption.getCipher(conf, algorithm); Key key = new SecretKeySpec(keyBytes, algorithm); Encryptor e = aes.getEncryptor(); e.setKey(key); e.setIv(iv); e.reset(); ByteArrayOutputStream encOut = new ByteArrayOutputStream(); Encryption.encrypt(encOut, plaintext, 0, plaintext.length, e); byte[] encrypted = encOut.toByteArray(); Decryptor d = aes.getDecryptor(); d.setKey(key); d.setIv(iv); d.reset(); ByteArrayInputStream encIn = new ByteArrayInputStream(encrypted); ByteArrayOutputStream decOut = new ByteArrayOutputStream(); Encryption.decrypt(decOut, encIn, plaintext.length, d); byte[] result = decOut.toByteArray(); assertEquals("Decrypted result has different length than plaintext", result.length, plaintext.length); assertTrue("Transformation was not symmetric", Bytes.equals(result, plaintext)); }
@Test public void testAESAlgorithm() throws Exception { Configuration conf = HBaseConfiguration.create(); Cipher aes = Encryption.getCipher(conf, "AES"); assertEquals(AES.KEY_LENGTH, aes.getKeyLength()); assertEquals(AES.IV_LENGTH, aes.getIvLength()); Encryptor e = aes.getEncryptor(); e.setKey(new SecretKeySpec(Bytes.fromHex("2b7e151628aed2a6abf7158809cf4f3c"), "AES")); e.setIv(Bytes.fromHex("f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff")); ByteArrayOutputStream out = new ByteArrayOutputStream(); OutputStream cout = e.createEncryptionStream(out); cout.write(Bytes.fromHex("6bc1bee22e409f96e93d7e117393172a")); cout.write(Bytes.fromHex("ae2d8a571e03ac9c9eb76fac45af8e51")); cout.write(Bytes.fromHex("30c81c46a35ce411e5fbc1191a0a52ef")); cout.write(Bytes.fromHex("f69f2445df4f9b17ad2b417be66c3710")); cout.close(); ByteArrayInputStream in = new ByteArrayInputStream(out.toByteArray()); byte[] b = new byte[16]; IOUtils.readFully(in, b); assertTrue("Failed #1", Bytes.equals(b, Bytes.fromHex("874d6191b620e3261bef6864990db6ce"))); IOUtils.readFully(in, b); assertTrue("Failed #2", Bytes.equals(b, Bytes.fromHex("9806f66b7970fdff8617187bb9fffdff"))); IOUtils.readFully(in, b); assertTrue("Failed #3", Bytes.equals(b, Bytes.fromHex("5ae4df3edbd5d35e5b4f09020db03eab"))); IOUtils.readFully(in, b); assertTrue("Failed #4", Bytes.equals(b, Bytes.fromHex("1e031dda2fbe03d1792170a0f3009cee"))); }
@Test public void testAESAlgorithm() throws Exception { Configuration conf = HBaseConfiguration.create(); Cipher aes = Encryption.getCipher(conf, "AES"); assertEquals(CommonsCryptoAES.KEY_LENGTH, aes.getKeyLength()); assertEquals(CommonsCryptoAES.IV_LENGTH, aes.getIvLength()); Encryptor e = aes.getEncryptor(); e.setKey(new SecretKeySpec(Bytes.fromHex("2b7e151628aed2a6abf7158809cf4f3c"), "AES")); e.setIv(Bytes.fromHex("f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff")); ByteArrayOutputStream out = new ByteArrayOutputStream(); OutputStream cout = e.createEncryptionStream(out); cout.write(Bytes.fromHex("6bc1bee22e409f96e93d7e117393172a")); cout.write(Bytes.fromHex("ae2d8a571e03ac9c9eb76fac45af8e51")); cout.write(Bytes.fromHex("30c81c46a35ce411e5fbc1191a0a52ef")); cout.write(Bytes.fromHex("f69f2445df4f9b17ad2b417be66c3710")); cout.close(); ByteArrayInputStream in = new ByteArrayInputStream(out.toByteArray()); byte[] b = new byte[16]; IOUtils.readFully(in, b); assertTrue("Failed #1", Bytes.equals(b, Bytes.fromHex("874d6191b620e3261bef6864990db6ce"))); IOUtils.readFully(in, b); assertTrue("Failed #2", Bytes.equals(b, Bytes.fromHex("9806f66b7970fdff8617187bb9fffdff"))); IOUtils.readFully(in, b); assertTrue("Failed #3", Bytes.equals(b, Bytes.fromHex("5ae4df3edbd5d35e5b4f09020db03eab"))); IOUtils.readFully(in, b); assertTrue("Failed #4", Bytes.equals(b, Bytes.fromHex("1e031dda2fbe03d1792170a0f3009cee"))); }
Encryptor encryptor = cipher.getEncryptor(); encryptor.setKey(cryptoContext.getKey());
/** * Encrypts a block of plaintext with the symmetric key resolved for the given subject * @param out ciphertext * @param in plaintext * @param conf configuration * @param cipher the encryption algorithm * @param iv the initialization vector, can be null * @throws IOException */ public static void encryptWithSubjectKey(OutputStream out, InputStream in, String subject, Configuration conf, Cipher cipher, byte[] iv) throws IOException { Key key = getSecretKeyForSubject(subject, conf); if (key == null) { throw new IOException("No key found for subject '" + subject + "'"); } Encryptor e = cipher.getEncryptor(); e.setKey(key); e.setIv(iv); // can be null encrypt(out, in, e); }
/** * Encrypts a block of plaintext with the symmetric key resolved for the given subject * @param out ciphertext * @param in plaintext * @param conf configuration * @param cipher the encryption algorithm * @param iv the initialization vector, can be null * @throws IOException */ public static void encryptWithSubjectKey(OutputStream out, InputStream in, String subject, Configuration conf, Cipher cipher, byte[] iv) throws IOException { Key key = getSecretKeyForSubject(subject, conf); if (key == null) { throw new IOException("No key found for subject '" + subject + "'"); } Encryptor e = cipher.getEncryptor(); e.setKey(key); e.setIv(iv); // can be null encrypt(out, in, e); }
/** * Encrypts a block of plaintext with the symmetric key resolved for the given subject * @param out ciphertext * @param in plaintext * @param conf configuration * @param cipher the encryption algorithm * @param iv the initialization vector, can be null * @throws IOException */ public static void encryptWithSubjectKey(OutputStream out, InputStream in, String subject, Configuration conf, Cipher cipher, byte[] iv) throws IOException { Key key = getSecretKeyForSubject(subject, conf); if (key == null) { throw new IOException("No key found for subject '" + subject + "'"); } Encryptor e = cipher.getEncryptor(); e.setKey(key); e.setIv(iv); // can be null encrypt(out, in, e); }
/** * Encrypt a stream of plaintext given a context and IV * @param out ciphertext * @param in plaintet * @param context * @param iv * @throws IOException */ public static void encrypt(OutputStream out, InputStream in, Context context, byte[] iv) throws IOException { Encryptor e = context.getCipher().getEncryptor(); e.setKey(context.getKey()); e.setIv(iv); // can be null e.reset(); encrypt(out, in, e); }
/** * Encrypt a stream of plaintext given a context and IV * @param out ciphertext * @param in plaintet * @param context * @param iv * @throws IOException */ public static void encrypt(OutputStream out, InputStream in, Context context, byte[] iv) throws IOException { Encryptor e = context.getCipher().getEncryptor(); e.setKey(context.getKey()); e.setIv(iv); // can be null e.reset(); encrypt(out, in, e); }
/** * Encrypt a stream of plaintext given a context and IV * @param out ciphertext * @param in plaintet * @param context * @param iv * @throws IOException */ public static void encrypt(OutputStream out, InputStream in, Context context, byte[] iv) throws IOException { Encryptor e = context.getCipher().getEncryptor(); e.setKey(context.getKey()); e.setIv(iv); // can be null e.reset(); encrypt(out, in, e); }
/** * Encrypt a block of plaintext * @param out ciphertext * @param src plaintext * @param offset * @param length * @param context * @param iv * @throws IOException */ public static void encrypt(OutputStream out, byte[] src, int offset, int length, Context context, byte[] iv) throws IOException { Encryptor e = context.getCipher().getEncryptor(); e.setKey(context.getKey()); e.setIv(iv); // can be null e.reset(); encrypt(out, src, offset, length, e); }
/** * Encrypt a block of plaintext * @param out ciphertext * @param src plaintext * @param offset * @param length * @param context * @param iv * @throws IOException */ public static void encrypt(OutputStream out, byte[] src, int offset, int length, Context context, byte[] iv) throws IOException { Encryptor e = context.getCipher().getEncryptor(); e.setKey(context.getKey()); e.setIv(iv); // can be null e.reset(); encrypt(out, src, offset, length, e); }
/** * Encrypt a block of plaintext * @param out ciphertext * @param src plaintext * @param offset * @param length * @param context * @param iv * @throws IOException */ public static void encrypt(OutputStream out, byte[] src, int offset, int length, Context context, byte[] iv) throws IOException { Encryptor e = context.getCipher().getEncryptor(); e.setKey(context.getKey()); e.setIv(iv); // can be null e.reset(); encrypt(out, src, offset, length, e); }
@Test public void testAESAlgorithm() throws Exception { Configuration conf = HBaseConfiguration.create(); Cipher aes = Encryption.getCipher(conf, "AES"); assertEquals(AES.KEY_LENGTH, aes.getKeyLength()); assertEquals(AES.IV_LENGTH, aes.getIvLength()); Encryptor e = aes.getEncryptor(); e.setKey(new SecretKeySpec(Bytes.fromHex("2b7e151628aed2a6abf7158809cf4f3c"), "AES")); e.setIv(Bytes.fromHex("f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff")); ByteArrayOutputStream out = new ByteArrayOutputStream(); OutputStream cout = e.createEncryptionStream(out); cout.write(Bytes.fromHex("6bc1bee22e409f96e93d7e117393172a")); cout.write(Bytes.fromHex("ae2d8a571e03ac9c9eb76fac45af8e51")); cout.write(Bytes.fromHex("30c81c46a35ce411e5fbc1191a0a52ef")); cout.write(Bytes.fromHex("f69f2445df4f9b17ad2b417be66c3710")); cout.close(); ByteArrayInputStream in = new ByteArrayInputStream(out.toByteArray()); byte[] b = new byte[16]; IOUtils.readFully(in, b); assertTrue("Failed #1", Bytes.equals(b, Bytes.fromHex("874d6191b620e3261bef6864990db6ce"))); IOUtils.readFully(in, b); assertTrue("Failed #2", Bytes.equals(b, Bytes.fromHex("9806f66b7970fdff8617187bb9fffdff"))); IOUtils.readFully(in, b); assertTrue("Failed #3", Bytes.equals(b, Bytes.fromHex("5ae4df3edbd5d35e5b4f09020db03eab"))); IOUtils.readFully(in, b); assertTrue("Failed #4", Bytes.equals(b, Bytes.fromHex("1e031dda2fbe03d1792170a0f3009cee"))); }
@Test public void testAESAlgorithm() throws Exception { Configuration conf = HBaseConfiguration.create(); Cipher aes = Encryption.getCipher(conf, "AES"); assertEquals(CommonsCryptoAES.KEY_LENGTH, aes.getKeyLength()); assertEquals(CommonsCryptoAES.IV_LENGTH, aes.getIvLength()); Encryptor e = aes.getEncryptor(); e.setKey(new SecretKeySpec(Bytes.fromHex("2b7e151628aed2a6abf7158809cf4f3c"), "AES")); e.setIv(Bytes.fromHex("f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff")); ByteArrayOutputStream out = new ByteArrayOutputStream(); OutputStream cout = e.createEncryptionStream(out); cout.write(Bytes.fromHex("6bc1bee22e409f96e93d7e117393172a")); cout.write(Bytes.fromHex("ae2d8a571e03ac9c9eb76fac45af8e51")); cout.write(Bytes.fromHex("30c81c46a35ce411e5fbc1191a0a52ef")); cout.write(Bytes.fromHex("f69f2445df4f9b17ad2b417be66c3710")); cout.close(); ByteArrayInputStream in = new ByteArrayInputStream(out.toByteArray()); byte[] b = new byte[16]; IOUtils.readFully(in, b); assertTrue("Failed #1", Bytes.equals(b, Bytes.fromHex("874d6191b620e3261bef6864990db6ce"))); IOUtils.readFully(in, b); assertTrue("Failed #2", Bytes.equals(b, Bytes.fromHex("9806f66b7970fdff8617187bb9fffdff"))); IOUtils.readFully(in, b); assertTrue("Failed #3", Bytes.equals(b, Bytes.fromHex("5ae4df3edbd5d35e5b4f09020db03eab"))); IOUtils.readFully(in, b); assertTrue("Failed #4", Bytes.equals(b, Bytes.fromHex("1e031dda2fbe03d1792170a0f3009cee"))); }
@Test public void testAESAlgorithm() throws Exception { Configuration conf = HBaseConfiguration.create(); Cipher aes = Encryption.getCipher(conf, "AES"); assertEquals(AES.KEY_LENGTH, aes.getKeyLength()); assertEquals(AES.IV_LENGTH, aes.getIvLength()); Encryptor e = aes.getEncryptor(); e.setKey(new SecretKeySpec(Bytes.fromHex("2b7e151628aed2a6abf7158809cf4f3c"), "AES")); e.setIv(Bytes.fromHex("f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff")); ByteArrayOutputStream out = new ByteArrayOutputStream(); OutputStream cout = e.createEncryptionStream(out); cout.write(Bytes.fromHex("6bc1bee22e409f96e93d7e117393172a")); cout.write(Bytes.fromHex("ae2d8a571e03ac9c9eb76fac45af8e51")); cout.write(Bytes.fromHex("30c81c46a35ce411e5fbc1191a0a52ef")); cout.write(Bytes.fromHex("f69f2445df4f9b17ad2b417be66c3710")); cout.close(); ByteArrayInputStream in = new ByteArrayInputStream(out.toByteArray()); byte[] b = new byte[16]; IOUtils.readFully(in, b); assertTrue("Failed #1", Bytes.equals(b, Bytes.fromHex("874d6191b620e3261bef6864990db6ce"))); IOUtils.readFully(in, b); assertTrue("Failed #2", Bytes.equals(b, Bytes.fromHex("9806f66b7970fdff8617187bb9fffdff"))); IOUtils.readFully(in, b); assertTrue("Failed #3", Bytes.equals(b, Bytes.fromHex("5ae4df3edbd5d35e5b4f09020db03eab"))); IOUtils.readFully(in, b); assertTrue("Failed #4", Bytes.equals(b, Bytes.fromHex("1e031dda2fbe03d1792170a0f3009cee"))); }