Class CtrCryptoInputStream
- java.lang.Object
-
- java.io.InputStream
-
- org.apache.commons.crypto.stream.CryptoInputStream
-
- org.apache.commons.crypto.stream.CtrCryptoInputStream
-
- All Implemented Interfaces:
java.io.Closeable
,java.lang.AutoCloseable
,java.nio.channels.Channel
,java.nio.channels.ReadableByteChannel
- Direct Known Subclasses:
PositionedCryptoInputStream
public class CtrCryptoInputStream extends CryptoInputStream
CtrCryptoInputStream decrypts data. AES CTR mode is required in order to ensure that the plain text and cipher text have a 1:1 mapping. CTR crypto stream has stream characteristic which is useful for implement features like random seek. The decryption is buffer based. The key points of the decryption are (1) calculating the counter and (2) padding through stream position:
counter = base + pos/(algorithm blocksize); padding = pos%(algorithm blocksize);
The underlying stream offset is maintained as state. It is not thread-safe.
-
-
Field Summary
Fields Modifier and Type Field Description private boolean
cipherReset
Flag to mark whether the cipher has been resetprivate byte[]
initIV
The initial IV.private byte[]
iv
Initialization vector for the cipher.private byte
padding
Padding = pos%(algorithm blocksize); Padding is put intoCryptoInputStream.inBuffer
before any other data goes in.private long
streamOffset
Underlying stream offset-
Fields inherited from class org.apache.commons.crypto.stream.CryptoInputStream
cipher, EOS, inBuffer, input, key, outBuffer, STREAM_BUFFER_SIZE_KEY
-
-
Constructor Summary
Constructors Modifier Constructor Description protected
CtrCryptoInputStream(java.io.InputStream inputStream, CryptoCipher cipher, int bufferSize, byte[] key, byte[] iv)
Constructs aCtrCryptoInputStream
.protected
CtrCryptoInputStream(java.io.InputStream inputStream, CryptoCipher cipher, int bufferSize, byte[] key, byte[] iv, long streamOffset)
Constructs aCtrCryptoInputStream
.protected
CtrCryptoInputStream(java.nio.channels.ReadableByteChannel channel, CryptoCipher cipher, int bufferSize, byte[] key, byte[] iv)
Constructs aCtrCryptoInputStream
.protected
CtrCryptoInputStream(java.nio.channels.ReadableByteChannel channel, CryptoCipher cipher, int bufferSize, byte[] key, byte[] iv, long streamOffset)
Constructs aCtrCryptoInputStream
.CtrCryptoInputStream(java.util.Properties properties, java.io.InputStream inputStream, byte[] key, byte[] iv)
Constructs aCtrCryptoInputStream
.CtrCryptoInputStream(java.util.Properties properties, java.io.InputStream inputStream, byte[] key, byte[] iv, long streamOffset)
Constructs aCtrCryptoInputStream
.CtrCryptoInputStream(java.util.Properties properties, java.nio.channels.ReadableByteChannel channel, byte[] key, byte[] iv)
Constructs aCtrCryptoInputStream
.CtrCryptoInputStream(java.util.Properties properties, java.nio.channels.ReadableByteChannel in, byte[] key, byte[] iv, long streamOffset)
Constructs aCtrCryptoInputStream
.protected
CtrCryptoInputStream(Input input, CryptoCipher cipher, int bufferSize, byte[] key, byte[] iv)
Constructs aCtrCryptoInputStream
.protected
CtrCryptoInputStream(Input input, CryptoCipher cipher, int bufferSize, byte[] key, byte[] iv, long streamOffset)
Constructs aCtrCryptoInputStream
.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description (package private) static void
calculateIV(byte[] initIV, long counter, byte[] IV)
This method is only for Counter (CTR) mode.protected void
decrypt()
Does the decryption using inBuffer as input and outBuffer as output.protected void
decrypt(java.nio.ByteBuffer buf, int offset, int len)
Decrypts all data in buf: total n bytes from given start position.protected void
decryptBuffer(java.nio.ByteBuffer out)
Does the decryption using out as output.protected void
decryptInPlace(java.nio.ByteBuffer buf)
Does the decryption using inBuffer as input and buf as output.protected int
decryptMore()
Decrypts more data by reading the under layer stream.protected long
getCounter(long position)
Gets the counter for input stream position.protected byte[]
getInitIV()
Gets the initialization vector.protected byte
getPadding(long position)
Gets the padding for input stream position.protected long
getStreamOffset()
Gets the offset of the stream.protected long
getStreamPosition()
Gets the position of the stream.protected void
initCipher()
Overrides theinitCipher()
.protected byte
postDecryption(long position)
This method is executed immediately after decryption.int
read(java.nio.ByteBuffer buf)
Overrides theread(ByteBuffer)
.protected void
resetCipher(long position)
Calculates the counter and iv, resets the cipher.protected void
resetStreamOffset(long offset)
Resets the underlying stream offset; clearCryptoInputStream.inBuffer
andCryptoInputStream.outBuffer
.void
seek(long position)
Seeks the stream to a specific position relative to start of the under layer stream.protected void
setStreamOffset(long streamOffset)
Sets the offset of stream.long
skip(long n)
Overrides theCryptoInputStream.skip(long)
.-
Methods inherited from class org.apache.commons.crypto.stream.CryptoInputStream
available, checkBufferSize, checkStream, checkStreamCipher, close, decryptFinal, freeBuffers, freeDirectBuffer, getBufferSize, getBufferSize, getCipher, getInput, getKey, getParams, isOpen, markSupported, read, read
-
-
-
-
Field Detail
-
streamOffset
private long streamOffset
Underlying stream offset
-
initIV
private final byte[] initIV
The initial IV.
-
iv
private final byte[] iv
Initialization vector for the cipher.
-
padding
private byte padding
Padding = pos%(algorithm blocksize); Padding is put intoCryptoInputStream.inBuffer
before any other data goes in. The purpose of padding is to put the input data at proper position.
-
cipherReset
private boolean cipherReset
Flag to mark whether the cipher has been reset
-
-
Constructor Detail
-
CtrCryptoInputStream
protected CtrCryptoInputStream(Input input, CryptoCipher cipher, int bufferSize, byte[] key, byte[] iv) throws java.io.IOException
Constructs aCtrCryptoInputStream
.- Parameters:
input
- the input data.cipher
- the CryptoCipher instance.bufferSize
- the bufferSize.key
- crypto key for the cipher.iv
- Initialization vector for the cipher.- Throws:
java.io.IOException
- if an I/O error occurs.
-
CtrCryptoInputStream
protected CtrCryptoInputStream(Input input, CryptoCipher cipher, int bufferSize, byte[] key, byte[] iv, long streamOffset) throws java.io.IOException
Constructs aCtrCryptoInputStream
.- Parameters:
input
- the input data.cipher
- the CryptoCipher instance.bufferSize
- the bufferSize.key
- crypto key for the cipher.iv
- Initialization vector for the cipher.streamOffset
- the start offset in the stream.- Throws:
java.io.IOException
- if an I/O error occurs.
-
CtrCryptoInputStream
protected CtrCryptoInputStream(java.io.InputStream inputStream, CryptoCipher cipher, int bufferSize, byte[] key, byte[] iv) throws java.io.IOException
Constructs aCtrCryptoInputStream
.- Parameters:
inputStream
- the input stream.cipher
- the CryptoCipher instance.bufferSize
- the bufferSize.key
- crypto key for the cipher.iv
- Initialization vector for the cipher.- Throws:
java.io.IOException
- if an I/O error occurs.
-
CtrCryptoInputStream
protected CtrCryptoInputStream(java.io.InputStream inputStream, CryptoCipher cipher, int bufferSize, byte[] key, byte[] iv, long streamOffset) throws java.io.IOException
Constructs aCtrCryptoInputStream
.- Parameters:
inputStream
- the InputStream instance.cipher
- the CryptoCipher instance.bufferSize
- the bufferSize.key
- crypto key for the cipher.iv
- Initialization vector for the cipher.streamOffset
- the start offset in the stream.- Throws:
java.io.IOException
- if an I/O error occurs.
-
CtrCryptoInputStream
public CtrCryptoInputStream(java.util.Properties properties, java.io.InputStream inputStream, byte[] key, byte[] iv) throws java.io.IOException
Constructs aCtrCryptoInputStream
.- Parameters:
properties
- TheProperties
class represents a set of properties.inputStream
- the input stream.key
- crypto key for the cipher.iv
- Initialization vector for the cipher.- Throws:
java.io.IOException
- if an I/O error occurs.
-
CtrCryptoInputStream
public CtrCryptoInputStream(java.util.Properties properties, java.io.InputStream inputStream, byte[] key, byte[] iv, long streamOffset) throws java.io.IOException
Constructs aCtrCryptoInputStream
.- Parameters:
properties
- TheProperties
class represents a set of properties.inputStream
- the InputStream instance.key
- crypto key for the cipher.iv
- Initialization vector for the cipher.streamOffset
- the start offset in the stream.- Throws:
java.io.IOException
- if an I/O error occurs.
-
CtrCryptoInputStream
public CtrCryptoInputStream(java.util.Properties properties, java.nio.channels.ReadableByteChannel channel, byte[] key, byte[] iv) throws java.io.IOException
Constructs aCtrCryptoInputStream
.- Parameters:
properties
- TheProperties
class represents a set of properties.channel
- the ReadableByteChannel instance.key
- crypto key for the cipher.iv
- Initialization vector for the cipher.- Throws:
java.io.IOException
- if an I/O error occurs.
-
CtrCryptoInputStream
public CtrCryptoInputStream(java.util.Properties properties, java.nio.channels.ReadableByteChannel in, byte[] key, byte[] iv, long streamOffset) throws java.io.IOException
Constructs aCtrCryptoInputStream
.- Parameters:
properties
- TheProperties
class represents a set of properties.in
- the ReadableByteChannel instance.key
- crypto key for the cipher.iv
- Initialization vector for the cipher.streamOffset
- the start offset in the stream.- Throws:
java.io.IOException
- if an I/O error occurs.
-
CtrCryptoInputStream
protected CtrCryptoInputStream(java.nio.channels.ReadableByteChannel channel, CryptoCipher cipher, int bufferSize, byte[] key, byte[] iv) throws java.io.IOException
Constructs aCtrCryptoInputStream
.- Parameters:
channel
- the ReadableByteChannel instance.cipher
- the cipher instance.bufferSize
- the bufferSize.key
- crypto key for the cipher.iv
- Initialization vector for the cipher.- Throws:
java.io.IOException
- if an I/O error occurs.
-
CtrCryptoInputStream
protected CtrCryptoInputStream(java.nio.channels.ReadableByteChannel channel, CryptoCipher cipher, int bufferSize, byte[] key, byte[] iv, long streamOffset) throws java.io.IOException
Constructs aCtrCryptoInputStream
.- Parameters:
channel
- the ReadableByteChannel instance.cipher
- the CryptoCipher instance.bufferSize
- the bufferSize.key
- crypto key for the cipher.iv
- Initialization vector for the cipher.streamOffset
- the start offset in the stream.- Throws:
java.io.IOException
- if an I/O error occurs.
-
-
Method Detail
-
calculateIV
static void calculateIV(byte[] initIV, long counter, byte[] IV)
This method is only for Counter (CTR) mode. Generally the CryptoCipher calculates the IV and maintain encryption context internally.For example a Cipher will maintain its encryption context internally when we do encryption/decryption using the CryptoCipher#update interface.
Encryption/Decryption is not always on the entire file. For example, in Hadoop, a node may only decrypt a portion of a file (i.e. a split). In these situations, the counter is derived from the file position.
The IV can be calculated by combining the initial IV and the counter with a lossless operation (concatenation, addition, or XOR).- Parameters:
initIV
- initial IVcounter
- counter for input stream positionIV
- the IV for input stream position- See Also:
- http://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Counter_.28CTR.29
-
decrypt
protected void decrypt() throws java.io.IOException
Does the decryption using inBuffer as input and outBuffer as output. Upon return, inBuffer is cleared; the decrypted data starts at outBuffer.position() and ends at outBuffer.limit().- Overrides:
decrypt
in classCryptoInputStream
- Throws:
java.io.IOException
- if an I/O error occurs.
-
decrypt
protected void decrypt(java.nio.ByteBuffer buf, int offset, int len) throws java.io.IOException
Decrypts all data in buf: total n bytes from given start position. Output is also buf and same start position. buf.position() and buf.limit() should be unchanged after decryption.- Parameters:
buf
- The buffer into which bytes are to be transferred.offset
- the start offset in the data.len
- the maximum number of decrypted data bytes to read.- Throws:
java.io.IOException
- if an I/O error occurs.
-
decryptBuffer
protected void decryptBuffer(java.nio.ByteBuffer out) throws java.io.IOException
Does the decryption using out as output.- Parameters:
out
- the output ByteBuffer.- Throws:
java.io.IOException
- if an I/O error occurs.
-
decryptInPlace
protected void decryptInPlace(java.nio.ByteBuffer buf) throws java.io.IOException
Does the decryption using inBuffer as input and buf as output. Upon return, inBuffer is cleared; the buf's position will be equal to p+
n where p is the position before decryption, n is the number of bytes decrypted. The buf's limit will not have changed.- Parameters:
buf
- The buffer into which bytes are to be transferred.- Throws:
java.io.IOException
- if an I/O error occurs.
-
decryptMore
protected int decryptMore() throws java.io.IOException
Decrypts more data by reading the under layer stream. The decrypted data will be put in the output buffer.- Overrides:
decryptMore
in classCryptoInputStream
- Returns:
- The number of decrypted data. -1 if end of the decrypted stream.
- Throws:
java.io.IOException
- if an I/O error occurs.
-
getCounter
protected long getCounter(long position)
Gets the counter for input stream position.- Parameters:
position
- the given position in the data.- Returns:
- the counter for input stream position.
-
getInitIV
protected byte[] getInitIV()
Gets the initialization vector.- Returns:
- the initIV.
-
getPadding
protected byte getPadding(long position)
Gets the padding for input stream position.- Parameters:
position
- the given position in the data.- Returns:
- the padding for input stream position.
-
getStreamOffset
protected long getStreamOffset()
Gets the offset of the stream.- Returns:
- the stream offset.
-
getStreamPosition
protected long getStreamPosition()
Gets the position of the stream.- Returns:
- the position of the stream.
-
initCipher
protected void initCipher()
Overrides theinitCipher()
. Initializes the cipher.- Overrides:
initCipher
in classCryptoInputStream
-
postDecryption
protected byte postDecryption(long position) throws java.io.IOException
This method is executed immediately after decryption. Checks whether cipher should be updated and recalculate padding if needed.- Parameters:
position
- the given position in the data..- Returns:
- the byte.
- Throws:
java.io.IOException
- if an I/O error occurs.
-
read
public int read(java.nio.ByteBuffer buf) throws java.io.IOException
Overrides theread(ByteBuffer)
. Reads a sequence of bytes from this channel into the given buffer.- Specified by:
read
in interfacejava.nio.channels.ReadableByteChannel
- Overrides:
read
in classCryptoInputStream
- Parameters:
buf
- The buffer into which bytes are to be transferred.- Returns:
- The number of bytes read, possibly zero, or
-1
if the channel has reached end-of-stream. - Throws:
java.io.IOException
- if an I/O error occurs.
-
resetCipher
protected void resetCipher(long position) throws java.io.IOException
Calculates the counter and iv, resets the cipher.- Parameters:
position
- the given position in the data.- Throws:
java.io.IOException
- if an I/O error occurs.
-
resetStreamOffset
protected void resetStreamOffset(long offset) throws java.io.IOException
Resets the underlying stream offset; clearCryptoInputStream.inBuffer
andCryptoInputStream.outBuffer
. This Typically happens duringskip(long)
.- Parameters:
offset
- the offset of the stream.- Throws:
java.io.IOException
- if an I/O error occurs.
-
seek
public void seek(long position) throws java.io.IOException
Seeks the stream to a specific position relative to start of the under layer stream.- Parameters:
position
- the given position in the data.- Throws:
java.io.IOException
- if an I/O error occurs.
-
setStreamOffset
protected void setStreamOffset(long streamOffset)
Sets the offset of stream.- Parameters:
streamOffset
- the stream offset.
-
skip
public long skip(long n) throws java.io.IOException
Overrides theCryptoInputStream.skip(long)
. Skips over and discardsn
bytes of data from this input stream.- Overrides:
skip
in classCryptoInputStream
- Parameters:
n
- the number of bytes to be skipped.- Returns:
- the actual number of bytes skipped.
- Throws:
java.io.IOException
- if an I/O error occurs.
-
-