Class OpenSsl

java.lang.Object
org.apache.commons.crypto.cipher.OpenSsl

final class OpenSsl extends Object
OpenSSL cryptographic wrapper using JNI. Currently only AES-CTR is supported. It's flexible to add other crypto algorithms/modes.
  • Nested Class Summary

    Nested Classes
    Modifier and Type
    Class
    Description
    private static enum 
    Currently only support AES/CTR/NoPadding.
  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static final int
     
    static final int
     
    private static final Throwable
     
     
  • Constructor Summary

    Constructors
    Modifier
    Constructor
    Description
    private
    OpenSsl(long context, int algorithm, int padding)
    Constructs a OpenSsl instance based on context, algorithm and padding.
  • Method Summary

    Modifier and Type
    Method
    Description
    void
    Forcibly clean the context.
    int
    doFinal(byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset)
    Finalizes to encrypt or decrypt data in a single-part operation, or finishes a multiple-part operation.
    int
    doFinal(ByteBuffer input, ByteBuffer output)
    Finishes a multiple-part operation.
    protected void
     
    static OpenSsl
    getInstance(String transformation)
    Gets an OpenSslCipher that implements the specified transformation.
    static Throwable
    Gets the failure reason when loading OpenSsl native.
    void
    init(int mode, byte[] key, AlgorithmParameterSpec params)
    Initializes this cipher with a key and IV.
    int
    update(byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset)
    Updates a multiple-part encryption/decryption operation.
    int
    update(ByteBuffer input, ByteBuffer output)
    Updates a multiple-part encryption or decryption operation.
    void
    updateAAD(byte[] aad)
    Continues a multi-part update of the Additional Authentication Data (AAD).

    Methods inherited from class java.lang.Object

    clone, equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
  • Field Details

  • Constructor Details

    • OpenSsl

      private OpenSsl(long context, int algorithm, int padding)
      Constructs a OpenSsl instance based on context, algorithm and padding.
      Parameters:
      context - the context.
      algorithm - the algorithm.
      padding - the padding.
  • Method Details

    • getInstance

      public static OpenSsl getInstance(String transformation) throws NoSuchAlgorithmException, NoSuchPaddingException
      Gets an OpenSslCipher that implements the specified transformation.
      Parameters:
      transformation - the name of the transformation, e.g., AES/CTR/NoPadding.
      Returns:
      OpenSslCipher an OpenSslCipher object
      Throws:
      NoSuchAlgorithmException - if transformation is null, empty, in an invalid format, or if OpenSsl doesn't implement the specified algorithm.
      NoSuchPaddingException - if transformation contains a padding scheme that is not available.
      IllegalStateException - if native code cannot be initialized
    • getLoadingFailureReason

      public static Throwable getLoadingFailureReason()
      Gets the failure reason when loading OpenSsl native.
      Returns:
      the failure reason; null if it was loaded and initialized successfully
    • clean

      public void clean()
      Forcibly clean the context.
    • doFinal

      public int doFinal(byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset) throws ShortBufferException, IllegalBlockSizeException, BadPaddingException
      Finalizes to encrypt or decrypt data in a single-part operation, or finishes a multiple-part operation.
      Parameters:
      input - the input byte array
      inputOffset - the offset in input where the input starts
      inputLen - the input length
      output - the byte array for the result
      outputOffset - the offset in output where the result is stored
      Returns:
      the number of bytes stored in output
      Throws:
      ShortBufferException - if the given output byte array is too small to hold the result
      BadPaddingException - if this cipher is in decryption mode, and (un)padding has been requested, but the decrypted data is not bounded by the appropriate padding bytes
      IllegalBlockSizeException - if this cipher is a block cipher, no padding has been requested (only in encryption mode), and the total input length of the data processed by this cipher is not a multiple of block size; or if this encryption algorithm is unable to process the input data provided.
    • doFinal

      Finishes a multiple-part operation. The data is encrypted or decrypted, depending on how this cipher was initialized.

      The result is stored in the output buffer. Upon return, the output buffer's position will have advanced by n, where n is the value returned by this method; the output buffer's limit will not have changed.

      If output.remaining() bytes are insufficient to hold the result, a ShortBufferException is thrown.

      Upon finishing, this method resets this cipher object to the state it was in when previously initialized. That is, the object is available to encrypt or decrypt more data.

      If any exception is thrown, this cipher object need to be reset before it can be used again.
      Parameters:
      input - the input ByteBuffer
      output - the output ByteBuffer
      Returns:
      int number of bytes stored in output
      Throws:
      ShortBufferException - if the given output byte array is too small to hold the result.
      IllegalBlockSizeException - if this cipher is a block cipher, no padding has been requested (only in encryption mode), and the total input length of the data processed by this cipher is not a multiple of block size; or if this encryption algorithm is unable to process the input data provided.
      BadPaddingException - if this cipher is in decryption mode, and (un)padding has been requested, but the decrypted data is not bounded by the appropriate padding bytes
    • finalize

      protected void finalize() throws Throwable
      Overrides:
      finalize in class Object
      Throws:
      Throwable
    • init

      public void init(int mode, byte[] key, AlgorithmParameterSpec params) throws InvalidAlgorithmParameterException
      Initializes this cipher with a key and IV.
      Parameters:
      mode - ENCRYPT_MODE or DECRYPT_MODE
      key - crypto key
      params - the algorithm parameters
      Throws:
      InvalidAlgorithmParameterException - if IV length is wrong
    • update

      public int update(byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset) throws ShortBufferException
      Updates a multiple-part encryption/decryption operation. The data is encrypted or decrypted, depending on how this cipher was initialized.
      Parameters:
      input - the input byte array
      inputOffset - the offset in input where the input starts
      inputLen - the input length
      output - the byte array for the result
      outputOffset - the offset in output where the result is stored
      Returns:
      the number of bytes stored in output
      Throws:
      ShortBufferException - if there is insufficient space in the output byte array
    • update

      public int update(ByteBuffer input, ByteBuffer output) throws ShortBufferException
      Updates a multiple-part encryption or decryption operation. The data is encrypted or decrypted, depending on how this cipher was initialized.

      All input.remaining() bytes starting at input.position() are processed. The result is stored in the output buffer.

      Upon return, the input buffer's position will be equal to its limit; its limit will not have changed. The output buffer's position will have advanced by n, when n is the value returned by this method; the output buffer's limit will not have changed.

      If output.remaining() bytes are insufficient to hold the result, a ShortBufferException is thrown.
      Parameters:
      input - the input ByteBuffer
      output - the output ByteBuffer
      Returns:
      int number of bytes stored in output
      Throws:
      ShortBufferException - if there is insufficient space in the output buffer
    • updateAAD

      public void updateAAD(byte[] aad)
      Continues a multi-part update of the Additional Authentication Data (AAD).

      Calls to this method provide AAD to the cipher when operating in modes such as AEAD (GCM). If this cipher is operating in either GCM mode, all AAD must be supplied before beginning operations on the ciphertext (via the update and doFinal methods).

      Parameters:
      aad - the buffer containing the Additional Authentication Data