Class CtrCryptoInputStream

java.lang.Object
java.io.InputStream
org.apache.commons.crypto.stream.CryptoInputStream
org.apache.commons.crypto.stream.CtrCryptoInputStream
All Implemented Interfaces:
Closeable, AutoCloseable, Channel, ReadableByteChannel
Direct Known Subclasses:
PositionedCryptoInputStream

public class CtrCryptoInputStream extends CryptoInputStream

CtrCryptoInputStream decrypts data. AES CTR mode is required in order to ensure that the plain text and cipher text have a 1:1 mapping. CTR crypto stream has stream characteristic which is useful for implement features like random seek. The decryption is buffer based. The key points of the decryption are (1) calculating the counter and (2) padding through stream position:

counter = base + pos/(algorithm blocksize); padding = pos%(algorithm blocksize);

The underlying stream offset is maintained as state. It is not thread-safe.
  • Field Details

    • streamOffset

      private long streamOffset
      Underlying stream offset
    • initIV

      private final byte[] initIV
      The initial IV.
    • iv

      private final byte[] iv
      Initialization vector for the cipher.
    • padding

      private byte padding
      Padding = pos%(algorithm blocksize); Padding is put into CryptoInputStream.inBuffer before any other data goes in. The purpose of padding is to put the input data at proper position.
    • cipherReset

      private boolean cipherReset
      Flag to mark whether the cipher has been reset
  • Constructor Details

    • CtrCryptoInputStream

      protected CtrCryptoInputStream(Input input, CryptoCipher cipher, int bufferSize, byte[] key, byte[] iv) throws IOException
      Constructs a CtrCryptoInputStream.
      Parameters:
      input - the input data.
      cipher - the CryptoCipher instance.
      bufferSize - the bufferSize.
      key - crypto key for the cipher.
      iv - Initialization vector for the cipher.
      Throws:
      IOException - if an I/O error occurs.
    • CtrCryptoInputStream

      protected CtrCryptoInputStream(Input input, CryptoCipher cipher, int bufferSize, byte[] key, byte[] iv, long streamOffset) throws IOException
      Constructs a CtrCryptoInputStream.
      Parameters:
      input - the input data.
      cipher - the CryptoCipher instance.
      bufferSize - the bufferSize.
      key - crypto key for the cipher.
      iv - Initialization vector for the cipher.
      streamOffset - the start offset in the stream.
      Throws:
      IOException - if an I/O error occurs.
    • CtrCryptoInputStream

      protected CtrCryptoInputStream(InputStream inputStream, CryptoCipher cipher, int bufferSize, byte[] key, byte[] iv) throws IOException
      Constructs a CtrCryptoInputStream.
      Parameters:
      inputStream - the input stream.
      cipher - the CryptoCipher instance.
      bufferSize - the bufferSize.
      key - crypto key for the cipher.
      iv - Initialization vector for the cipher.
      Throws:
      IOException - if an I/O error occurs.
    • CtrCryptoInputStream

      protected CtrCryptoInputStream(InputStream inputStream, CryptoCipher cipher, int bufferSize, byte[] key, byte[] iv, long streamOffset) throws IOException
      Constructs a CtrCryptoInputStream.
      Parameters:
      inputStream - the InputStream instance.
      cipher - the CryptoCipher instance.
      bufferSize - the bufferSize.
      key - crypto key for the cipher.
      iv - Initialization vector for the cipher.
      streamOffset - the start offset in the stream.
      Throws:
      IOException - if an I/O error occurs.
    • CtrCryptoInputStream

      public CtrCryptoInputStream(Properties properties, InputStream inputStream, byte[] key, byte[] iv) throws IOException
      Constructs a CtrCryptoInputStream.
      Parameters:
      properties - The Properties class represents a set of properties.
      inputStream - the input stream.
      key - crypto key for the cipher.
      iv - Initialization vector for the cipher.
      Throws:
      IOException - if an I/O error occurs.
    • CtrCryptoInputStream

      public CtrCryptoInputStream(Properties properties, InputStream inputStream, byte[] key, byte[] iv, long streamOffset) throws IOException
      Constructs a CtrCryptoInputStream.
      Parameters:
      properties - The Properties class represents a set of properties.
      inputStream - the InputStream instance.
      key - crypto key for the cipher.
      iv - Initialization vector for the cipher.
      streamOffset - the start offset in the stream.
      Throws:
      IOException - if an I/O error occurs.
    • CtrCryptoInputStream

      public CtrCryptoInputStream(Properties properties, ReadableByteChannel channel, byte[] key, byte[] iv) throws IOException
      Constructs a CtrCryptoInputStream.
      Parameters:
      properties - The Properties class represents a set of properties.
      channel - the ReadableByteChannel instance.
      key - crypto key for the cipher.
      iv - Initialization vector for the cipher.
      Throws:
      IOException - if an I/O error occurs.
    • CtrCryptoInputStream

      public CtrCryptoInputStream(Properties properties, ReadableByteChannel in, byte[] key, byte[] iv, long streamOffset) throws IOException
      Constructs a CtrCryptoInputStream.
      Parameters:
      properties - The Properties class represents a set of properties.
      in - the ReadableByteChannel instance.
      key - crypto key for the cipher.
      iv - Initialization vector for the cipher.
      streamOffset - the start offset in the stream.
      Throws:
      IOException - if an I/O error occurs.
    • CtrCryptoInputStream

      protected CtrCryptoInputStream(ReadableByteChannel channel, CryptoCipher cipher, int bufferSize, byte[] key, byte[] iv) throws IOException
      Constructs a CtrCryptoInputStream.
      Parameters:
      channel - the ReadableByteChannel instance.
      cipher - the cipher instance.
      bufferSize - the bufferSize.
      key - crypto key for the cipher.
      iv - Initialization vector for the cipher.
      Throws:
      IOException - if an I/O error occurs.
    • CtrCryptoInputStream

      protected CtrCryptoInputStream(ReadableByteChannel channel, CryptoCipher cipher, int bufferSize, byte[] key, byte[] iv, long streamOffset) throws IOException
      Constructs a CtrCryptoInputStream.
      Parameters:
      channel - the ReadableByteChannel instance.
      cipher - the CryptoCipher instance.
      bufferSize - the bufferSize.
      key - crypto key for the cipher.
      iv - Initialization vector for the cipher.
      streamOffset - the start offset in the stream.
      Throws:
      IOException - if an I/O error occurs.
  • Method Details

    • calculateIV

      static void calculateIV(byte[] initIV, long counter, byte[] IV)

      This method is only for Counter (CTR) mode. Generally the CryptoCipher calculates the IV and maintain encryption context internally.For example a Cipher will maintain its encryption context internally when we do encryption/decryption using the CryptoCipher#update interface.

      Encryption/Decryption is not always on the entire file. For example, in Hadoop, a node may only decrypt a portion of a file (i.e. a split). In these situations, the counter is derived from the file position.

      The IV can be calculated by combining the initial IV and the counter with a lossless operation (concatenation, addition, or XOR).
      Parameters:
      initIV - initial IV
      counter - counter for input stream position
      IV - the IV for input stream position
      See Also:
    • decrypt

      protected void decrypt() throws IOException
      Does the decryption using inBuffer as input and outBuffer as output. Upon return, inBuffer is cleared; the decrypted data starts at outBuffer.position() and ends at outBuffer.limit().
      Overrides:
      decrypt in class CryptoInputStream
      Throws:
      IOException - if an I/O error occurs.
    • decrypt

      protected void decrypt(ByteBuffer buf, int offset, int len) throws IOException
      Decrypts all data in buf: total n bytes from given start position. Output is also buf and same start position. buf.position() and buf.limit() should be unchanged after decryption.
      Parameters:
      buf - The buffer into which bytes are to be transferred.
      offset - the start offset in the data.
      len - the maximum number of decrypted data bytes to read.
      Throws:
      IOException - if an I/O error occurs.
    • decryptBuffer

      protected void decryptBuffer(ByteBuffer out) throws IOException
      Does the decryption using out as output.
      Parameters:
      out - the output ByteBuffer.
      Throws:
      IOException - if an I/O error occurs.
    • decryptInPlace

      protected void decryptInPlace(ByteBuffer buf) throws IOException
      Does the decryption using inBuffer as input and buf as output. Upon return, inBuffer is cleared; the buf's position will be equal to p + n where p is the position before decryption, n is the number of bytes decrypted. The buf's limit will not have changed.
      Parameters:
      buf - The buffer into which bytes are to be transferred.
      Throws:
      IOException - if an I/O error occurs.
    • decryptMore

      protected int decryptMore() throws IOException
      Decrypts more data by reading the under layer stream. The decrypted data will be put in the output buffer.
      Overrides:
      decryptMore in class CryptoInputStream
      Returns:
      The number of decrypted data. -1 if end of the decrypted stream.
      Throws:
      IOException - if an I/O error occurs.
    • getCounter

      protected long getCounter(long position)
      Gets the counter for input stream position.
      Parameters:
      position - the given position in the data.
      Returns:
      the counter for input stream position.
    • getInitIV

      protected byte[] getInitIV()
      Gets the initialization vector.
      Returns:
      the initIV.
    • getPadding

      protected byte getPadding(long position)
      Gets the padding for input stream position.
      Parameters:
      position - the given position in the data.
      Returns:
      the padding for input stream position.
    • getStreamOffset

      protected long getStreamOffset()
      Gets the offset of the stream.
      Returns:
      the stream offset.
    • getStreamPosition

      protected long getStreamPosition()
      Gets the position of the stream.
      Returns:
      the position of the stream.
    • initCipher

      protected void initCipher()
      Overrides the initCipher(). Initializes the cipher.
      Overrides:
      initCipher in class CryptoInputStream
    • postDecryption

      protected byte postDecryption(long position) throws IOException
      This method is executed immediately after decryption. Checks whether cipher should be updated and recalculate padding if needed.
      Parameters:
      position - the given position in the data..
      Returns:
      the byte.
      Throws:
      IOException - if an I/O error occurs.
    • read

      public int read(ByteBuffer buf) throws IOException
      Overrides the read(ByteBuffer). Reads a sequence of bytes from this channel into the given buffer.
      Specified by:
      read in interface ReadableByteChannel
      Overrides:
      read in class CryptoInputStream
      Parameters:
      buf - The buffer into which bytes are to be transferred.
      Returns:
      The number of bytes read, possibly zero, or -1 if the channel has reached end-of-stream.
      Throws:
      IOException - if an I/O error occurs.
    • resetCipher

      protected void resetCipher(long position) throws IOException
      Calculates the counter and iv, resets the cipher.
      Parameters:
      position - the given position in the data.
      Throws:
      IOException - if an I/O error occurs.
    • resetStreamOffset

      protected void resetStreamOffset(long offset) throws IOException
      Resets the underlying stream offset; clear CryptoInputStream.inBuffer and CryptoInputStream.outBuffer. This Typically happens during skip(long).
      Parameters:
      offset - the offset of the stream.
      Throws:
      IOException - if an I/O error occurs.
    • seek

      public void seek(long position) throws IOException
      Seeks the stream to a specific position relative to start of the under layer stream.
      Parameters:
      position - the given position in the data.
      Throws:
      IOException - if an I/O error occurs.
    • setStreamOffset

      protected void setStreamOffset(long streamOffset)
      Sets the offset of stream.
      Parameters:
      streamOffset - the stream offset.
    • skip

      public long skip(long n) throws IOException
      Overrides the CryptoInputStream.skip(long). Skips over and discards n bytes of data from this input stream.
      Overrides:
      skip in class CryptoInputStream
      Parameters:
      n - the number of bytes to be skipped.
      Returns:
      the actual number of bytes skipped.
      Throws:
      IOException - if an I/O error occurs.