Package org.apache.commons.crypto.cipher

Class OpenSsl

  • final class OpenSsl
extends java.lang.Object
    OpenSSL cryptographic wrapper using JNI. Currently only AES-CTR is supported. It's flexible to add other crypto algorithms/modes.

    • Nested Class Summary

      Nested Classes 
      Modifier and Type Class Description
      private static class  OpenSsl.AlgorithmMode
      Currently only support AES/CTR/NoPadding.

    • Constructor Summary

      Constructors 
      Modifier Constructor Description
      private OpenSsl​(long context, int algorithm, int padding)
      Constructs a OpenSsl instance based on context, algorithm and padding.

    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      void clean()
      Forcibly clean the context.
      int doFinal​(byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset)
      Finalizes to encrypt or decrypt data in a single-part operation, or finishes a multiple-part operation.
      int doFinal​(java.nio.ByteBuffer input, java.nio.ByteBuffer output)
      Finishes a multiple-part operation.
      protected void finalize()  
      static OpenSsl getInstance​(java.lang.String transformation)
      Gets an OpenSslCipher that implements the specified transformation.
      static java.lang.Throwable getLoadingFailureReason()
      Gets the failure reason when loading OpenSsl native.
      void init​(int mode, byte[] key, java.security.spec.AlgorithmParameterSpec params)
      Initializes this cipher with a key and IV.
      int update​(byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset)
      Updates a multiple-part encryption/decryption operation.
      int update​(java.nio.ByteBuffer input, java.nio.ByteBuffer output)
      Updates a multiple-part encryption or decryption operation.
      void updateAAD​(byte[] aad)
      Continues a multi-part update of the Additional Authentication Data (AAD).

      • Methods inherited from class java.lang.Object

        clone, equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • OpenSsl

        private OpenSsl​(long context,
                int algorithm,
                int padding)
        Constructs a OpenSsl instance based on context, algorithm and padding.
        Parameters:
        context - the context.
        algorithm - the algorithm.
        padding - the padding.

    • Method Detail

      • getInstance

        public static OpenSsl getInstance​(java.lang.String transformation)
                           throws java.security.NoSuchAlgorithmException,
                                  javax.crypto.NoSuchPaddingException
        Gets an OpenSslCipher that implements the specified transformation.
        Parameters:
        transformation - the name of the transformation, e.g., AES/CTR/NoPadding.
        Returns:
        OpenSslCipher an OpenSslCipher object
        Throws:
        java.security.NoSuchAlgorithmException - if transformation is null, empty, in an invalid format, or if OpenSsl doesn't implement the specified algorithm.
        javax.crypto.NoSuchPaddingException - if transformation contains a padding scheme that is not available.
        java.lang.IllegalStateException - if native code cannot be initialized

      • getLoadingFailureReason

        public static java.lang.Throwable getLoadingFailureReason()
        Gets the failure reason when loading OpenSsl native.
        Returns:
        the failure reason; null if it was loaded and initialized successfully

      • clean

        public void clean()
        Forcibly clean the context.

      • doFinal

        public int doFinal​(byte[] input,
                   int inputOffset,
                   int inputLen,
                   byte[] output,
                   int outputOffset)
            throws javax.crypto.ShortBufferException,
                   javax.crypto.IllegalBlockSizeException,
                   javax.crypto.BadPaddingException
        Finalizes to encrypt or decrypt data in a single-part operation, or finishes a multiple-part operation.
        Parameters:
        input - the input byte array
        inputOffset - the offset in input where the input starts
        inputLen - the input length
        output - the byte array for the result
        outputOffset - the offset in output where the result is stored
        Returns:
        the number of bytes stored in output
        Throws:
        javax.crypto.ShortBufferException - if the given output byte array is too small to hold the result
        javax.crypto.BadPaddingException - if this cipher is in decryption mode, and (un)padding has been requested, but the decrypted data is not bounded by the appropriate padding bytes
        javax.crypto.IllegalBlockSizeException - if this cipher is a block cipher, no padding has been requested (only in encryption mode), and the total input length of the data processed by this cipher is not a multiple of block size; or if this encryption algorithm is unable to process the input data provided.

      • doFinal

        public int doFinal​(java.nio.ByteBuffer input,
                   java.nio.ByteBuffer output)
            throws javax.crypto.ShortBufferException,
                   javax.crypto.IllegalBlockSizeException,
                   javax.crypto.BadPaddingException
        Finishes a multiple-part operation. The data is encrypted or decrypted, depending on how this cipher was initialized.

        The result is stored in the output buffer. Upon return, the output buffer's position will have advanced by n, where n is the value returned by this method; the output buffer's limit will not have changed.

        If output.remaining() bytes are insufficient to hold the result, a ShortBufferException is thrown.

        Upon finishing, this method resets this cipher object to the state it was in when previously initialized. That is, the object is available to encrypt or decrypt more data.

        If any exception is thrown, this cipher object need to be reset before it can be used again.
        Parameters:
        input - the input ByteBuffer
        output - the output ByteBuffer
        Returns:
        int number of bytes stored in output
        Throws:
        javax.crypto.ShortBufferException - if the given output byte array is too small to hold the result.
        javax.crypto.IllegalBlockSizeException - if this cipher is a block cipher, no padding has been requested (only in encryption mode), and the total input length of the data processed by this cipher is not a multiple of block size; or if this encryption algorithm is unable to process the input data provided.
        javax.crypto.BadPaddingException - if this cipher is in decryption mode, and (un)padding has been requested, but the decrypted data is not bounded by the appropriate padding bytes

      • finalize

        protected void finalize()
                 throws java.lang.Throwable
        Overrides:
        finalize in class java.lang.Object
        Throws:
        java.lang.Throwable

      • init

        public void init​(int mode,
                 byte[] key,
                 java.security.spec.AlgorithmParameterSpec params)
          throws java.security.InvalidAlgorithmParameterException
        Initializes this cipher with a key and IV.
        Parameters:
        mode - ENCRYPT_MODE or DECRYPT_MODE
        key - crypto key
        params - the algorithm parameters
        Throws:
        java.security.InvalidAlgorithmParameterException - if IV length is wrong

      • update

        public int update​(byte[] input,
                  int inputOffset,
                  int inputLen,
                  byte[] output,
                  int outputOffset)
           throws javax.crypto.ShortBufferException
        Updates a multiple-part encryption/decryption operation. The data is encrypted or decrypted, depending on how this cipher was initialized.
        Parameters:
        input - the input byte array
        inputOffset - the offset in input where the input starts
        inputLen - the input length
        output - the byte array for the result
        outputOffset - the offset in output where the result is stored
        Returns:
        the number of bytes stored in output
        Throws:
        javax.crypto.ShortBufferException - if there is insufficient space in the output byte array

      • update

        public int update​(java.nio.ByteBuffer input,
                  java.nio.ByteBuffer output)
           throws javax.crypto.ShortBufferException
        Updates a multiple-part encryption or decryption operation. The data is encrypted or decrypted, depending on how this cipher was initialized.

        All input.remaining() bytes starting at input.position() are processed. The result is stored in the output buffer.

        Upon return, the input buffer's position will be equal to its limit; its limit will not have changed. The output buffer's position will have advanced by n, when n is the value returned by this method; the output buffer's limit will not have changed.

        If output.remaining() bytes are insufficient to hold the result, a ShortBufferException is thrown.
        Parameters:
        input - the input ByteBuffer
        output - the output ByteBuffer
        Returns:
        int number of bytes stored in output
        Throws:
        javax.crypto.ShortBufferException - if there is insufficient space in the output buffer

      • updateAAD

        public void updateAAD​(byte[] aad)
        Continues a multi-part update of the Additional Authentication Data (AAD).

        Calls to this method provide AAD to the cipher when operating in modes such as AEAD (GCM). If this cipher is operating in either GCM mode, all AAD must be supplied before beginning operations on the ciphertext (via the update and doFinal methods).

        Parameters:
        aad - the buffer containing the Additional Authentication Data