Package org.apache.commons.crypto.cipher

Class OpenSslCipher

  • All Implemented Interfaces:
    java.io.Closeable, java.lang.AutoCloseable, CryptoCipher
    final class OpenSslCipher
extends java.lang.Object
implements CryptoCipher
    Implements the CryptoCipher using JNI into OpenSSL.

    this class is not public/protected so does not appear in the main Javadoc Please ensure that property use is documented in the enum CryptoRandomFactory.RandomProvider

    • Constructor Summary

      Constructors 
      Constructor Description
      OpenSslCipher​(java.util.Properties props, java.lang.String transformation)
      Constructs a CryptoCipher using JNI into OpenSSL

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      void close()
      Closes the OpenSSL openSslEngine.
      int doFinal​(byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset)
      Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation.
      int doFinal​(java.nio.ByteBuffer inBuffer, java.nio.ByteBuffer outBuffer)
      Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation.
      java.lang.String getAlgorithm()
      Returns the algorithm name of this CryptoCipher object.
      int getBlockSize()
      Returns the block size (in bytes).
      void init​(int mode, java.security.Key key, java.security.spec.AlgorithmParameterSpec params)
      Initializes the openSslEngine with mode, key and iv.
      int update​(byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset)
      Continues a multiple-part encryption/decryption operation.
      int update​(java.nio.ByteBuffer inBuffer, java.nio.ByteBuffer outBuffer)
      Continues a multiple-part encryption/decryption operation.
      void updateAAD​(byte[] aad)
      Continues a multi-part update of the Additional Authentication Data (AAD).
      void updateAAD​(java.nio.ByteBuffer aad)
      Continues a multi-part update of the Additional Authentication Data (AAD).

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Field Detail

      • openSslEngine

        private final OpenSsl openSslEngine

      • initialized

        private boolean initialized

      • transformation

        private final java.lang.String transformation

    • Constructor Detail

      • OpenSslCipher

        public OpenSslCipher​(java.util.Properties props,
                     java.lang.String transformation)
              throws java.security.GeneralSecurityException
        Constructs a CryptoCipher using JNI into OpenSSL
        Parameters:
        props - properties for OpenSSL openSslEngine (unused)
        transformation - transformation for OpenSSL openSslEngine (algorithm/mode/padding)
        Throws:
        java.security.GeneralSecurityException - if OpenSSL openSslEngine initialize failed

    • Method Detail

      • close

        public void close()
        Closes the OpenSSL openSslEngine. Clean the OpenSsl native context.
        Specified by:
        close in interface java.lang.AutoCloseable
        Specified by:
        close in interface java.io.Closeable

      • doFinal

        public int doFinal​(byte[] input,
                   int inputOffset,
                   int inputLen,
                   byte[] output,
                   int outputOffset)
            throws javax.crypto.ShortBufferException,
                   javax.crypto.IllegalBlockSizeException,
                   javax.crypto.BadPaddingException
        Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation.
        Specified by:
        doFinal in interface CryptoCipher
        Parameters:
        input - the input byte array
        inputOffset - the offset in input where the input starts
        inputLen - the input length
        output - the byte array for the result
        outputOffset - the offset in output where the result is stored
        Returns:
        the number of bytes stored in output
        Throws:
        javax.crypto.ShortBufferException - if the given output byte array is too small to hold the result
        javax.crypto.BadPaddingException - if this openSslEngine is in decryption mode, and (un)padding has been requested, but the decrypted data is not bounded by the appropriate padding bytes
        javax.crypto.IllegalBlockSizeException - if this openSslEngine is a block openSslEngine, no padding has been requested (only in encryption mode), and the total input length of the data processed by this openSslEngine is not a multiple of block size; or if this encryption algorithm is unable to process the input data provided.

      • doFinal

        public int doFinal​(java.nio.ByteBuffer inBuffer,
                   java.nio.ByteBuffer outBuffer)
            throws javax.crypto.ShortBufferException,
                   javax.crypto.IllegalBlockSizeException,
                   javax.crypto.BadPaddingException
        Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation. The data is encrypted or decrypted, depending on how this openSslEngine was initialized.
        Specified by:
        doFinal in interface CryptoCipher
        Parameters:
        inBuffer - the input ByteBuffer
        outBuffer - the output ByteBuffer
        Returns:
        int number of bytes stored in output
        Throws:
        javax.crypto.BadPaddingException - if this openSslEngine is in decryption mode, and (un)padding has been requested, but the decrypted data is not bounded by the appropriate padding bytes
        javax.crypto.IllegalBlockSizeException - if this openSslEngine is a block openSslEngine, no padding has been requested (only in encryption mode), and the total input length of the data processed by this openSslEngine is not a multiple of block size; or if this encryption algorithm is unable to process the input data provided.
        javax.crypto.ShortBufferException - if the given output buffer is too small to hold the result

      • getAlgorithm

        public java.lang.String getAlgorithm()
        Returns the algorithm name of this CryptoCipher object.

        This is the same name that was specified in one of the CryptoCipherFactory#getInstance calls that created this CryptoCipher object..

        Specified by:
        getAlgorithm in interface CryptoCipher
        Returns:
        the algorithm name of this CryptoCipher object.

      • getBlockSize

        public int getBlockSize()
        Returns the block size (in bytes).
        Specified by:
        getBlockSize in interface CryptoCipher
        Returns:
        the block size (in bytes), or 0 if the underlying algorithm is not a block openSslEngine

      • init

        public void init​(int mode,
                 java.security.Key key,
                 java.security.spec.AlgorithmParameterSpec params)
          throws java.security.InvalidKeyException,
                 java.security.InvalidAlgorithmParameterException
        Initializes the openSslEngine with mode, key and iv.
        Specified by:
        init in interface CryptoCipher
        Parameters:
        mode - Cipher.ENCRYPT_MODE or Cipher.DECRYPT_MODE
        key - crypto key for the openSslEngine
        params - the algorithm parameters
        Throws:
        java.security.InvalidKeyException - If key length is invalid
        java.security.InvalidAlgorithmParameterException - if IV length is wrong

      • update

        public int update​(byte[] input,
                  int inputOffset,
                  int inputLen,
                  byte[] output,
                  int outputOffset)
           throws javax.crypto.ShortBufferException
        Continues a multiple-part encryption/decryption operation. The data is encrypted or decrypted, depending on how this openSslEngine was initialized.
        Specified by:
        update in interface CryptoCipher
        Parameters:
        input - the input byte array
        inputOffset - the offset in input where the input starts
        inputLen - the input length
        output - the byte array for the result
        outputOffset - the offset in output where the result is stored
        Returns:
        the number of bytes stored in output
        Throws:
        javax.crypto.ShortBufferException - if there is insufficient space in the output byte array

      • update

        public int update​(java.nio.ByteBuffer inBuffer,
                  java.nio.ByteBuffer outBuffer)
           throws javax.crypto.ShortBufferException
        Continues a multiple-part encryption/decryption operation. The data is encrypted or decrypted, depending on how this openSslEngine was initialized.
        Specified by:
        update in interface CryptoCipher
        Parameters:
        inBuffer - the input ByteBuffer
        outBuffer - the output ByteBuffer
        Returns:
        int number of bytes stored in output
        Throws:
        javax.crypto.ShortBufferException - if there is insufficient space in the output buffer

      • updateAAD

        public void updateAAD​(byte[] aad)
               throws java.lang.IllegalArgumentException,
                      java.lang.IllegalStateException,
                      java.lang.UnsupportedOperationException
        Continues a multi-part update of the Additional Authentication Data (AAD).

        Calls to this method provide AAD to the opensslEngine when operating in modes such as AEAD (GCM). If this opensslEngine is operating in either GCM mode, all AAD must be supplied before beginning operations on the ciphertext (via the update and doFinal methods).

        Specified by:
        updateAAD in interface CryptoCipher
        Parameters:
        aad - the buffer containing the Additional Authentication Data
        Throws:
        java.lang.IllegalArgumentException - if the aad byte array is null
        java.lang.IllegalStateException - if this opensslEngine is in a wrong state (e.g., has not been initialized), does not accept AAD, or if operating in either GCM mode and one of the update methods has already been called for the active encryption/decryption operation
        java.lang.UnsupportedOperationException - if the implementation opensslEngine doesn't support this operation.

      • updateAAD

        public void updateAAD​(java.nio.ByteBuffer aad)
               throws java.lang.IllegalArgumentException,
                      java.lang.IllegalStateException,
                      java.lang.UnsupportedOperationException
        Continues a multi-part update of the Additional Authentication Data (AAD).

        Calls to this method provide AAD to the opensslEngine when operating in modes such as AEAD (GCM). If this opensslEngine is operating in either GCM mode, all AAD must be supplied before beginning operations on the ciphertext (via the update and doFinal methods).

        Specified by:
        updateAAD in interface CryptoCipher
        Parameters:
        aad - the buffer containing the Additional Authentication Data
        Throws:
        java.lang.IllegalArgumentException - if the aad byte array is null
        java.lang.IllegalStateException - if this opensslEngine is in a wrong state (e.g., has not been initialized), does not accept AAD, or if operating in either GCM mode and one of the update methods has already been called for the active encryption/decryption operation
        java.lang.UnsupportedOperationException - if the implementation opensslEngine doesn't support this operation.