Package org.apache.commons.crypto.stream

Class CtrCryptoInputStream

  • All Implemented Interfaces:
    java.io.Closeable, java.lang.AutoCloseable, java.nio.channels.Channel, java.nio.channels.ReadableByteChannel
    Direct Known Subclasses:
    PositionedCryptoInputStream
    public class CtrCryptoInputStream
extends CryptoInputStream

    CtrCryptoInputStream decrypts data. AES CTR mode is required in order to ensure that the plain text and cipher text have a 1:1 mapping. CTR crypto stream has stream characteristic which is useful for implement features like random seek. The decryption is buffer based. The key points of the decryption are (1) calculating the counter and (2) padding through stream position:

    counter = base + pos/(algorithm blocksize); padding = pos%(algorithm blocksize);

    The underlying stream offset is maintained as state. It is not thread-safe.

    • Field Detail

      • streamOffset

        private long streamOffset
        Underlying stream offset

      • initIV

        private final byte[] initIV
        The initial IV.

      • iv

        private final byte[] iv
        Initialization vector for the cipher.

      • padding

        private byte padding
        Padding = pos%(algorithm blocksize); Padding is put into CryptoInputStream.inBuffer before any other data goes in. The purpose of padding is to put the input data at proper position.

      • cipherReset

        private boolean cipherReset
        Flag to mark whether the cipher has been reset

    • Constructor Detail

      • CtrCryptoInputStream

        protected CtrCryptoInputStream​(Input input,
                               CryptoCipher cipher,
                               int bufferSize,
                               byte[] key,
                               byte[] iv)
                        throws java.io.IOException
        Constructs a CtrCryptoInputStream.
        Parameters:
        input - the input data.
        cipher - the CryptoCipher instance.
        bufferSize - the bufferSize.
        key - crypto key for the cipher.
        iv - Initialization vector for the cipher.
        Throws:
        java.io.IOException - if an I/O error occurs.

      • CtrCryptoInputStream

        protected CtrCryptoInputStream​(Input input,
                               CryptoCipher cipher,
                               int bufferSize,
                               byte[] key,
                               byte[] iv,
                               long streamOffset)
                        throws java.io.IOException
        Constructs a CtrCryptoInputStream.
        Parameters:
        input - the input data.
        cipher - the CryptoCipher instance.
        bufferSize - the bufferSize.
        key - crypto key for the cipher.
        iv - Initialization vector for the cipher.
        streamOffset - the start offset in the stream.
        Throws:
        java.io.IOException - if an I/O error occurs.

      • CtrCryptoInputStream

        protected CtrCryptoInputStream​(java.io.InputStream inputStream,
                               CryptoCipher cipher,
                               int bufferSize,
                               byte[] key,
                               byte[] iv)
                        throws java.io.IOException
        Constructs a CtrCryptoInputStream.
        Parameters:
        inputStream - the input stream.
        cipher - the CryptoCipher instance.
        bufferSize - the bufferSize.
        key - crypto key for the cipher.
        iv - Initialization vector for the cipher.
        Throws:
        java.io.IOException - if an I/O error occurs.

      • CtrCryptoInputStream

        protected CtrCryptoInputStream​(java.io.InputStream inputStream,
                               CryptoCipher cipher,
                               int bufferSize,
                               byte[] key,
                               byte[] iv,
                               long streamOffset)
                        throws java.io.IOException
        Constructs a CtrCryptoInputStream.
        Parameters:
        inputStream - the InputStream instance.
        cipher - the CryptoCipher instance.
        bufferSize - the bufferSize.
        key - crypto key for the cipher.
        iv - Initialization vector for the cipher.
        streamOffset - the start offset in the stream.
        Throws:
        java.io.IOException - if an I/O error occurs.

      • CtrCryptoInputStream

        public CtrCryptoInputStream​(java.util.Properties properties,
                            java.io.InputStream inputStream,
                            byte[] key,
                            byte[] iv)
                     throws java.io.IOException
        Constructs a CtrCryptoInputStream.
        Parameters:
        properties - The Properties class represents a set of properties.
        inputStream - the input stream.
        key - crypto key for the cipher.
        iv - Initialization vector for the cipher.
        Throws:
        java.io.IOException - if an I/O error occurs.

      • CtrCryptoInputStream

        public CtrCryptoInputStream​(java.util.Properties properties,
                            java.io.InputStream inputStream,
                            byte[] key,
                            byte[] iv,
                            long streamOffset)
                     throws java.io.IOException
        Constructs a CtrCryptoInputStream.
        Parameters:
        properties - The Properties class represents a set of properties.
        inputStream - the InputStream instance.
        key - crypto key for the cipher.
        iv - Initialization vector for the cipher.
        streamOffset - the start offset in the stream.
        Throws:
        java.io.IOException - if an I/O error occurs.

      • CtrCryptoInputStream

        public CtrCryptoInputStream​(java.util.Properties properties,
                            java.nio.channels.ReadableByteChannel channel,
                            byte[] key,
                            byte[] iv)
                     throws java.io.IOException
        Constructs a CtrCryptoInputStream.
        Parameters:
        properties - The Properties class represents a set of properties.
        channel - the ReadableByteChannel instance.
        key - crypto key for the cipher.
        iv - Initialization vector for the cipher.
        Throws:
        java.io.IOException - if an I/O error occurs.

      • CtrCryptoInputStream

        public CtrCryptoInputStream​(java.util.Properties properties,
                            java.nio.channels.ReadableByteChannel in,
                            byte[] key,
                            byte[] iv,
                            long streamOffset)
                     throws java.io.IOException
        Constructs a CtrCryptoInputStream.
        Parameters:
        properties - The Properties class represents a set of properties.
        in - the ReadableByteChannel instance.
        key - crypto key for the cipher.
        iv - Initialization vector for the cipher.
        streamOffset - the start offset in the stream.
        Throws:
        java.io.IOException - if an I/O error occurs.

      • CtrCryptoInputStream

        protected CtrCryptoInputStream​(java.nio.channels.ReadableByteChannel channel,
                               CryptoCipher cipher,
                               int bufferSize,
                               byte[] key,
                               byte[] iv)
                        throws java.io.IOException
        Constructs a CtrCryptoInputStream.
        Parameters:
        channel - the ReadableByteChannel instance.
        cipher - the cipher instance.
        bufferSize - the bufferSize.
        key - crypto key for the cipher.
        iv - Initialization vector for the cipher.
        Throws:
        java.io.IOException - if an I/O error occurs.

      • CtrCryptoInputStream

        protected CtrCryptoInputStream​(java.nio.channels.ReadableByteChannel channel,
                               CryptoCipher cipher,
                               int bufferSize,
                               byte[] key,
                               byte[] iv,
                               long streamOffset)
                        throws java.io.IOException
        Constructs a CtrCryptoInputStream.
        Parameters:
        channel - the ReadableByteChannel instance.
        cipher - the CryptoCipher instance.
        bufferSize - the bufferSize.
        key - crypto key for the cipher.
        iv - Initialization vector for the cipher.
        streamOffset - the start offset in the stream.
        Throws:
        java.io.IOException - if an I/O error occurs.

    • Method Detail

      • calculateIV

        static void calculateIV​(byte[] initIV,
                        long counter,
                        byte[] IV)

        This method is only for Counter (CTR) mode. Generally the CryptoCipher calculates the IV and maintain encryption context internally.For example a Cipher will maintain its encryption context internally when we do encryption/decryption using the CryptoCipher#update interface.

        Encryption/Decryption is not always on the entire file. For example, in Hadoop, a node may only decrypt a portion of a file (i.e. a split). In these situations, the counter is derived from the file position.

        The IV can be calculated by combining the initial IV and the counter with a lossless operation (concatenation, addition, or XOR).
        Parameters:
        initIV - initial IV
        counter - counter for input stream position
        IV - the IV for input stream position
        See Also:
        http://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Counter_.28CTR.29

      • decrypt

        protected void decrypt()
                throws java.io.IOException
        Does the decryption using inBuffer as input and outBuffer as output. Upon return, inBuffer is cleared; the decrypted data starts at outBuffer.position() and ends at outBuffer.limit().
        Overrides:
        decrypt in class CryptoInputStream
        Throws:
        java.io.IOException - if an I/O error occurs.

      • decrypt

        protected void decrypt​(java.nio.ByteBuffer buf,
                       int offset,
                       int len)
                throws java.io.IOException
        Decrypts all data in buf: total n bytes from given start position. Output is also buf and same start position. buf.position() and buf.limit() should be unchanged after decryption.
        Parameters:
        buf - The buffer into which bytes are to be transferred.
        offset - the start offset in the data.
        len - the maximum number of decrypted data bytes to read.
        Throws:
        java.io.IOException - if an I/O error occurs.

      • decryptBuffer

        protected void decryptBuffer​(java.nio.ByteBuffer out)
                      throws java.io.IOException
        Does the decryption using out as output.
        Parameters:
        out - the output ByteBuffer.
        Throws:
        java.io.IOException - if an I/O error occurs.

      • decryptInPlace

        protected void decryptInPlace​(java.nio.ByteBuffer buf)
                       throws java.io.IOException
        Does the decryption using inBuffer as input and buf as output. Upon return, inBuffer is cleared; the buf's position will be equal to p + n where p is the position before decryption, n is the number of bytes decrypted. The buf's limit will not have changed.
        Parameters:
        buf - The buffer into which bytes are to be transferred.
        Throws:
        java.io.IOException - if an I/O error occurs.

      • decryptMore

        protected int decryptMore()
                   throws java.io.IOException
        Decrypts more data by reading the under layer stream. The decrypted data will be put in the output buffer.
        Overrides:
        decryptMore in class CryptoInputStream
        Returns:
        The number of decrypted data. -1 if end of the decrypted stream.
        Throws:
        java.io.IOException - if an I/O error occurs.

      • getCounter

        protected long getCounter​(long position)
        Gets the counter for input stream position.
        Parameters:
        position - the given position in the data.
        Returns:
        the counter for input stream position.

      • getInitIV

        protected byte[] getInitIV()
        Gets the initialization vector.
        Returns:
        the initIV.

      • getPadding

        protected byte getPadding​(long position)
        Gets the padding for input stream position.
        Parameters:
        position - the given position in the data.
        Returns:
        the padding for input stream position.

      • getStreamOffset

        protected long getStreamOffset()
        Gets the offset of the stream.
        Returns:
        the stream offset.

      • getStreamPosition

        protected long getStreamPosition()
        Gets the position of the stream.
        Returns:
        the position of the stream.

      • postDecryption

        protected byte postDecryption​(long position)
                       throws java.io.IOException
        This method is executed immediately after decryption. Checks whether cipher should be updated and recalculate padding if needed.
        Parameters:
        position - the given position in the data..
        Returns:
        the byte.
        Throws:
        java.io.IOException - if an I/O error occurs.

      • read

        public int read​(java.nio.ByteBuffer buf)
         throws java.io.IOException
        Overrides the read(ByteBuffer). Reads a sequence of bytes from this channel into the given buffer.
        Specified by:
        read in interface java.nio.channels.ReadableByteChannel
        Overrides:
        read in class CryptoInputStream
        Parameters:
        buf - The buffer into which bytes are to be transferred.
        Returns:
        The number of bytes read, possibly zero, or -1 if the channel has reached end-of-stream.
        Throws:
        java.io.IOException - if an I/O error occurs.

      • resetCipher

        protected void resetCipher​(long position)
                    throws java.io.IOException
        Calculates the counter and iv, resets the cipher.
        Parameters:
        position - the given position in the data.
        Throws:
        java.io.IOException - if an I/O error occurs.

      • resetStreamOffset

        protected void resetStreamOffset​(long offset)
                          throws java.io.IOException
        Resets the underlying stream offset; clear CryptoInputStream.inBuffer and CryptoInputStream.outBuffer. This Typically happens during skip(long).
        Parameters:
        offset - the offset of the stream.
        Throws:
        java.io.IOException - if an I/O error occurs.

      • seek

        public void seek​(long position)
          throws java.io.IOException
        Seeks the stream to a specific position relative to start of the under layer stream.
        Parameters:
        position - the given position in the data.
        Throws:
        java.io.IOException - if an I/O error occurs.

      • setStreamOffset

        protected void setStreamOffset​(long streamOffset)
        Sets the offset of stream.
        Parameters:
        streamOffset - the stream offset.

      • skip

        public long skip​(long n)
          throws java.io.IOException
        Overrides the CryptoInputStream.skip(long). Skips over and discards n bytes of data from this input stream.
        Overrides:
        skip in class CryptoInputStream
        Parameters:
        n - the number of bytes to be skipped.
        Returns:
        the actual number of bytes skipped.
        Throws:
        java.io.IOException - if an I/O error occurs.