Package org.apache.commons.crypto.cipher

Class OpenSslCipher

java.lang.Object
org.apache.commons.crypto.cipher.OpenSslCipher
All Implemented Interfaces:
Closeable, AutoCloseable, CryptoCipher
final class OpenSslCipher extends Object implements CryptoCipher
Implements the CryptoCipher using JNI into OpenSSL.

this class is not public/protected so does not appear in the main Javadoc Please ensure that property use is documented in the enum CryptoRandomFactory.RandomProvider

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    private boolean
    initialized
     
    private final OpenSsl
    openSslEngine
     
    private final String
    transformation
     

  • Constructor Summary

    Constructors
    Constructor
    Description
    OpenSslCipher(Properties props, String transformation)
    Constructs a CryptoCipher using JNI into OpenSSL

  • Method Summary

    Modifier and Type
    Method
    Description
    void
    close()
    Closes the OpenSSL openSslEngine.
    int
    doFinal(byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset)
    Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation.
    int
    doFinal(ByteBuffer inBuffer, ByteBuffer outBuffer)
    Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation.
    String
    getAlgorithm()
    Returns the algorithm name of this CryptoCipher object.
    int
    getBlockSize()
    Returns the block size (in bytes).
    void
    init(int mode, Key key, AlgorithmParameterSpec params)
    Initializes the openSslEngine with mode, key and iv.
    int
    update(byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset)
    Continues a multiple-part encryption/decryption operation.
    int
    update(ByteBuffer inBuffer, ByteBuffer outBuffer)
    Continues a multiple-part encryption/decryption operation.
    void
    updateAAD(byte[] aad)
    Continues a multi-part update of the Additional Authentication Data (AAD).
    void
    updateAAD(ByteBuffer aad)
    Continues a multi-part update of the Additional Authentication Data (AAD).

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Field Details

    • openSslEngine

      private final OpenSsl openSslEngine

    • initialized

      private boolean initialized

    • transformation

      private final String transformation

  • Constructor Details

    • OpenSslCipher

      public OpenSslCipher(Properties props, String transformation) throws GeneralSecurityException
      Constructs a CryptoCipher using JNI into OpenSSL
      Parameters:
      props - properties for OpenSSL openSslEngine (unused)
      transformation - transformation for OpenSSL openSslEngine (algorithm/mode/padding)
      Throws:
      GeneralSecurityException - if OpenSSL openSslEngine initialize failed

  • Method Details

    • close

      public void close()
      Closes the OpenSSL openSslEngine. Clean the OpenSsl native context.
      Specified by:
      close in interface AutoCloseable
      Specified by:
      close in interface Closeable

    • doFinal

      public int doFinal(byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset) throws ShortBufferException, IllegalBlockSizeException, BadPaddingException
      Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation.
      Specified by:
      doFinal in interface CryptoCipher
      Parameters:
      input - the input byte array
      inputOffset - the offset in input where the input starts
      inputLen - the input length
      output - the byte array for the result
      outputOffset - the offset in output where the result is stored
      Returns:
      the number of bytes stored in output
      Throws:
      ShortBufferException - if the given output byte array is too small to hold the result
      BadPaddingException - if this openSslEngine is in decryption mode, and (un)padding has been requested, but the decrypted data is not bounded by the appropriate padding bytes
      IllegalBlockSizeException - if this openSslEngine is a block openSslEngine, no padding has been requested (only in encryption mode), and the total input length of the data processed by this openSslEngine is not a multiple of block size; or if this encryption algorithm is unable to process the input data provided.

    • doFinal

      public int doFinal(ByteBuffer inBuffer, ByteBuffer outBuffer) throws ShortBufferException, IllegalBlockSizeException, BadPaddingException
      Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation. The data is encrypted or decrypted, depending on how this openSslEngine was initialized.
      Specified by:
      doFinal in interface CryptoCipher
      Parameters:
      inBuffer - the input ByteBuffer
      outBuffer - the output ByteBuffer
      Returns:
      int number of bytes stored in output
      Throws:
      BadPaddingException - if this openSslEngine is in decryption mode, and (un)padding has been requested, but the decrypted data is not bounded by the appropriate padding bytes
      IllegalBlockSizeException - if this openSslEngine is a block openSslEngine, no padding has been requested (only in encryption mode), and the total input length of the data processed by this openSslEngine is not a multiple of block size; or if this encryption algorithm is unable to process the input data provided.
      ShortBufferException - if the given output buffer is too small to hold the result

    • getAlgorithm

      public String getAlgorithm()
      Returns the algorithm name of this CryptoCipher object.

      This is the same name that was specified in one of the CryptoCipherFactory#getInstance calls that created this CryptoCipher object..

      Specified by:
      getAlgorithm in interface CryptoCipher
      Returns:
      the algorithm name of this CryptoCipher object.

    • getBlockSize

      public int getBlockSize()
      Returns the block size (in bytes).
      Specified by:
      getBlockSize in interface CryptoCipher
      Returns:
      the block size (in bytes), or 0 if the underlying algorithm is not a block openSslEngine

    • init

      public void init(int mode, Key key, AlgorithmParameterSpec params) throws InvalidKeyException, InvalidAlgorithmParameterException
      Initializes the openSslEngine with mode, key and iv.
      Specified by:
      init in interface CryptoCipher
      Parameters:
      mode - Cipher.ENCRYPT_MODE or Cipher.DECRYPT_MODE
      key - crypto key for the openSslEngine
      params - the algorithm parameters
      Throws:
      InvalidKeyException - If key length is invalid
      InvalidAlgorithmParameterException - if IV length is wrong

    • update

      public int update(byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset) throws ShortBufferException
      Continues a multiple-part encryption/decryption operation. The data is encrypted or decrypted, depending on how this openSslEngine was initialized.
      Specified by:
      update in interface CryptoCipher
      Parameters:
      input - the input byte array
      inputOffset - the offset in input where the input starts
      inputLen - the input length
      output - the byte array for the result
      outputOffset - the offset in output where the result is stored
      Returns:
      the number of bytes stored in output
      Throws:
      ShortBufferException - if there is insufficient space in the output byte array

    • update

      public int update(ByteBuffer inBuffer, ByteBuffer outBuffer) throws ShortBufferException
      Continues a multiple-part encryption/decryption operation. The data is encrypted or decrypted, depending on how this openSslEngine was initialized.
      Specified by:
      update in interface CryptoCipher
      Parameters:
      inBuffer - the input ByteBuffer
      outBuffer - the output ByteBuffer
      Returns:
      int number of bytes stored in output
      Throws:
      ShortBufferException - if there is insufficient space in the output buffer

    • updateAAD

      public void updateAAD(byte[] aad) throws IllegalArgumentException, IllegalStateException, UnsupportedOperationException
      Continues a multi-part update of the Additional Authentication Data (AAD).

      Calls to this method provide AAD to the opensslEngine when operating in modes such as AEAD (GCM). If this opensslEngine is operating in either GCM mode, all AAD must be supplied before beginning operations on the ciphertext (via the update and doFinal methods).

      Specified by:
      updateAAD in interface CryptoCipher
      Parameters:
      aad - the buffer containing the Additional Authentication Data
      Throws:
      IllegalArgumentException - if the aad byte array is null
      IllegalStateException - if this opensslEngine is in a wrong state (e.g., has not been initialized), does not accept AAD, or if operating in either GCM mode and one of the update methods has already been called for the active encryption/decryption operation
      UnsupportedOperationException - if the implementation opensslEngine doesn't support this operation.

    • updateAAD

      public void updateAAD(ByteBuffer aad) throws IllegalArgumentException, IllegalStateException, UnsupportedOperationException
      Continues a multi-part update of the Additional Authentication Data (AAD).

      Calls to this method provide AAD to the opensslEngine when operating in modes such as AEAD (GCM). If this opensslEngine is operating in either GCM mode, all AAD must be supplied before beginning operations on the ciphertext (via the update and doFinal methods).

      Specified by:
      updateAAD in interface CryptoCipher
      Parameters:
      aad - the buffer containing the Additional Authentication Data
      Throws:
      IllegalArgumentException - if the aad byte array is null
      IllegalStateException - if this opensslEngine is in a wrong state (e.g., has not been initialized), does not accept AAD, or if operating in either GCM mode and one of the update methods has already been called for the active encryption/decryption operation
      UnsupportedOperationException - if the implementation opensslEngine doesn't support this operation.