• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    公众号
登陆 注册

Java EncryptedKeyVersion类代码示例

原作者: [db:作者] 来自: [db:来源] 收藏 邀请

本文整理汇总了Java中org.apache.hadoop.crypto.key.KeyProviderCryptoExtension.EncryptedKeyVersion的典型用法代码示例。如果您正苦于以下问题:Java EncryptedKeyVersion类的具体用法?Java EncryptedKeyVersion怎么用?Java EncryptedKeyVersion使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。



EncryptedKeyVersion类属于org.apache.hadoop.crypto.key.KeyProviderCryptoExtension包,在下文中一共展示了EncryptedKeyVersion类的19个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Java代码示例。

示例1: fillQueueForKey

import org.apache.hadoop.crypto.key.KeyProviderCryptoExtension.EncryptedKeyVersion; //导入依赖的package包/类
@Override
public void fillQueueForKey(String keyName,
    Queue<EncryptedKeyVersion> keyQueue, int numEKVs) throws IOException {
  checkNotNull(keyName, "keyName");
  Map<String, String> params = new HashMap<String, String>();
  params.put(KMSRESTConstants.EEK_OP, KMSRESTConstants.EEK_GENERATE);
  params.put(KMSRESTConstants.EEK_NUM_KEYS, "" + numEKVs);
  URL url = createURL(KMSRESTConstants.KEY_RESOURCE, keyName,
      KMSRESTConstants.EEK_SUB_RESOURCE, params);
  HttpURLConnection conn = createConnection(url, HTTP_GET);
  conn.setRequestProperty(CONTENT_TYPE, APPLICATION_JSON_MIME);
  List response = call(conn, null,
      HttpURLConnection.HTTP_OK, List.class);
  List<EncryptedKeyVersion> ekvs =
      parseJSONEncKeyVersion(keyName, response);
  keyQueue.addAll(ekvs);
}
开发者ID:nucypher,项目名称:hadoop-oss,代码行数:18,代码来源:KMSClientProvider.java


示例2: generateEncryptedKey

import org.apache.hadoop.crypto.key.KeyProviderCryptoExtension.EncryptedKeyVersion; //导入依赖的package包/类
@Override
public EncryptedKeyVersion
    generateEncryptedKey(final String encryptionKeyName)
        throws IOException, GeneralSecurityException {
  try {
    return doOp(new ProviderCallable<EncryptedKeyVersion>() {
      @Override
      public EncryptedKeyVersion call(KMSClientProvider provider)
          throws IOException, GeneralSecurityException {
        return provider.generateEncryptedKey(encryptionKeyName);
      }
    }, nextIdx());
  } catch (WrapperException we) {
    throw (GeneralSecurityException) we.getCause();
  }
}
开发者ID:nucypher,项目名称:hadoop-oss,代码行数:17,代码来源:LoadBalancingKMSClientProvider.java


示例3: decryptEncryptedKey

import org.apache.hadoop.crypto.key.KeyProviderCryptoExtension.EncryptedKeyVersion; //导入依赖的package包/类
@Override
public KeyVersion
    decryptEncryptedKey(final EncryptedKeyVersion encryptedKeyVersion)
        throws IOException, GeneralSecurityException {
  try {
    return doOp(new ProviderCallable<KeyVersion>() {
      @Override
      public KeyVersion call(KMSClientProvider provider)
          throws IOException, GeneralSecurityException {
        return provider.decryptEncryptedKey(encryptedKeyVersion);
      }
    }, nextIdx());
  } catch (WrapperException we) {
    throw (GeneralSecurityException)we.getCause();
  }
}
开发者ID:nucypher,项目名称:hadoop-oss,代码行数:17,代码来源:LoadBalancingKMSClientProvider.java


示例4: transformEncryptedKey

import org.apache.hadoop.crypto.key.KeyProviderCryptoExtension.EncryptedKeyVersion; //导入依赖的package包/类
public EncryptedKeyVersion transformEncryptedKey(EncryptedKeyVersion encryptedKeyVersion, ReEncryptionKeyInstance reKey)
    throws IOException, GeneralSecurityException
{
    CryptoCodec reCC = CryptoCodec.getInstance(conf, suite);
    Encryptor encryptor = reCC.createEncryptor();
    encryptor.init(reKey.getMaterial(), null);
    int keyLen = encryptedKeyVersion.getEncryptedKeyVersion().getMaterial().length;
    ByteBuffer bbIn = ByteBuffer.allocateDirect(keyLen);
    ByteBuffer bbOut = ByteBuffer.allocateDirect(keyLen);
    bbIn.put(encryptedKeyVersion.getEncryptedKeyVersion().getMaterial());
    bbIn.flip();
    encryptor.encrypt(bbIn, bbOut);
    byte[] encryptedKey = new byte[bbOut.limit()];
    bbOut.get(encryptedKey);
    final String dstKeyNameVersion = reKey.getDstNameVersion();
    return EncryptedKeyVersion.createForDecryption(KeyPairProvider.getBaseName(dstKeyNameVersion),
        dstKeyNameVersion,
        encryptedKeyVersion.getEncryptedKeyIv(), encryptedKey);
}
开发者ID:nucypher,项目名称:hadoop-oss,代码行数:20,代码来源:AbstractReEncryptionKeyProvider.java


示例5: decryptEncryptedDataEncryptionKey

import org.apache.hadoop.crypto.key.KeyProviderCryptoExtension.EncryptedKeyVersion; //导入依赖的package包/类
/**
 * Decrypts a EDEK by consulting the KeyProvider.
 */
private KeyVersion decryptEncryptedDataEncryptionKey(FileEncryptionInfo
    feInfo) throws IOException {
  TraceScope scope = Trace.startSpan("decryptEDEK", traceSampler);
  try {
    KeyProvider provider = getKeyProvider();
    if (provider == null) {
      throw new IOException("No KeyProvider is configured, cannot access" +
          " an encrypted file");
    }
    EncryptedKeyVersion ekv = EncryptedKeyVersion.createForDecryption(
        feInfo.getKeyName(), feInfo.getEzKeyVersionName(), feInfo.getIV(),
        feInfo.getEncryptedDataEncryptionKey());
    try {
      KeyProviderCryptoExtension cryptoProvider = KeyProviderCryptoExtension
          .createKeyProviderCryptoExtension(provider);
      return cryptoProvider.decryptEncryptedKey(ekv);
    } catch (GeneralSecurityException e) {
      throw new IOException(e);
    }
  } finally {
    scope.close();
  }
}
开发者ID:naver,项目名称:hadoop,代码行数:27,代码来源:DFSClient.java


示例6: decryptEncryptedDataEncryptionKey

import org.apache.hadoop.crypto.key.KeyProviderCryptoExtension.EncryptedKeyVersion; //导入依赖的package包/类
/**
 * Decrypts a EDEK by consulting the KeyProvider.
 */
private KeyVersion decryptEncryptedDataEncryptionKey(FileEncryptionInfo
    feInfo) throws IOException {
  try (TraceScope ignored = tracer.newScope("decryptEDEK")) {
    KeyProvider provider = getKeyProvider();
    if (provider == null) {
      throw new IOException("No KeyProvider is configured, cannot access" +
          " an encrypted file");
    }
    EncryptedKeyVersion ekv = EncryptedKeyVersion.createForDecryption(
        feInfo.getKeyName(), feInfo.getEzKeyVersionName(), feInfo.getIV(),
        feInfo.getEncryptedDataEncryptionKey());
    try {
      KeyProviderCryptoExtension cryptoProvider = KeyProviderCryptoExtension
          .createKeyProviderCryptoExtension(provider);
      return cryptoProvider.decryptEncryptedKey(ekv);
    } catch (GeneralSecurityException e) {
      throw new IOException(e);
    }
  }
}
开发者ID:aliyun-beta,项目名称:aliyun-oss-hadoop-fs,代码行数:24,代码来源:DFSClient.java


示例7: decryptEncryptedDataEncryptionKey

import org.apache.hadoop.crypto.key.KeyProviderCryptoExtension.EncryptedKeyVersion; //导入依赖的package包/类
/**
 * Decrypts a EDEK by consulting the KeyProvider.
 */
private KeyVersion decryptEncryptedDataEncryptionKey(FileEncryptionInfo
    feInfo) throws IOException {
  KeyProvider provider = getKeyProvider();
  if (provider == null) {
    throw new IOException("No KeyProvider is configured, cannot access" +
        " an encrypted file");
  }
  EncryptedKeyVersion ekv = EncryptedKeyVersion.createForDecryption(
      feInfo.getKeyName(), feInfo.getEzKeyVersionName(), feInfo.getIV(),
      feInfo.getEncryptedDataEncryptionKey());
  try {
    KeyProviderCryptoExtension cryptoProvider = KeyProviderCryptoExtension
        .createKeyProviderCryptoExtension(provider);
    return cryptoProvider.decryptEncryptedKey(ekv);
  } catch (GeneralSecurityException e) {
    throw new IOException(e);
  }
}
开发者ID:Nextzero,项目名称:hadoop-2.6.0-cdh5.4.3,代码行数:22,代码来源:DFSClient.java


示例8: decryptEncryptedDataEncryptionKey

import org.apache.hadoop.crypto.key.KeyProviderCryptoExtension.EncryptedKeyVersion; //导入依赖的package包/类
/**
 * Decrypts a EDEK by consulting the KeyProvider.
 */
private KeyVersion decryptEncryptedDataEncryptionKey(FileEncryptionInfo
    feInfo) throws IOException {
  if (provider == null) {
    throw new IOException("No KeyProvider is configured, cannot access" +
        " an encrypted file");
  }
  EncryptedKeyVersion ekv = EncryptedKeyVersion.createForDecryption(
      feInfo.getKeyName(), feInfo.getEzKeyVersionName(), feInfo.getIV(),
      feInfo.getEncryptedDataEncryptionKey());
  try {
    KeyProviderCryptoExtension cryptoProvider = KeyProviderCryptoExtension
        .createKeyProviderCryptoExtension(provider);
    return cryptoProvider.decryptEncryptedKey(ekv);
  } catch (GeneralSecurityException e) {
    throw new IOException(e);
  }
}
开发者ID:yncxcw,项目名称:FlexMap,代码行数:21,代码来源:DFSClient.java


示例9: generateEncryptedKey

import org.apache.hadoop.crypto.key.KeyProviderCryptoExtension.EncryptedKeyVersion; //导入依赖的package包/类
@Override
public EncryptedKeyVersion
    generateEncryptedKey(final String encryptionKeyName)
        throws IOException, GeneralSecurityException {
  try {
    return doOp(new ProviderCallable<EncryptedKeyVersion>() {
      @Override
      public EncryptedKeyVersion call(KMSClientProvider provider)
          throws IOException, GeneralSecurityException {
        return provider.generateEncryptedKey(encryptionKeyName);
      }
    }, nextIdx());
  } catch (WrapperException we) {
    if (we.getCause() instanceof GeneralSecurityException) {
      throw (GeneralSecurityException) we.getCause();
    }
    throw new IOException(we.getCause());
  }
}
开发者ID:hopshadoop,项目名称:hops,代码行数:20,代码来源:LoadBalancingKMSClientProvider.java


示例10: decryptEncryptedKey

import org.apache.hadoop.crypto.key.KeyProviderCryptoExtension.EncryptedKeyVersion; //导入依赖的package包/类
@Override
public KeyVersion
    decryptEncryptedKey(final EncryptedKeyVersion encryptedKeyVersion)
        throws IOException, GeneralSecurityException {
  try {
    return doOp(new ProviderCallable<KeyVersion>() {
      @Override
      public KeyVersion call(KMSClientProvider provider)
          throws IOException, GeneralSecurityException {
        return provider.decryptEncryptedKey(encryptedKeyVersion);
      }
    }, nextIdx());
  } catch (WrapperException we) {
    if (we.getCause() instanceof GeneralSecurityException) {
      throw (GeneralSecurityException) we.getCause();
    }
    throw new IOException(we.getCause());
  }
}
开发者ID:hopshadoop,项目名称:hops,代码行数:20,代码来源:LoadBalancingKMSClientProvider.java


示例11: parseJSONEncKeyVersion

import org.apache.hadoop.crypto.key.KeyProviderCryptoExtension.EncryptedKeyVersion; //导入依赖的package包/类
@SuppressWarnings("rawtypes")
private static List<EncryptedKeyVersion>
    parseJSONEncKeyVersion(String keyName, List valueList) {
  List<EncryptedKeyVersion> ekvs = new LinkedList<EncryptedKeyVersion>();
  if (!valueList.isEmpty()) {
    for (Object values : valueList) {
      Map valueMap = (Map) values;

      String versionName = checkNotNull(
              (String) valueMap.get(KMSRESTConstants.VERSION_NAME_FIELD),
              KMSRESTConstants.VERSION_NAME_FIELD);

      byte[] iv = Base64.decodeBase64(checkNotNull(
              (String) valueMap.get(KMSRESTConstants.IV_FIELD),
              KMSRESTConstants.IV_FIELD));

      Map encValueMap = checkNotNull((Map)
              valueMap.get(KMSRESTConstants.ENCRYPTED_KEY_VERSION_FIELD),
              KMSRESTConstants.ENCRYPTED_KEY_VERSION_FIELD);

      String encVersionName = checkNotNull((String)
              encValueMap.get(KMSRESTConstants.VERSION_NAME_FIELD),
              KMSRESTConstants.VERSION_NAME_FIELD);

      byte[] encKeyMaterial = Base64.decodeBase64(checkNotNull((String)
              encValueMap.get(KMSRESTConstants.MATERIAL_FIELD),
              KMSRESTConstants.MATERIAL_FIELD));

      ekvs.add(new KMSEncryptedKeyVersion(keyName, versionName, iv,
          encVersionName, encKeyMaterial));
    }
  }
  return ekvs;
}
开发者ID:nucypher,项目名称:hadoop-oss,代码行数:35,代码来源:KMSClientProvider.java


示例12: generateEncryptedKey

import org.apache.hadoop.crypto.key.KeyProviderCryptoExtension.EncryptedKeyVersion; //导入依赖的package包/类
@Override
public EncryptedKeyVersion generateEncryptedKey(
    String encryptionKeyName) throws IOException, GeneralSecurityException {
  try {
    return encKeyVersionQueue.getNext(encryptionKeyName);
  } catch (ExecutionException e) {
    if (e.getCause() instanceof SocketTimeoutException) {
      throw (SocketTimeoutException)e.getCause();
    }
    throw new IOException(e);
  }
}
开发者ID:nucypher,项目名称:hadoop-oss,代码行数:13,代码来源:KMSClientProvider.java


示例13: decryptEncryptedKey

import org.apache.hadoop.crypto.key.KeyProviderCryptoExtension.EncryptedKeyVersion; //导入依赖的package包/类
@SuppressWarnings("rawtypes")
@Override
public KeyVersion decryptEncryptedKey(
    EncryptedKeyVersion encryptedKeyVersion) throws IOException,
                                                    GeneralSecurityException {
  checkNotNull(encryptedKeyVersion.getEncryptionKeyVersionName(),
      "versionName");
  checkNotNull(encryptedKeyVersion.getEncryptedKeyIv(), "iv");
  Preconditions.checkArgument(
      encryptedKeyVersion.getEncryptedKeyVersion().getVersionName()
          .equals(KeyProviderCryptoExtension.EEK),
      "encryptedKey version name must be '%s', is '%s'",
      KeyProviderCryptoExtension.EEK,
      encryptedKeyVersion.getEncryptedKeyVersion().getVersionName()
  );
  checkNotNull(encryptedKeyVersion.getEncryptedKeyVersion(), "encryptedKey");
  Map<String, String> params = new HashMap<String, String>();
  params.put(KMSRESTConstants.EEK_OP, KMSRESTConstants.EEK_DECRYPT);
  Map<String, Object> jsonPayload = new HashMap<String, Object>();
  jsonPayload.put(KMSRESTConstants.NAME_FIELD,
      encryptedKeyVersion.getEncryptionKeyName());
  jsonPayload.put(KMSRESTConstants.IV_FIELD, Base64.encodeBase64String(
      encryptedKeyVersion.getEncryptedKeyIv()));
  jsonPayload.put(KMSRESTConstants.MATERIAL_FIELD, Base64.encodeBase64String(
          encryptedKeyVersion.getEncryptedKeyVersion().getMaterial()));
  URL url = createURL(KMSRESTConstants.KEY_VERSION_RESOURCE,
      encryptedKeyVersion.getEncryptionKeyVersionName(),
      KMSRESTConstants.EEK_SUB_RESOURCE, params);
  HttpURLConnection conn = createConnection(url, HTTP_POST);
  conn.setRequestProperty(CONTENT_TYPE, APPLICATION_JSON_MIME);
  Map response =
      call(conn, jsonPayload, HttpURLConnection.HTTP_OK, Map.class);
  return parseJSONKeyVersion(response);
}
开发者ID:nucypher,项目名称:hadoop-oss,代码行数:35,代码来源:KMSClientProvider.java


示例14: decryptEncryptedKey

import org.apache.hadoop.crypto.key.KeyProviderCryptoExtension.EncryptedKeyVersion; //导入依赖的package包/类
@SuppressWarnings("rawtypes")
@Override
public KeyVersion decryptEncryptedKey(
    EncryptedKeyVersion encryptedKeyVersion) throws IOException,
                                                    GeneralSecurityException {
  checkNotNull(encryptedKeyVersion.getEncryptionKeyVersionName(),
      "versionName");
  checkNotNull(encryptedKeyVersion.getEncryptedKeyIv(), "iv");
  Preconditions.checkArgument(
      encryptedKeyVersion.getEncryptedKeyVersion().getVersionName()
          .equals(KeyProviderCryptoExtension.EEK),
      "encryptedKey version name must be '%s', is '%s'",
      KeyProviderCryptoExtension.EEK,
      encryptedKeyVersion.getEncryptedKeyVersion().getVersionName()
  );
  checkNotNull(encryptedKeyVersion.getEncryptedKeyVersion(), "encryptedKey");
  // TODO
  // Here we need to call  ReEncryptionKeyProviderInterface.transformEncryptedKey(
  //  EncryptedKeyVersion encryptedKeyVersion, String destinationEncryptionKey);
  // to get key, transformated to apropriate key and decrypt it with local private key

  Map<String, String> params = new HashMap<String, String>();
  params.put(KMSRESTConstants.EEK_OP, KMSRESTConstants.EEK_DECRYPT);
  Map<String, Object> jsonPayload = new HashMap<String, Object>();
  jsonPayload.put(KMSRESTConstants.NAME_FIELD,
      encryptedKeyVersion.getEncryptionKeyName());
  jsonPayload.put(KMSRESTConstants.IV_FIELD, Base64.encodeBase64String(
      encryptedKeyVersion.getEncryptedKeyIv()));
  jsonPayload.put(KMSRESTConstants.MATERIAL_FIELD, Base64.encodeBase64String(
          encryptedKeyVersion.getEncryptedKeyVersion().getMaterial()));
  URL url = createURL(KMSRESTConstants.KEY_VERSION_RESOURCE,
      encryptedKeyVersion.getEncryptionKeyVersionName(),
      KMSRESTConstants.EEK_SUB_RESOURCE, params);
  HttpURLConnection conn = createConnection(url, HTTP_POST);
  conn.setRequestProperty(CONTENT_TYPE, APPLICATION_JSON_MIME);
  Map response =
      call(conn, jsonPayload, HttpURLConnection.HTTP_OK, Map.class);
  return parseJSONKeyVersion(response);
}
开发者ID:nucypher,项目名称:hadoop-oss,代码行数:40,代码来源:KMSPREClientProvider.java


示例15: transformEncryptedKey

import org.apache.hadoop.crypto.key.KeyProviderCryptoExtension.EncryptedKeyVersion; //导入依赖的package包/类
@Override
public EncryptedKeyVersion transformEncryptedKey(EncryptedKeyVersion encryptedKeyVersion, String destinationEncryptionKey)
    throws IOException, GeneralSecurityException
{
    checkNotNull(encryptedKeyVersion.getEncryptionKeyVersionName(),
        "versionName");
    checkNotNull(encryptedKeyVersion.getEncryptedKeyIv(), "iv");
    Preconditions.checkArgument(
        encryptedKeyVersion.getEncryptedKeyVersion().getVersionName()
            .equals(KeyProviderCryptoExtension.EEK),
        "encryptedKey version name must be '%s', is '%s'",
        KeyProviderCryptoExtension.EEK,
        encryptedKeyVersion.getEncryptedKeyVersion().getVersionName()
    );
    checkNotNull(encryptedKeyVersion.getEncryptedKeyVersion(), "encryptedKey");
    checkNotNull(destinationEncryptionKey, "destinationEncryptionKey");
    Map<String, String> params = new HashMap<>();
    params.put(RENRESTConstants.REN_OP, RENRESTConstants.REN_TRANSFORM);
    Map<String, Object> jsonPayload = new HashMap<>();
    jsonPayload.put(KMSRESTConstants.NAME_FIELD,
        encryptedKeyVersion.getEncryptionKeyName());
    jsonPayload.put(KMSRESTConstants.VERSION_NAME_FIELD,
      encryptedKeyVersion.getEncryptionKeyVersionName());
    jsonPayload.put(KMSRESTConstants.IV_FIELD, Base64.encodeBase64String(
        encryptedKeyVersion.getEncryptedKeyIv()));
    jsonPayload.put(KMSRESTConstants.MATERIAL_FIELD, Base64.encodeBase64String(
        encryptedKeyVersion.getEncryptedKeyVersion().getMaterial()));
    URL url = createURL(RENRESTConstants.KEY_VERSION_RESOURCE,
          destinationEncryptionKey,
        RENRESTConstants.REK_SUB_RESOURCE, params);
    HttpURLConnection conn = createConnection(url, HTTP_POST);
    conn.setRequestProperty(CONTENT_TYPE, APPLICATION_JSON_MIME);
    List response =
        call(conn, jsonPayload, HttpURLConnection.HTTP_OK, List.class);

    List<EncryptedKeyVersion> ekvs =
      parseJSONEncKeyVersion(encryptedKeyVersion.getEncryptionKeyVersionName(), response);

    return ekvs.get(0);
  }
开发者ID:nucypher,项目名称:hadoop-oss,代码行数:41,代码来源:ReEncryptionClientProvider.java


示例16: parseJSONEncKeyVersion

import org.apache.hadoop.crypto.key.KeyProviderCryptoExtension.EncryptedKeyVersion; //导入依赖的package包/类
@SuppressWarnings("rawtypes")
private static List<EncryptedKeyVersion>
parseJSONEncKeyVersion(String keyName, List valueList) {
  List<EncryptedKeyVersion> ekvs = new LinkedList<EncryptedKeyVersion>();
  if (!valueList.isEmpty()) {
    for (Object values : valueList) {
      Map valueMap = (Map) values;

      String versionName = checkNotNull(
          (String) valueMap.get(KMSRESTConstants.VERSION_NAME_FIELD),
          KMSRESTConstants.VERSION_NAME_FIELD);

      byte[] iv = Base64.decodeBase64(checkNotNull(
          (String) valueMap.get(KMSRESTConstants.IV_FIELD),
          KMSRESTConstants.IV_FIELD));

      Map encValueMap = checkNotNull((Map)
              valueMap.get(KMSRESTConstants.ENCRYPTED_KEY_VERSION_FIELD),
          KMSRESTConstants.ENCRYPTED_KEY_VERSION_FIELD);

      String encVersionName = checkNotNull((String)
              encValueMap.get(KMSRESTConstants.VERSION_NAME_FIELD),
          KMSRESTConstants.VERSION_NAME_FIELD);

      byte[] encKeyMaterial = Base64.decodeBase64(checkNotNull((String)
              encValueMap.get(KMSRESTConstants.MATERIAL_FIELD),
          KMSRESTConstants.MATERIAL_FIELD));

      ekvs.add(new RENEncryptedKeyVersion(keyName, versionName, iv,
          encVersionName, encKeyMaterial));
    }
  }
  return ekvs;
}
开发者ID:nucypher,项目名称:hadoop-oss,代码行数:35,代码来源:ReEncryptionClientProvider.java


示例17: testEncryptDecrypt

import org.apache.hadoop.crypto.key.KeyProviderCryptoExtension.EncryptedKeyVersion; //导入依赖的package包/类
@Test
public void testEncryptDecrypt() throws Exception {
  // Get an EEK
  KeyProviderCryptoExtension.EncryptedKeyVersion eek =
      kpExt.generateEncryptedKey(encryptionKey.getName());
  final byte[] encryptedKeyIv = eek.getEncryptedKeyIv();
  final byte[] encryptedKeyMaterial = eek.getEncryptedKeyVersion()
      .getMaterial();
  // Decrypt it manually
  Cipher cipher = Cipher.getInstance("AES/CTR/NoPadding");
  cipher.init(Cipher.DECRYPT_MODE,
      new SecretKeySpec(encryptionKey.getMaterial(), "AES"),
      new IvParameterSpec(KeyProviderCryptoExtension.EncryptedKeyVersion
          .deriveIV(encryptedKeyIv)));
  final byte[] manualMaterial = cipher.doFinal(encryptedKeyMaterial);

  // Test the createForDecryption factory method
  EncryptedKeyVersion eek2 =
      EncryptedKeyVersion.createForDecryption(eek.getEncryptionKeyName(),
          eek.getEncryptionKeyVersionName(), eek.getEncryptedKeyIv(),
          eek.getEncryptedKeyVersion().getMaterial());

  // Decrypt it with the API
  KeyVersion decryptedKey = kpExt.decryptEncryptedKey(eek2);
  final byte[] apiMaterial = decryptedKey.getMaterial();

  assertArrayEquals("Wrong key material from decryptEncryptedKey",
      manualMaterial, apiMaterial);
}
开发者ID:nucypher,项目名称:hadoop-oss,代码行数:30,代码来源:TestKeyProviderCryptoExtension.java


示例18: decryptEncryptedKey

import org.apache.hadoop.crypto.key.KeyProviderCryptoExtension.EncryptedKeyVersion; //导入依赖的package包/类
@SuppressWarnings("rawtypes")
@POST
@Path(RENRESTConstants.KEY_VERSION_RESOURCE + "/{dstVersionName:.*}/" +
    RENRESTConstants.REK_SUB_RESOURCE)
@Produces(MediaType.APPLICATION_JSON)
public Response decryptEncryptedKey(
    @PathParam("dstVersionName") final String dstVersionName,
    @QueryParam(RENRESTConstants.REN_OP) String renOp,
    Map jsonPayload)
    throws Exception {
  UserGroupInformation user = HttpUserGroupInformation.get();
  KMSClientProvider.checkNotEmpty(dstVersionName, "dstVersionName");
  KMSClientProvider.checkNotNull(renOp, "renOp");

  final String keyName = (String) jsonPayload.get(
      KMSRESTConstants.NAME_FIELD);
  final String keyVersionName = (String) jsonPayload.get(
      KMSRESTConstants.VERSION_NAME_FIELD);
  String ivStr = (String) jsonPayload.get(KMSRESTConstants.IV_FIELD);
  String encMaterialStr =
      (String) jsonPayload.get(KMSRESTConstants.MATERIAL_FIELD);
  Object retJSON;
  if (renOp.equals(RENRESTConstants.REN_TRANSFORM)) {
    assertAccess(KMSACLs.Type.TRANSFORM_EEK, user, RENOp.TRANSFORM_EEK, keyName);
    KMSClientProvider.checkNotNull(ivStr, KMSRESTConstants.IV_FIELD);
    final byte[] iv = Base64.decodeBase64(ivStr);
    KMSClientProvider.checkNotNull(encMaterialStr,
        KMSRESTConstants.MATERIAL_FIELD);
    final byte[] encMaterial = Base64.decodeBase64(encMaterialStr);

    EncryptedKeyVersion retKeyVersion = user.doAs(
        new PrivilegedExceptionAction<EncryptedKeyVersion>() {
          @Override
          public EncryptedKeyVersion run() throws Exception {
            return provider.transformEncryptedKey(
                new KMSClientProvider.KMSEncryptedKeyVersion(keyName,
                    keyVersionName, iv, KeyProviderCryptoExtension.EEK,
                    encMaterial),
                dstVersionName
            );
          }
        }
    );

    final List<EncryptedKeyVersion> retEdeks =
      Collections.singletonList(retKeyVersion);

    renAudit.ok(user, RENOp.TRANSFORM_EEK,
        keyVersionName + "->" + dstVersionName, "");
    retJSON = new ArrayList();
    for (EncryptedKeyVersion edek : retEdeks) {
      ((ArrayList)retJSON).add(KMSServerJSONUtils.toJSON(edek));
    }
  } else {
    throw new IllegalArgumentException("Wrong " + RENRESTConstants.REN_OP +
        " value, it must be " + RENRESTConstants.REN_TRANSFORM);
  }
  KMSWebApp.getTransformEEKCallsMeter().mark();
  return Response.ok().type(MediaType.APPLICATION_JSON).entity(retJSON)
      .build();
}
开发者ID:nucypher,项目名称:hadoop-oss,代码行数:62,代码来源:REN.java


示例19: toJSON

import org.apache.hadoop.crypto.key.KeyProviderCryptoExtension.EncryptedKeyVersion; //导入依赖的package包/类
@SuppressWarnings("unchecked")
public static Map toJSON(EncryptedKeyVersion encryptedKeyVersion) {
  Map json = new LinkedHashMap();
  if (encryptedKeyVersion != null) {
    json.put(KMSRESTConstants.VERSION_NAME_FIELD,
        encryptedKeyVersion.getEncryptionKeyVersionName());
    json.put(KMSRESTConstants.IV_FIELD,
        Base64.encodeBase64URLSafeString(
            encryptedKeyVersion.getEncryptedKeyIv()));
    json.put(KMSRESTConstants.ENCRYPTED_KEY_VERSION_FIELD,
        toJSON(encryptedKeyVersion.getEncryptedKeyVersion()));
  }
  return json;
}
开发者ID:nucypher,项目名称:hadoop-oss,代码行数:15,代码来源:KMSServerJSONUtils.java



注:本文中的org.apache.hadoop.crypto.key.KeyProviderCryptoExtension.EncryptedKeyVersion类示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。

鲜花
握手
雷人
路过
鸡蛋
该文章已有0人参与评论

请发表评论

全部评论

专题导读
More+
上一篇:
Java Item类代码示例发布时间:2022-05-23
下一篇:
Java MimePath类代码示例发布时间:2022-05-23
热门推荐
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap