本文整理汇总了Java中org.apache.hadoop.crypto.key.KeyProviderCryptoExtension.EncryptedKeyVersion.createForDecryption方法的典型用法代码示例。如果您正苦于以下问题:Java EncryptedKeyVersion.createForDecryption方法的具体用法?Java EncryptedKeyVersion.createForDecryption怎么用?Java EncryptedKeyVersion.createForDecryption使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.apache.hadoop.crypto.key.KeyProviderCryptoExtension.EncryptedKeyVersion
的用法示例。
在下文中一共展示了EncryptedKeyVersion.createForDecryption方法的6个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: transformEncryptedKey
import org.apache.hadoop.crypto.key.KeyProviderCryptoExtension.EncryptedKeyVersion; //导入方法依赖的package包/类
public EncryptedKeyVersion transformEncryptedKey(EncryptedKeyVersion encryptedKeyVersion, ReEncryptionKeyInstance reKey)
throws IOException, GeneralSecurityException
{
CryptoCodec reCC = CryptoCodec.getInstance(conf, suite);
Encryptor encryptor = reCC.createEncryptor();
encryptor.init(reKey.getMaterial(), null);
int keyLen = encryptedKeyVersion.getEncryptedKeyVersion().getMaterial().length;
ByteBuffer bbIn = ByteBuffer.allocateDirect(keyLen);
ByteBuffer bbOut = ByteBuffer.allocateDirect(keyLen);
bbIn.put(encryptedKeyVersion.getEncryptedKeyVersion().getMaterial());
bbIn.flip();
encryptor.encrypt(bbIn, bbOut);
byte[] encryptedKey = new byte[bbOut.limit()];
bbOut.get(encryptedKey);
final String dstKeyNameVersion = reKey.getDstNameVersion();
return EncryptedKeyVersion.createForDecryption(KeyPairProvider.getBaseName(dstKeyNameVersion),
dstKeyNameVersion,
encryptedKeyVersion.getEncryptedKeyIv(), encryptedKey);
}
示例2: decryptEncryptedDataEncryptionKey
import org.apache.hadoop.crypto.key.KeyProviderCryptoExtension.EncryptedKeyVersion; //导入方法依赖的package包/类
/**
* Decrypts a EDEK by consulting the KeyProvider.
*/
private KeyVersion decryptEncryptedDataEncryptionKey(FileEncryptionInfo
feInfo) throws IOException {
TraceScope scope = Trace.startSpan("decryptEDEK", traceSampler);
try {
KeyProvider provider = getKeyProvider();
if (provider == null) {
throw new IOException("No KeyProvider is configured, cannot access" +
" an encrypted file");
}
EncryptedKeyVersion ekv = EncryptedKeyVersion.createForDecryption(
feInfo.getKeyName(), feInfo.getEzKeyVersionName(), feInfo.getIV(),
feInfo.getEncryptedDataEncryptionKey());
try {
KeyProviderCryptoExtension cryptoProvider = KeyProviderCryptoExtension
.createKeyProviderCryptoExtension(provider);
return cryptoProvider.decryptEncryptedKey(ekv);
} catch (GeneralSecurityException e) {
throw new IOException(e);
}
} finally {
scope.close();
}
}
示例3: decryptEncryptedDataEncryptionKey
import org.apache.hadoop.crypto.key.KeyProviderCryptoExtension.EncryptedKeyVersion; //导入方法依赖的package包/类
/**
* Decrypts a EDEK by consulting the KeyProvider.
*/
private KeyVersion decryptEncryptedDataEncryptionKey(FileEncryptionInfo
feInfo) throws IOException {
try (TraceScope ignored = tracer.newScope("decryptEDEK")) {
KeyProvider provider = getKeyProvider();
if (provider == null) {
throw new IOException("No KeyProvider is configured, cannot access" +
" an encrypted file");
}
EncryptedKeyVersion ekv = EncryptedKeyVersion.createForDecryption(
feInfo.getKeyName(), feInfo.getEzKeyVersionName(), feInfo.getIV(),
feInfo.getEncryptedDataEncryptionKey());
try {
KeyProviderCryptoExtension cryptoProvider = KeyProviderCryptoExtension
.createKeyProviderCryptoExtension(provider);
return cryptoProvider.decryptEncryptedKey(ekv);
} catch (GeneralSecurityException e) {
throw new IOException(e);
}
}
}
示例4: decryptEncryptedDataEncryptionKey
import org.apache.hadoop.crypto.key.KeyProviderCryptoExtension.EncryptedKeyVersion; //导入方法依赖的package包/类
/**
* Decrypts a EDEK by consulting the KeyProvider.
*/
private KeyVersion decryptEncryptedDataEncryptionKey(FileEncryptionInfo
feInfo) throws IOException {
KeyProvider provider = getKeyProvider();
if (provider == null) {
throw new IOException("No KeyProvider is configured, cannot access" +
" an encrypted file");
}
EncryptedKeyVersion ekv = EncryptedKeyVersion.createForDecryption(
feInfo.getKeyName(), feInfo.getEzKeyVersionName(), feInfo.getIV(),
feInfo.getEncryptedDataEncryptionKey());
try {
KeyProviderCryptoExtension cryptoProvider = KeyProviderCryptoExtension
.createKeyProviderCryptoExtension(provider);
return cryptoProvider.decryptEncryptedKey(ekv);
} catch (GeneralSecurityException e) {
throw new IOException(e);
}
}
示例5: decryptEncryptedDataEncryptionKey
import org.apache.hadoop.crypto.key.KeyProviderCryptoExtension.EncryptedKeyVersion; //导入方法依赖的package包/类
/**
* Decrypts a EDEK by consulting the KeyProvider.
*/
private KeyVersion decryptEncryptedDataEncryptionKey(FileEncryptionInfo
feInfo) throws IOException {
if (provider == null) {
throw new IOException("No KeyProvider is configured, cannot access" +
" an encrypted file");
}
EncryptedKeyVersion ekv = EncryptedKeyVersion.createForDecryption(
feInfo.getKeyName(), feInfo.getEzKeyVersionName(), feInfo.getIV(),
feInfo.getEncryptedDataEncryptionKey());
try {
KeyProviderCryptoExtension cryptoProvider = KeyProviderCryptoExtension
.createKeyProviderCryptoExtension(provider);
return cryptoProvider.decryptEncryptedKey(ekv);
} catch (GeneralSecurityException e) {
throw new IOException(e);
}
}
示例6: testEncryptDecrypt
import org.apache.hadoop.crypto.key.KeyProviderCryptoExtension.EncryptedKeyVersion; //导入方法依赖的package包/类
@Test
public void testEncryptDecrypt() throws Exception {
// Get an EEK
KeyProviderCryptoExtension.EncryptedKeyVersion eek =
kpExt.generateEncryptedKey(encryptionKey.getName());
final byte[] encryptedKeyIv = eek.getEncryptedKeyIv();
final byte[] encryptedKeyMaterial = eek.getEncryptedKeyVersion()
.getMaterial();
// Decrypt it manually
Cipher cipher = Cipher.getInstance("AES/CTR/NoPadding");
cipher.init(Cipher.DECRYPT_MODE,
new SecretKeySpec(encryptionKey.getMaterial(), "AES"),
new IvParameterSpec(KeyProviderCryptoExtension.EncryptedKeyVersion
.deriveIV(encryptedKeyIv)));
final byte[] manualMaterial = cipher.doFinal(encryptedKeyMaterial);
// Test the createForDecryption factory method
EncryptedKeyVersion eek2 =
EncryptedKeyVersion.createForDecryption(eek.getEncryptionKeyName(),
eek.getEncryptionKeyVersionName(), eek.getEncryptedKeyIv(),
eek.getEncryptedKeyVersion().getMaterial());
// Decrypt it with the API
KeyVersion decryptedKey = kpExt.decryptEncryptedKey(eek2);
final byte[] apiMaterial = decryptedKey.getMaterial();
assertArrayEquals("Wrong key material from decryptEncryptedKey",
manualMaterial, apiMaterial);
}