Start line:  
End line:  

Snippet Preview

Snippet HTML Code

Stack Overflow Questions
  /*
   * Copyright 2013-2015 Amazon.com, Inc. or its affiliates. All Rights Reserved.
   *
   * Licensed under the Apache License, Version 2.0 (the "License").
   * You may not use this file except in compliance with the License.
   * A copy of the License is located at
   *
   *  http://aws.amazon.com/apache2.0
   *
  * or in the "license" file accompanying this file. This file is distributed
  * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
  * express or implied. See the License for the specific language governing
  * permissions and limitations under the License.
  */
 package com.amazonaws.services.s3.internal.crypto;
 
 
Functions like a javax.crypto.Cipher but provides only a subset of all the interface methods of javax.crypto.Cipher. This class is intended to be used in lieu of the underlying Cipher directly whenever applicable. For example, this class makes it easy to generate an inverse cipher, or to create an "auxiliary" cipher for use with get-range or multi-part upload operations. A subclass may also support the mark and reset operations to enable parts of a plaintext to be re-processed which is useful for error recovery typical when network transmission is involved.

However a cipher lite, unlike a javax.crypto.Cipher, can only be used once, and cannot be reused after the doFinal() methods have been invoked. In other words, it is NOT true that, upon finishing, the doFinal method will reset the cipher lite object to the state it was in when first constructed.

Author(s):
Hanson Char
See also:
GCMCipherLite
 
 class CipherLite {
    
A no-op implementation.
 
     static final CipherLite Null = new CipherLite() {
         @Override
         CipherLite createAuxiliary(long startingBytePos) {
             return this;
         }
 
         @Override
         CipherLite createInverse() {
             return this;
         }
     };
     private final Cipher cipher;
     private final ContentCryptoScheme scheme;
     private final SecretKey secreteKey;
     private final int cipherMode;
 
     private CipherLite() {
         this. = new NullCipher();
         this. = null;
         this. = null;
         this. = -1;
     }
 
     CipherLite(Cipher cipherContentCryptoScheme scheme,
             SecretKey secreteKeyint cipherMode) {
         this. = cipher;
         this. = scheme;
         this. = secreteKey;
         this. = cipherMode;
     }

    
Recreates a new instance of CipherLite from the current one.
 
     CipherLite recreate() {
         return .createCipherLite(.getIV(),
                 this..getProvider());
     }

    
Creates a new instance of CipherLite from the current one, but using the given IV.
 
     CipherLite createUsingIV(byte[] iv) {
         return .createCipherLite(ivthis.,
                 .getProvider());
     }

    
Returns an auxiliary CipherLite for partial plaintext re-encryption (or re-decryption) purposes.

Parameters:
startingBytePos the starting byte position of the plaintext. Must be a multiple of the cipher block size.
    CipherLite createAuxiliary(long startingBytePos)
            throws InvalidKeyExceptionNoSuchAlgorithmException,
            InvalidAlgorithmParameterException {
                .getProvider(), startingBytePos);
    }

    
Returns the inverse of the current CipherLite.
        int inversedMode;
        if ( == .)
            inversedMode = .;
        else if ( == .)
            inversedMode = .;
        else
            throw new UnsupportedOperationException();
        return .createCipherLite(.getIV(),
                inversedMode.getProvider());
    }

    
Finishes a multiple-part encryption or decryption operation, depending on how the underlying cipher was initialized.

Input data that may have been buffered during a previous update operation is processed, with padding (if requested) being applied. If an AEAD mode such as GCM/CCM is being used, the authentication tag is appended in the case of encryption, or verified in the case of decryption. The result is stored in a new buffer.

Note: if any exception is thrown, a new instance of this cipher lite object may need to be constructed before it can be used again. be reconstructed before it can be used again.

Returns:
the new buffer with the result
Throws:
java.lang.IllegalStateException if this cipher is in a wrong state (e.g., has not been initialized)
javax.crypto.IllegalBlockSizeException if this cipher is a block cipher, no padding has been requested (only in encryption mode), and the total input length of the data processed by this cipher is not a multiple of block size; or if this encryption algorithm is unable to process the input data provided.
javax.crypto.BadPaddingException if this cipher is in decryption mode, and (un)padding has been requested, but the decrypted data is not bounded by the appropriate padding bytes
BadTagException if this cipher is decrypting in an AEAD mode (such as GCM/CCM), and the received authentication tag does not match the calculated value
    byte[] doFinal() throws IllegalBlockSizeException,
            BadPaddingException {
        return .doFinal();
    }

    
Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation. The data is encrypted or decrypted, depending on how the underlying cipher was initialized.

The bytes in the input buffer, and any input bytes that may have been buffered during a previous update operation, are processed, with padding (if requested) being applied. If an AEAD mode such as GCM/CCM is being used, the authentication tag is appended in the case of encryption, or verified in the case of decryption. The result is stored in a new buffer.

Note: if any exception is thrown, a new instance of this cipher lite object may need to be constructed before it can be used again.

Parameters:
input the input buffer
Returns:
the new buffer with the result
Throws:
java.lang.IllegalStateException if this cipher is in a wrong state (e.g., has not been initialized)
javax.crypto.IllegalBlockSizeException if this cipher is a block cipher, no padding has been requested (only in encryption mode), and the total input length of the data processed by this cipher is not a multiple of block size; or if this encryption algorithm is unable to process the input data provided.
javax.crypto.BadPaddingException if this cipher is in decryption mode, and (un)padding has been requested, but the decrypted data is not bounded by the appropriate padding bytes; or if this cipher is decrypting in an AEAD mode (such as GCM/CCM), and the received authentication tag does not match the calculated value
    byte[] doFinal(byte[] inputthrows IllegalBlockSizeException,
            BadPaddingException {
        return .doFinal(input);
    }

    
Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation. The data is encrypted or decrypted, depending on how the underlying cipher was initialized.

The first inputLen bytes in the input buffer, starting at inputOffset inclusive, and any input bytes that may have been buffered during a previous update operation, are processed, with padding (if requested) being applied. If an AEAD mode such as GCM/CCM is being used, the authentication tag is appended in the case of encryption, or verified in the case of decryption. The result is stored in a new buffer.

Note: if any exception is thrown, a new instance of this cipher lite object may need to be constructed before it can be used again.

Parameters:
input the input buffer
inputOffset the offset in input where the input starts
inputLen the input length
Returns:
the new buffer with the result
Throws:
java.lang.IllegalStateException if this cipher is in a wrong state (e.g., has not been initialized)
javax.crypto.IllegalBlockSizeException if this cipher is a block cipher, no padding has been requested (only in encryption mode), and the total input length of the data processed by this cipher is not a multiple of block size; or if this encryption algorithm is unable to process the input data provided.
javax.crypto.BadPaddingException if this cipher is in decryption mode, and (un)padding has been requested, but the decrypted data is not bounded by the appropriate padding bytes; or if this cipher is decrypting in an AEAD mode (such as GCM/CCM), and the received authentication tag does not match the calculated value
    byte[] doFinal(byte[] inputint inputOffsetint inputLen)
            throws IllegalBlockSizeExceptionBadPaddingException {
        return .doFinal(inputinputOffsetinputLen);
    }

    
Continues a multiple-part encryption or decryption operation (depending on how the underlying cipher was initialized), processing another data part.

The first inputLen bytes in the input buffer, starting at inputOffset inclusive, are processed, and the result is stored in a new buffer.

If inputLen is zero, this method returns null.

Parameters:
input the input buffer
inputOffset the offset in input where the input starts
inputLen the input length
Returns:
the new buffer with the result, or null if the underlying cipher is a block cipher and the input data is too short to result in a new block.
Throws:
java.lang.IllegalStateException if the underlying cipher is in a wrong state (e.g., has not been initialized)
    byte[] update(byte[] inputint inputOffsetint inputLen) {
        return .update(inputinputOffsetinputLen);
    }

    
Returns the algorithm name of the underlying cipher.
    final String getCipherAlgorithm() {
        return .getAlgorithm();
    }

    
Returns the provider of the underlying cipher.
    final Provider getCipherProvider() {
        return .getProvider();
    }

    
Returns the standard algorithm name for the secret key. For example, "DSA" would indicate that this key is a DSA key. See Appendix A in the Java Cryptography Architecture API Specification & Reference for information about standard algorithm names.
    final String getSecretKeyAlgorithm() {
        return .getAlgorithm();
    }

    
This method is provided only for testing purposes. The CipherLite is intended to be used in lieu of the underlying Cipher.
    final Cipher getCipher() {
        return ;
    }
        return ;
    }

    
Returns the initialization vector (IV) in a new buffer.

This is useful in the case where a random IV was created, or in the context of password-based encryption or decryption, where the IV is derived from a user-supplied password.

Returns:
the initialization vector in a new buffer, or null if the underlying algorithm does not use an IV, or if the IV has not yet been set.
    final byte[] getIV() {
        return .getIV();
    }

    
Returns the block size (in bytes).

Returns:
the block size (in bytes), or 0 if the underlying algorithm is not a block cipher
    final int getBlockSize() {
        return .getBlockSize();
    }
    final int getCipherMode() {
        return ;
    }

    
Tests if this cipher lite supports the mark and reset methods. Returns false by default, but subclass may override.
    boolean markSupported() { return false; }

    
Marks the current position in this cipher lite. A subsequent call to the reset method repositions this cipher lite at the last marked position so that subsequent crypto operations will be logically performed in an idempotent manner as if the cipher has been rewinded back to the marked position.

The general contract of mark is that, if the method markSupported returns true, the cipher lite somehow remembers the internal state after the call to mark and stands ready to restore to the internal state so that it would be able to produce the same output given the same input again if and whenever the method reset is called.

Returns:
the current position marked or -1 if mark/reset is not supported.
    long mark() { return -1; }

    
Repositions this cipher lite to the position at the time the mark method was last called.

The general contract of reset is:

  • If the method markSupported returns true, then the cipher lite is reset to the internal state since the most recent call to mark (or since the start of the input data, if mark has not been called), so that subsequent callers of the udpate or doFinal method would produce the same output given the same input data identical to the input data after the mark method was last called..
  • If the method markSupported returns false, then the call to reset may throw an IllegalStateException.
    void reset() {
        throw new IllegalStateException("mark/reset not supported");
    }
    int getOutputSize(int inputLen) {
        return .getOutputSize(inputLen);
    }
New to GrepCode? Check out our FAQ X