Package org.jgroups.protocols
Class Encrypt<E extends java.security.KeyStore.Entry>
- java.lang.Object
-
- org.jgroups.stack.Protocol
-
- org.jgroups.protocols.Encrypt<E>
-
- Direct Known Subclasses:
ASYM_ENCRYPT
,SYM_ENCRYPT
public abstract class Encrypt<E extends java.security.KeyStore.Entry> extends Protocol
Super class of symmetric (SYM_ENCRYPT
) and asymmetric (ASYM_ENCRYPT
) encryption protocols.- Author:
- Bela Ban
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description protected class
Encrypt.Decrypter
Decrypts all messages in a batch, replacing encrypted messages in-place with their decrypted versions
-
Field Summary
Fields Modifier and Type Field Description protected java.lang.String
asym_algorithm
protected int
asym_keylength
protected int
cipher_pool_size
protected java.util.concurrent.BlockingQueue<javax.crypto.Cipher>
decoding_ciphers
protected static java.lang.String
DEFAULT_SYM_ALGO
protected java.util.concurrent.BlockingQueue<javax.crypto.Cipher>
encoding_ciphers
protected boolean
encrypt_entire_message
Deprecated.protected java.util.Map<AsciiString,java.security.Key>
key_map
protected int
key_map_max_size
protected Address
local_addr
protected java.lang.String
provider
protected java.security.Key
secret_key
protected java.security.SecureRandom
secure_random
protected boolean
sign_msgs
Deprecated.protected java.lang.String
sym_algorithm
protected int
sym_iv_length
protected int
sym_keylength
protected byte[]
sym_version
protected boolean
use_adler
Deprecated.protected View
view
-
Fields inherited from class org.jgroups.stack.Protocol
after_creation_hook, down_prot, ergonomics, id, log, stack, stats, up_prot
-
-
Constructor Summary
Constructors Constructor Description Encrypt()
-
Method Summary
All Methods Static Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description protected Message
_decrypt(javax.crypto.Cipher cipher, java.security.Key key, Message msg, byte[] iv)
java.lang.String
asymAlgorithm()
<T extends Encrypt<E>>
TasymAlgorithm(java.lang.String alg)
int
asymKeylength()
<T extends Encrypt<E>>
TasymKeylength(int len)
protected byte[]
code(byte[] buf, int offset, int length, byte[] iv, boolean decode)
protected javax.crypto.Cipher
createCipher(java.lang.String algorithm)
protected Message
decryptMessage(javax.crypto.Cipher cipher, Message msg)
Does the actual work for decrypting - if version does not match current cipher then tries the previous cipherjava.lang.Object
down(Event evt)
An event is to be sent down the stack.java.lang.Object
down(Message msg)
A message is sent down the stack.protected Message
encrypt(Message msg)
protected void
encryptAndSend(Message msg)
protected static java.lang.String
getAlgorithm(java.lang.String s)
protected static java.lang.String
getModeAndPadding(java.lang.String s)
protected java.lang.Object
handleEncryptedMessage(Message msg)
protected void
handleView(View view)
void
init()
Called after instance has been created (null constructor) and before protocol is started.protected void
initCipher(javax.crypto.Cipher cipher, int mode, java.security.Key secret_key, byte[] iv)
protected void
initSymCiphers(java.lang.String algorithm, java.security.Key secret)
Initialises the ciphers for both encryption and decryption using the generated or supplied secret keyprotected boolean
inView(Address sender, java.lang.String error_msg)
<T extends Encrypt<E>>
TlocalAddress(Address addr)
protected byte[]
makeIv()
java.lang.String
printCachedGroupKeys()
java.security.Key
secretKey()
java.security.SecureRandom
secureRandom()
<T extends Encrypt<E>>
TsecureRandom(java.security.SecureRandom sr)
Allows callers to replace secure_random with impl of their choice, e.g.abstract void
setKeyStoreEntry(E entry)
Sets the key store entry used to configure this protocol.int
simIvLength()
java.lang.String
symAlgorithm()
<T extends Encrypt<E>>
TsymAlgorithm(java.lang.String alg)
<T extends Encrypt<E>>
TsymIvLength(int len)
java.lang.String
symKeyAlgorithm()
int
symKeylength()
<T extends Encrypt<E>>
TsymKeylength(int len)
byte[]
symVersion()
java.lang.Object
up(Event evt)
An event was received from the protocol below.java.lang.Object
up(Message msg)
A single message was received.void
up(MessageBatch batch)
Sends up a multiple messages in aMessageBatch
.java.lang.String
version()
-
Methods inherited from class org.jgroups.stack.Protocol
accept, afterCreationHook, destroy, enableStats, getConfigurableObjects, getDownProtocol, getDownServices, getId, getIdsAbove, getLevel, getLog, getName, getProtocolStack, getSocketFactory, getThreadFactory, getTransport, getUpProtocol, getUpServices, getValue, isErgonomics, level, parse, providedDownServices, providedUpServices, requiredDownServices, requiredUpServices, resetStatistics, resetStats, setDownProtocol, setErgonomics, setId, setLevel, setProtocolStack, setSocketFactory, setUpProtocol, setValue, start, statsEnabled, stop
-
-
-
-
Field Detail
-
DEFAULT_SYM_ALGO
protected static final java.lang.String DEFAULT_SYM_ALGO
- See Also:
- Constant Field Values
-
provider
protected java.lang.String provider
-
asym_algorithm
protected java.lang.String asym_algorithm
-
sym_algorithm
protected java.lang.String sym_algorithm
-
sym_iv_length
protected int sym_iv_length
-
asym_keylength
protected int asym_keylength
-
sym_keylength
protected int sym_keylength
-
cipher_pool_size
protected int cipher_pool_size
-
encrypt_entire_message
@Deprecated protected boolean encrypt_entire_message
Deprecated.
-
sign_msgs
@Deprecated protected boolean sign_msgs
Deprecated.
-
use_adler
@Deprecated protected boolean use_adler
Deprecated.
-
key_map_max_size
protected int key_map_max_size
-
local_addr
protected volatile Address local_addr
-
view
protected volatile View view
-
encoding_ciphers
protected volatile java.util.concurrent.BlockingQueue<javax.crypto.Cipher> encoding_ciphers
-
decoding_ciphers
protected volatile java.util.concurrent.BlockingQueue<javax.crypto.Cipher> decoding_ciphers
-
sym_version
protected volatile byte[] sym_version
-
secret_key
protected volatile java.security.Key secret_key
-
key_map
protected java.util.Map<AsciiString,java.security.Key> key_map
-
secure_random
protected java.security.SecureRandom secure_random
-
-
Method Detail
-
setKeyStoreEntry
public abstract void setKeyStoreEntry(E entry)
Sets the key store entry used to configure this protocol.- Parameters:
entry
- a key store entry
-
asymKeylength
public int asymKeylength()
-
symKeylength
public int symKeylength()
-
secretKey
public java.security.Key secretKey()
-
symAlgorithm
public java.lang.String symAlgorithm()
-
symKeyAlgorithm
public java.lang.String symKeyAlgorithm()
-
simIvLength
public int simIvLength()
-
asymAlgorithm
public java.lang.String asymAlgorithm()
-
symVersion
public byte[] symVersion()
-
secureRandom
public java.security.SecureRandom secureRandom()
-
secureRandom
public <T extends Encrypt<E>> T secureRandom(java.security.SecureRandom sr)
Allows callers to replace secure_random with impl of their choice, e.g. for performance reasons.
-
version
public java.lang.String version()
-
printCachedGroupKeys
public java.lang.String printCachedGroupKeys()
-
init
public void init() throws java.lang.Exception
Description copied from class:Protocol
Called after instance has been created (null constructor) and before protocol is started. Properties are already set. Other protocols are not yet connected and events cannot yet be sent.
-
down
public java.lang.Object down(Event evt)
Description copied from class:Protocol
An event is to be sent down the stack. A protocol may want to examine its type and perform some action on it, depending on the event's type. If the event is a message MSG, then the protocol may need to add a header to it (or do nothing at all) before sending it down the stack usingdown_prot.down()
.
-
down
public java.lang.Object down(Message msg)
Description copied from class:Protocol
A message is sent down the stack. Protocols may examine the message and do something (e.g. add a header) with it before passing it down.
-
up
public java.lang.Object up(Event evt)
Description copied from class:Protocol
An event was received from the protocol below. Usually the current protocol will want to examine the event type and - depending on its type - perform some computation (e.g. removing headers from a MSG event type, or updating the internal membership list when receiving a VIEW_CHANGE event). Finally the event is either a) discarded, or b) an event is sent down the stack usingdown_prot.down()
or c) the event (or another event) is sent up the stack usingup_prot.up()
.
-
up
public java.lang.Object up(Message msg)
Description copied from class:Protocol
A single message was received. Protocols may examine the message and do something (e.g. add a header) with it before passing it up.
-
up
public void up(MessageBatch batch)
Description copied from class:Protocol
Sends up a multiple messages in aMessageBatch
. The sender of the batch is always the same, and so is the destination (null == multicast messages). Messages in a batch can be OOB messages, regular messages, or mixed messages, although the transport itself will create initial MessageBatches that contain only either OOB or regular messages. The default processing below sends messages up the stack individually, based on a matching criteria (callingProtocol.accept(org.jgroups.Message)
), and - if true - callsProtocol.up(org.jgroups.Event)
for that message and removes the message. If the batch is not empty, it is passed up, or else it is dropped. Subclasses should check if there are any messages destined for them (e.g. usingMessageBatch.getMatchingMessages(short,boolean)
), then possibly remove and process them and finally pass the batch up to the next protocol. Protocols can also modify messages in place, e.g. ENCRYPT could decrypt all encrypted messages in the batch, not remove them, and pass the batch up when done.
-
initSymCiphers
protected void initSymCiphers(java.lang.String algorithm, java.security.Key secret) throws java.lang.Exception
Initialises the ciphers for both encryption and decryption using the generated or supplied secret key- Throws:
java.lang.Exception
-
createCipher
protected javax.crypto.Cipher createCipher(java.lang.String algorithm) throws java.lang.Exception
- Throws:
java.lang.Exception
-
initCipher
protected void initCipher(javax.crypto.Cipher cipher, int mode, java.security.Key secret_key, byte[] iv) throws java.lang.Exception
- Throws:
java.lang.Exception
-
makeIv
protected byte[] makeIv()
-
handleEncryptedMessage
protected java.lang.Object handleEncryptedMessage(Message msg) throws java.lang.Exception
- Throws:
java.lang.Exception
-
handleView
protected void handleView(View view)
-
inView
protected boolean inView(Address sender, java.lang.String error_msg)
-
decryptMessage
protected Message decryptMessage(javax.crypto.Cipher cipher, Message msg) throws java.lang.Exception
Does the actual work for decrypting - if version does not match current cipher then tries the previous cipher- Throws:
java.lang.Exception
-
_decrypt
protected Message _decrypt(javax.crypto.Cipher cipher, java.security.Key key, Message msg, byte[] iv) throws java.lang.Exception
- Throws:
java.lang.Exception
-
encrypt
protected Message encrypt(Message msg) throws java.lang.Exception
- Throws:
java.lang.Exception
-
encryptAndSend
protected void encryptAndSend(Message msg) throws java.lang.Exception
- Throws:
java.lang.Exception
-
code
protected byte[] code(byte[] buf, int offset, int length, byte[] iv, boolean decode) throws java.lang.Exception
- Throws:
java.lang.Exception
-
getAlgorithm
protected static java.lang.String getAlgorithm(java.lang.String s)
-
getModeAndPadding
protected static java.lang.String getModeAndPadding(java.lang.String s)
-
-