CryptoCodec (Apache Hadoop Common 3.4.1.200-dep-1000 API)

java.lang.Object
- org.apache.hadoop.crypto.CryptoCodec

All Implemented Interfaces:

java.io.Closeable, java.lang.AutoCloseable, Configurable

Direct Known Subclasses:

JceCtrCryptoCodec, OpensslCtrCryptoCodec
```
@Private
@Evolving
public abstract class CryptoCodec
extends java.lang.Object
implements Configurable, java.io.Closeable
```
Crypto codec class, encapsulates encryptor/decryptor pair.

Field Summary

Fields
Modifier and Type Field Description

static org.slf4j.Logger LOG

Fields
Modifier and Type	Field	Description
`static org.slf4j.Logger`	`LOG`

Constructor Summary

Constructors
Constructor Description

CryptoCodec()

Constructors
Constructor	Description
`CryptoCodec()`

Method Summary

All Methods Static Methods Instance Methods Abstract Methods Concrete Methods
Modifier and Type	Method	Description
`abstract void`	`calculateIV(byte[] initIV, long counter, byte[] IV)`	This interface is only for Counter (CTR) mode.
`abstract Decryptor`	`createDecryptor()`	Create a `Decryptor`.
`abstract Encryptor`	`createEncryptor()`	Create a `Encryptor`.
`abstract void`	`generateSecureRandom(byte[] bytes)`	Generate a number of secure, random bytes suitable for cryptographic use.
`abstract CipherSuite`	`getCipherSuite()`
`static CryptoCodec`	`getInstance(Configuration conf)`	Get crypto codec for algorithm/mode/padding in config value hadoop.security.crypto.cipher.suite
`static CryptoCodec`	`getInstance(Configuration conf, CipherSuite cipherSuite)`	Get crypto codec for specified algorithm/mode/padding.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface java.io.Closeable
close

Methods inherited from interface org.apache.hadoop.conf.Configurable
getConf, setConf

- Field Detail
  - LOG
```
public static org.slf4j.Logger LOG
```
- Constructor Detail
  - CryptoCodec
```
public CryptoCodec()
```
- Method Detail
  - getInstance
```
public static CryptoCodec getInstance(Configuration conf,
                                      CipherSuite cipherSuite)
```
    Get crypto codec for specified algorithm/mode/padding.
    
    Parameters:
    
    conf - the configuration
    
    cipherSuite - algorithm/mode/padding
    
    Returns:
    
    CryptoCodec the codec object. Null value will be returned if no crypto codec classes with cipher suite configured.
  - getInstance
```
public static CryptoCodec getInstance(Configuration conf)
```
    Get crypto codec for algorithm/mode/padding in config value hadoop.security.crypto.cipher.suite
    
    Parameters:
    
    conf - the configuration
    
    Returns:
    
    CryptoCodec the codec object Null value will be returned if no crypto codec classes with cipher suite configured.
  - getCipherSuite
```
public abstract CipherSuite getCipherSuite()
```
    Returns:
    
    the CipherSuite for this codec.
  - createEncryptor
```
public abstract Encryptor createEncryptor()
                                   throws java.security.GeneralSecurityException
```
    Create a Encryptor.
    
    Returns:
    
    Encryptor the encryptor.
    
    Throws:
    
    java.security.GeneralSecurityException - thrown if create encryptor error.
  - createDecryptor
```
public abstract Decryptor createDecryptor()
                                   throws java.security.GeneralSecurityException
```
    Create a Decryptor.
    
    Returns:
    
    Decryptor the decryptor
    
    Throws:
    
    java.security.GeneralSecurityException - thrown if create decryptor error.
  - calculateIV
```
public abstract void calculateIV(byte[] initIV,
                                 long counter,
                                 byte[] IV)
```
    This interface is only for Counter (CTR) mode. Generally the Encryptor or Decryptor calculates the IV and maintain encryption context internally. For example a Cipher will maintain its encryption context internally when we do encryption/decryption using the Cipher#update interface.
    Encryption/Decryption is not always on the entire file. For example, in Hadoop, a node may only decrypt a portion of a file (i.e. a split). In these situations, the counter is derived from the file position.
    The IV can be calculated by combining the initial IV and the counter with a lossless operation (concatenation, addition, or XOR). See http://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Counter_ .28CTR.29
    
    Parameters:
    
    initIV - initial IV
    
    counter - counter for input stream position
    
    IV - the IV for input stream position
  - generateSecureRandom
```
public abstract void generateSecureRandom(byte[] bytes)
```
    Generate a number of secure, random bytes suitable for cryptographic use. This method needs to be thread-safe.
    
    Parameters:
    
    bytes - byte array to populate with random data

Class CryptoCodec

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Methods inherited from interface java.io.Closeable

Methods inherited from interface org.apache.hadoop.conf.Configurable

Field Detail

LOG

Constructor Detail

CryptoCodec

Method Detail

getInstance

getInstance

getCipherSuite

createEncryptor

createDecryptor

calculateIV

generateSecureRandom