public static void Init()
{
GenericTestUtils.AssumeInNativeProfile();
Configuration conf = new Configuration();
codec = CryptoCodec.GetInstance(conf);
}
/// <summary>AES/CTR/NoPadding is required</summary>
public static void CheckCodec(CryptoCodec codec)
{
if (codec.GetCipherSuite() != CipherSuite.AesCtrNopadding)
{
throw new UnsupportedCodecException("AES/CTR/NoPadding is required");
}
}
/// <summary>Test secure random generator</summary>
private void TestSecureRandom(CryptoCodec codec)
{
// len = 16
CheckSecureRandom(codec, 16);
// len = 32
CheckSecureRandom(codec, 32);
// len = 128
CheckSecureRandom(codec, 128);
}
private void AssertIVCalculation(CryptoCodec codec, byte[] initIV, long counter,
byte[] Iv)
{
codec.CalculateIV(initIV, counter, Iv);
BigInteger iv = new BigInteger(1, Iv);
BigInteger @ref = CalculateRef(initIV, counter);
Assert.True("Calculated IV don't match with the reference", iv.
Equals(@ref));
}
private void CheckSecureRandom(CryptoCodec codec, int len)
{
byte[] rand = new byte[len];
byte[] rand1 = new byte[len];
codec.GenerateSecureRandom(rand);
codec.GenerateSecureRandom(rand1);
Assert.Equal(len, rand.Length);
Assert.Equal(len, rand1.Length);
NUnit.Framework.Assert.IsFalse(Arrays.Equals(rand, rand1));
}
public static void Init()
{
Configuration conf = new Configuration();
conf = new Configuration(false);
conf.Set("fs.file.impl", typeof(LocalFileSystem).FullName);
fileSys = FileSystem.GetLocal(conf);
conf.Set(CommonConfigurationKeysPublic.HadoopSecurityCryptoCodecClassesKeyPrefix
+ CipherSuite.AesCtrNopadding.GetConfigSuffix(), typeof(OpensslAesCtrCryptoCodec
).FullName + "," + typeof(JceAesCtrCryptoCodec).FullName);
codec = CryptoCodec.GetInstance(conf);
}
/// <exception cref="System.IO.IOException"/>
public CryptoInputStream(InputStream @in, CryptoCodec codec, int bufferSize, byte
[] key, byte[] iv, long streamOffset)
: base(@in)
{
// Underlying stream offset.
CryptoStreamUtils.CheckCodec(codec);
this.bufferSize = CryptoStreamUtils.CheckBufferSize(codec, bufferSize);
this.codec = codec;
this.key = key.MemberwiseClone();
this.initIV = iv.MemberwiseClone();
this.iv = iv.MemberwiseClone();
this.streamOffset = streamOffset;
isByteBufferReadable = @in is ByteBufferReadable;
isReadableByteChannel = @in is ReadableByteChannel;
inBuffer = ByteBuffer.AllocateDirect(this.bufferSize);
outBuffer = ByteBuffer.AllocateDirect(this.bufferSize);
decryptor = GetDecryptor();
ResetStreamOffset(streamOffset);
}
/// <summary>Get crypto codec for specified algorithm/mode/padding.</summary>
/// <param name="conf">the configuration</param>
/// <param name="cipherSuite">algorithm/mode/padding</param>
/// <returns>
/// CryptoCodec the codec object. Null value will be returned if no
/// crypto codec classes with cipher suite configured.
/// </returns>
public static CryptoCodec GetInstance(Configuration conf, CipherSuite cipherSuite
)
{
IList <Type> klasses = GetCodecClasses(conf, cipherSuite);
if (klasses == null)
{
return(null);
}
CryptoCodec codec = null;
foreach (Type klass in klasses)
{
try
{
CryptoCodec c = ReflectionUtils.NewInstance(klass, conf);
if (c.GetCipherSuite().GetName().Equals(cipherSuite.GetName()))
{
if (codec == null)
{
PerformanceAdvisory.Log.Debug("Using crypto codec {}.", klass.FullName);
codec = c;
}
}
else
{
PerformanceAdvisory.Log.Debug("Crypto codec {} doesn't meet the cipher suite {}."
, klass.FullName, cipherSuite.GetName());
}
}
catch (Exception)
{
PerformanceAdvisory.Log.Debug("Crypto codec {} is not available.", klass.FullName
);
}
}
return(codec);
}
/// <exception cref="System.IO.IOException"/>
public CryptoOutputStream(OutputStream @out, CryptoCodec codec, int bufferSize, byte
[] key, byte[] iv, long streamOffset)
: base(@out)
{
// Underlying stream offset.
CryptoStreamUtils.CheckCodec(codec);
this.bufferSize = CryptoStreamUtils.CheckBufferSize(codec, bufferSize);
this.codec = codec;
this.key = key.MemberwiseClone();
this.initIV = iv.MemberwiseClone();
this.iv = iv.MemberwiseClone();
inBuffer = ByteBuffer.AllocateDirect(this.bufferSize);
outBuffer = ByteBuffer.AllocateDirect(this.bufferSize);
this.streamOffset = streamOffset;
try
{
encryptor = codec.CreateEncryptor();
}
catch (GeneralSecurityException e)
{
throw new IOException(e);
}
UpdateEncryptor();
}
/// <summary>Check and floor buffer size</summary>
public static int CheckBufferSize(CryptoCodec codec, int bufferSize)
{
Preconditions.CheckArgument(bufferSize >= MinBufferSize, "Minimum value of buffer size is "
+ MinBufferSize + ".");
return(bufferSize - bufferSize % codec.GetCipherSuite().GetAlgorithmBlockSize());
}
/// <exception cref="System.IO.IOException"/>
public CryptoInputStream(InputStream @in, CryptoCodec codec, int bufferSize, byte
[] key, byte[] iv)
: this(@in, codec, bufferSize, key, iv, CryptoStreamUtils.GetInputStreamOffset(@in
))
{
}
/// <exception cref="System.IO.IOException"/>
public CryptoInputStream(InputStream @in, CryptoCodec codec, byte[] key, byte[] iv
)
: this(@in, codec, CryptoStreamUtils.GetBufferSize(codec.GetConf()), key, iv)
{
}
public static void Init()
{
Configuration conf = new Configuration();
codec = CryptoCodec.GetInstance(conf);
}
/// <exception cref="System.IO.IOException"/>
public CryptoOutputStream(OutputStream @out, CryptoCodec codec, byte[] key, byte[]
iv)
: this(@out, codec, key, iv, 0)
{
}
/// <exception cref="System.IO.IOException"/>
public CryptoOutputStream(OutputStream @out, CryptoCodec codec, byte[] key, byte[]
iv, long streamOffset)
: this(@out, codec, CryptoStreamUtils.GetBufferSize(codec.GetConf()), key, iv, streamOffset
)
{
}
/// <exception cref="System.IO.IOException"/>
/// <exception cref="GeneralSecurityException"/>
private void CryptoCodecTest(Configuration conf, int seed, int count, string encCodecClass
, string decCodecClass, byte[] iv)
{
CryptoCodec encCodec = null;
try
{
encCodec = (CryptoCodec)ReflectionUtils.NewInstance(conf.GetClassByName(encCodecClass
), conf);
}
catch (TypeLoadException)
{
throw new IOException("Illegal crypto codec!");
}
Log.Info("Created a Codec object of type: " + encCodecClass);
// Generate data
DataOutputBuffer data = new DataOutputBuffer();
RandomDatum.Generator generator = new RandomDatum.Generator(seed);
for (int i = 0; i < count; ++i)
{
generator.Next();
RandomDatum key = generator.GetKey();
RandomDatum value = generator.GetValue();
key.Write(data);
value.Write(data);
}
Log.Info("Generated " + count + " records");
// Encrypt data
DataOutputBuffer encryptedDataBuffer = new DataOutputBuffer();
CryptoOutputStream @out = new CryptoOutputStream(encryptedDataBuffer, encCodec, bufferSize
, key, iv);
@out.Write(data.GetData(), 0, data.GetLength());
@out.Flush();
@out.Close();
Log.Info("Finished encrypting data");
CryptoCodec decCodec = null;
try
{
decCodec = (CryptoCodec)ReflectionUtils.NewInstance(conf.GetClassByName(decCodecClass
), conf);
}
catch (TypeLoadException)
{
throw new IOException("Illegal crypto codec!");
}
Log.Info("Created a Codec object of type: " + decCodecClass);
// Decrypt data
DataInputBuffer decryptedDataBuffer = new DataInputBuffer();
decryptedDataBuffer.Reset(encryptedDataBuffer.GetData(), 0, encryptedDataBuffer.GetLength
());
CryptoInputStream @in = new CryptoInputStream(decryptedDataBuffer, decCodec, bufferSize
, key, iv);
DataInputStream dataIn = new DataInputStream(new BufferedInputStream(@in));
// Check
DataInputBuffer originalData = new DataInputBuffer();
originalData.Reset(data.GetData(), 0, data.GetLength());
DataInputStream originalIn = new DataInputStream(new BufferedInputStream(originalData
));
for (int i_1 = 0; i_1 < count; ++i_1)
{
RandomDatum k1 = new RandomDatum();
RandomDatum v1 = new RandomDatum();
k1.ReadFields(originalIn);
v1.ReadFields(originalIn);
RandomDatum k2 = new RandomDatum();
RandomDatum v2 = new RandomDatum();
k2.ReadFields(dataIn);
v2.ReadFields(dataIn);
Assert.True("original and encrypted-then-decrypted-output not equal"
, k1.Equals(k2) && v1.Equals(v2));
// original and encrypted-then-decrypted-output have the same hashCode
IDictionary <RandomDatum, string> m = new Dictionary <RandomDatum, string>();
m[k1] = k1.ToString();
m[v1] = v1.ToString();
string result = m[k2];
Assert.Equal("k1 and k2 hashcode not equal", result, k1.ToString
());
result = m[v2];
Assert.Equal("v1 and v2 hashcode not equal", result, v1.ToString
());
}
// Decrypt data byte-at-a-time
originalData.Reset(data.GetData(), 0, data.GetLength());
decryptedDataBuffer.Reset(encryptedDataBuffer.GetData(), 0, encryptedDataBuffer.GetLength
());
@in = new CryptoInputStream(decryptedDataBuffer, decCodec, bufferSize, key, iv);
// Check
originalIn = new DataInputStream(new BufferedInputStream(originalData));
int expected;
do
{
expected = originalIn.Read();
Assert.Equal("Decrypted stream read by byte does not match", expected
, @in.Read());
}while (expected != -1);
// Seek to a certain position and decrypt
originalData.Reset(data.GetData(), 0, data.GetLength());
decryptedDataBuffer.Reset(encryptedDataBuffer.GetData(), 0, encryptedDataBuffer.GetLength
());
@in = new CryptoInputStream(new TestCryptoStreams.FakeInputStream(decryptedDataBuffer
), decCodec, bufferSize, key, iv);
int seekPos = data.GetLength() / 3;
@in.Seek(seekPos);
// Check
TestCryptoStreams.FakeInputStream originalInput = new TestCryptoStreams.FakeInputStream
(originalData);
originalInput.Seek(seekPos);
do
{
expected = originalInput.Read();
Assert.Equal("Decrypted stream read by byte does not match", expected
, @in.Read());
}while (expected != -1);
Log.Info("SUCCESS! Completed checking " + count + " records");
// Check secure random generator
TestSecureRandom(encCodec);
}