List of usage examples for org.apache.commons.crypto.random CryptoRandom nextBytes
void nextBytes(byte[] bytes);
From source file:org.apache.hadoop.hbase.ipc.ServerRpcConnection.java
/** * Set up cipher for rpc encryption with Apache Commons Crypto * * @throws FatalConnectionException/* ww w .j a va 2 s. c om*/ */ private void setupCryptoCipher(final ConnectionHeader header, RPCProtos.ConnectionHeaderResponse.Builder chrBuilder) throws FatalConnectionException { // If simple auth, return if (saslServer == null) return; // check if rpc encryption with Crypto AES String qop = saslServer.getNegotiatedQop(); boolean isEncryption = SaslUtil.QualityOfProtection.PRIVACY.getSaslQop().equalsIgnoreCase(qop); boolean isCryptoAesEncryption = isEncryption && this.rpcServer.conf.getBoolean("hbase.rpc.crypto.encryption.aes.enabled", false); if (!isCryptoAesEncryption) return; if (!header.hasRpcCryptoCipherTransformation()) return; String transformation = header.getRpcCryptoCipherTransformation(); if (transformation == null || transformation.length() == 0) return; // Negotiates AES based on complete saslServer. // The Crypto metadata need to be encrypted and send to client. Properties properties = new Properties(); // the property for SecureRandomFactory properties.setProperty(CryptoRandomFactory.CLASSES_KEY, this.rpcServer.conf.get("hbase.crypto.sasl.encryption.aes.crypto.random", "org.apache.commons.crypto.random.JavaCryptoRandom")); // the property for cipher class properties.setProperty(CryptoCipherFactory.CLASSES_KEY, this.rpcServer.conf .get("hbase.rpc.crypto.encryption.aes.cipher.class", "org.apache.commons.crypto.cipher.JceCipher")); int cipherKeyBits = this.rpcServer.conf.getInt("hbase.rpc.crypto.encryption.aes.cipher.keySizeBits", 128); // generate key and iv if (cipherKeyBits % 8 != 0) { throw new IllegalArgumentException("The AES cipher key size in bits" + " should be a multiple of byte"); } int len = cipherKeyBits / 8; byte[] inKey = new byte[len]; byte[] outKey = new byte[len]; byte[] inIv = new byte[len]; byte[] outIv = new byte[len]; try { // generate the cipher meta data with SecureRandom CryptoRandom secureRandom = CryptoRandomFactory.getCryptoRandom(properties); secureRandom.nextBytes(inKey); secureRandom.nextBytes(outKey); secureRandom.nextBytes(inIv); secureRandom.nextBytes(outIv); // create CryptoAES for server cryptoAES = new CryptoAES(transformation, properties, inKey, outKey, inIv, outIv); // create SaslCipherMeta and send to client, // for client, the [inKey, outKey], [inIv, outIv] should be reversed RPCProtos.CryptoCipherMeta.Builder ccmBuilder = RPCProtos.CryptoCipherMeta.newBuilder(); ccmBuilder.setTransformation(transformation); ccmBuilder.setInIv(getByteString(outIv)); ccmBuilder.setInKey(getByteString(outKey)); ccmBuilder.setOutIv(getByteString(inIv)); ccmBuilder.setOutKey(getByteString(inKey)); chrBuilder.setCryptoCipherMeta(ccmBuilder); useCryptoAesWrap = true; } catch (GeneralSecurityException | IOException ex) { throw new UnsupportedCryptoException(ex.getMessage(), ex); } }
From source file:org.apache.spark.network.sasl.aes.AesCipher.java
/** * Create the configuration message/*w ww .j av a2s . com*/ * @param conf is the local transport configuration. * @return Config message for sending. */ public static AesConfigMessage createConfigMessage(TransportConf conf) { int keySize = conf.aesCipherKeySize(); Properties properties = conf.cryptoConf(); try { int paramLen = CryptoCipherFactory.getCryptoCipher(AesCipher.TRANSFORM, properties).getBlockSize(); byte[] inKey = new byte[keySize]; byte[] outKey = new byte[keySize]; byte[] inIv = new byte[paramLen]; byte[] outIv = new byte[paramLen]; CryptoRandom random = CryptoRandomFactory.getCryptoRandom(properties); random.nextBytes(inKey); random.nextBytes(outKey); random.nextBytes(inIv); random.nextBytes(outIv); return new AesConfigMessage(inKey, inIv, outKey, outIv); } catch (Exception e) { logger.error("AES config error", e); throw Throwables.propagate(e); } }