org.openadaptor.security
Class EncryptionOutputStreamComponent

java.lang.Object
  java.io.OutputStream
      org.openadaptor.util.PipelineOutputStream
          org.openadaptor.security.AbstractSecurityOutputStreamComponent
              org.openadaptor.security.EncryptionOutputStreamComponent

All Implemented Interfaces:

java.io.Closeable, java.io.Flushable, SecurityComponent, SecurityOutputStreamComponent, OutputStreamComponent

public class EncryptionOutputStreamComponent
extends AbstractSecurityOutputStreamComponent

Implements a 'Encrypt' OutputStreamComponent which writes out a line of header information, Then encrypts the byte[] passed through it and passes the encrypted bytes[] onto the down stream component. The header information is passed when the StartDataBlock() is called The byte[] array passed are encrypted until the finishDataBlock is called EncryptionOutputStreamComponent - Implements a 'Encrypt' OutputStreamComponent This component encrypts all the bytes flowing through it until the finishDataBlock() call is made. The encryption is done using the Cipher object created at start. The algorithm and provider to be used to create the Cipher is read by this component from the policy passed to it. This component also creates a header packet in which it stores the information like the Algorithm and the Provider used. Additionally it stores the ID of the SecureKey which it has used to do the encryption This Key is stored in the security server from which the counterpart object EncryptionInputStream retrieves it.

Author:

Rajiv Ramachandran, Colin Prosser

See Also:

EncryptionInputStreamComponent, Cipher, CipherOutputStream, Header, Footer

Field Summary

protected javax.crypto.Cipher	_cipher Cipher Algoritm Implementation
protected javax.crypto.CipherOutputStream	_cos Cipher Encrypting OutputStream
protected javax.crypto.spec.IvParameterSpec	_iv
protected java.security.AlgorithmParameters	_params Cipher Algorithm parameters
protected SecureKey	_secureKey Key to be used for encryption obtained from Security Server
static java.lang.String	CHUNK_SIZE
(package private) static org.apache.log4j.Logger	log
static byte[]	TRAILER

Fields inherited from class org.openadaptor.security.AbstractSecurityOutputStreamComponent

_agent

Fields inherited from class org.openadaptor.util.PipelineOutputStream

_inDataBlock, _out

Fields inherited from interface org.openadaptor.security.interfaces.SecurityComponent

ALGORITHM_HD_ATTR, CIPHER_DECRYPT_OPERATION, CIPHER_ENCRYPT_OPERATION, DEFAULT_CIPHER_ALGO, DEFAULT_CIPHER_PROVIDER, DEFAULT_DIGEST_ALGO, DEFAULT_DIGEST_PROVIDER, DEFAULT_KEY_EXPIRY, DEFAULT_SIGN_ALGO, DEFAULT_SIGN_PROVIDER, DIGEST_FT_ATTR, DIGEST_SECURITY_OPERATION, KEYID_HD_ATTR, PARAMS_DATA_HD_ATTR, PARAMS_TYPE_HD_ATTR, PROVIDER_HD_ATTR, SIGN_FT_ATTR, SIGN_SECURITY_OPERATION

Constructor Summary

EncryptionOutputStreamComponent(OutputStreamComponent output)
Default constructor for a pipeline.

Method Summary

protected java.lang.String	base64Encode(byte[] data) Base64 encode a byte[] array in a String.
void	finishDataBlock() Finish off the current data block being output.
static void	main(java.lang.String[] args)
void	processWrite(byte[] b, int off, int len) True write method.
void	processWrite(int b) Writes the Byte[] into the Output Stream - Using Cipher Output Stream
protected void	reInitCipher() Re-initialize the Cipher.
protected void	setCipherParameters() Determines the Cipher parameters, such as an IV, by performing a test encryption.
void	setOutputStream(OutputStreamComponent output) Sets the output component.
void	setSecurity(Policy policy, OASecurityManager securityManager) Initializes the Encryption - SecurityAgent.
protected byte[]	simpleEncrypt(byte[] data) Try encrypting data with fixed algorithm that does not require IV or other parameters.
void	startDataBlock() Start processing a new data block.

Methods inherited from class org.openadaptor.security.AbstractSecurityOutputStreamComponent

getPolicy, getSecurityManager, processWrite, setSecurityOperation, setUnsetParameters, write, write, write

Methods inherited from class org.openadaptor.util.PipelineOutputStream

asOutputStream, close, flush, getOutputStream, isInDataBlock

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.openadaptor.util.OutputStreamComponent

asOutputStream, close, flush, getOutputStream, isInDataBlock

Field Detail

log

static org.apache.log4j.Logger log

TRAILER

public static final byte[] TRAILER

CHUNK_SIZE

public static final java.lang.String CHUNK_SIZE

See Also:

Constant Field Values

_cipher

protected javax.crypto.Cipher _cipher

Cipher Algoritm Implementation

_params

protected java.security.AlgorithmParameters _params

Cipher Algorithm parameters

_iv

protected javax.crypto.spec.IvParameterSpec _iv

_cos

protected javax.crypto.CipherOutputStream _cos

Cipher Encrypting OutputStream

_secureKey

protected SecureKey _secureKey

Key to be used for encryption obtained from Security Server

Constructor Detail

EncryptionOutputStreamComponent

public EncryptionOutputStreamComponent(OutputStreamComponent output)
                                throws java.io.IOException

Default constructor for a pipeline.

Parameters:

output - The next component in the pipeline.

Throws:

java.io.IOException

Method Detail

setOutputStream

public void setOutputStream(OutputStreamComponent output)

Sets the output component. You should ensure that any existing output is finish()ed before it is replaced.

This method wraps the outputStream in

Specified by:

setOutputStream in interface OutputStreamComponent

Overrides:

setOutputStream in class PipelineOutputStream

Parameters:

output - The output component.

setSecurity

public void setSecurity(Policy policy,
                        OASecurityManager securityManager)
                 throws java.lang.SecurityException

Initializes the Encryption - SecurityAgent. Reads the Encryption Algorithm to be used and stores it.

Specified by:

setSecurity in interface SecurityComponent

Overrides:

setSecurity in class AbstractSecurityOutputStreamComponent

Parameters:

policy - is used to get various properties like algorithm, provider, etc. required for actual low-level operation.

securityManager - used to interact with SecurityServer to get various information like key, policy, etc. if required.

Throws:

java.lang.SecurityException - If there is a problem with the policy or SecurityManager provided.

See Also:

Cipher

startDataBlock

public void startDataBlock()
                    throws java.lang.SecurityException,
                           java.io.IOException

Start processing a new data block. The component requests SecureKey from the SecurityManager which is to be used for the encrypting the byte[] until the finishblock is called. In addition it this function also creates the header information required and passes it onto the downstream. It is called by the owner on the head of an OutputStream pipeline, and propagates through to the end of the pipeline. Any calls to any write() method which precede a startDataBlock() should pass the bytes through unprocessed. This allows upstream components to write out header information for the decoding process on the other side.

Specified by:

startDataBlock in interface OutputStreamComponent

Overrides:

startDataBlock in class AbstractSecurityOutputStreamComponent

Throws:

java.io.IOException - if an I/O error occurs.

java.lang.SecurityException

See Also:

Cipher, CipherOutputStream

setCipherParameters

protected void setCipherParameters()
                            throws java.security.InvalidKeyException,
                                   javax.crypto.IllegalBlockSizeException,
                                   javax.crypto.BadPaddingException,
                                   java.io.IOException

Determines the Cipher parameters, such as an IV, by performing a test encryption.

Throws:

java.security.InvalidKeyException

javax.crypto.IllegalBlockSizeException

javax.crypto.BadPaddingException

java.io.IOException

reInitCipher

protected void reInitCipher()
                     throws java.security.InvalidKeyException,
                            java.security.InvalidAlgorithmParameterException

Re-initialize the Cipher.

Throws:

java.security.InvalidKeyException

java.security.InvalidAlgorithmParameterException

base64Encode

protected java.lang.String base64Encode(byte[] data)
                                 throws java.io.IOException

Base64 encode a byte[] array in a String.

Throws:

java.io.IOException

simpleEncrypt

protected byte[] simpleEncrypt(byte[] data)

Try encrypting data with fixed algorithm that does not require IV or other parameters.

Parameters:

data - The data to encrypt

Returns:

Encrypted data or null if provider does not support selected algorithm

processWrite

public void processWrite(int b)
                  throws java.io.IOException

Writes the Byte[] into the Output Stream - Using Cipher Output Stream

Specified by:

processWrite in class AbstractSecurityOutputStreamComponent

Throws:

java.io.IOException

processWrite

public void processWrite(byte[] b,
                         int off,
                         int len)
                  throws java.io.IOException

Description copied from class: AbstractSecurityOutputStreamComponent

True write method. Subclasses override this to perform the byte processing and writing that takes place when in a datablock.

Specified by:

processWrite in class AbstractSecurityOutputStreamComponent

Throws:

java.io.IOException

finishDataBlock

public final void finishDataBlock()
                           throws java.io.IOException

Finish off the current data block being output.

Specified by:

finishDataBlock in interface OutputStreamComponent

Overrides:

finishDataBlock in class AbstractSecurityOutputStreamComponent

Throws:

java.io.IOException - If _out is null.

main

public static void main(java.lang.String[] args)