com.qcloud.cos.internal.crypto

类 COSCryptoModuleBase

java.lang.Object

com.qcloud.cos.internal.crypto.COSCryptoModule

com.qcloud.cos.internal.crypto.COSCryptoModuleBase

直接已知子类:

COSCryptoModuleAE

public abstract class COSCryptoModuleBase
extends COSCryptoModule

Common implementation for different COS cryptographic modules.

字段概要

字段

限定符和类型	字段和说明
protected com.qcloud.cos.internal.crypto.ContentCryptoScheme	contentCryptoScheme
protected COSDirect	cos
protected CryptoConfiguration	cryptoConfig A read-only copy of the crypto configuration.
protected com.qcloud.cos.internal.crypto.COSCryptoScheme	cryptoScheme
protected static int	DEFAULT_BUFFER_SIZE
protected EncryptionMaterialsProvider	kekMaterialsProvider
protected QCLOUDKMS	kms
protected org.slf4j.Logger	log
protected Map<String,MultipartUploadCryptoContext>	multipartUploadContexts Map of data about in progress encrypted multipart uploads.

构造器概要

构造器

限定符	构造器和说明
protected	COSCryptoModuleBase(COSDirect cos, COSCredentialsProvider credentialsProvider, EncryptionMaterialsProvider kekMaterialsProvider, CryptoConfiguration cryptoConfig) For testing purposes only.
protected	COSCryptoModuleBase(QCLOUDKMS kms, COSDirect cos, COSCredentialsProvider credentialsProvider, EncryptionMaterialsProvider kekMaterialsProvider, CryptoConfiguration cryptoConfig)

方法概要

限定符和类型	方法和说明
void	abortMultipartUploadSecurely(AbortMultipartUploadRequest req)
protected abstract long	ciphertextLength(long plaintextLength) Returns the length of the ciphertext computed from the length of the plaintext.
CompleteMultipartUploadResult	completeMultipartUploadSecurely(CompleteMultipartUploadRequest req)
CopyPartResult	copyPartSecurely(CopyPartRequest copyPartRequest)
protected com.qcloud.cos.internal.crypto.ContentCryptoMaterial	createContentCryptoMaterial(CosServiceRequest req) Creates and returns a non-null content crypto material for the given request.
protected PutObjectRequest	createInstructionPutRequest(String bucketName, String key, com.qcloud.cos.internal.crypto.ContentCryptoMaterial cekMaterial)
protected SecretKey	generateCEK(EncryptionMaterials kekMaterials, Provider providerIn)
com.qcloud.cos.internal.crypto.COSCryptoScheme	getCOSCryptoScheme()
InitiateMultipartUploadResult	initiateMultipartUploadSecurely(InitiateMultipartUploadRequest req)
protected CipherLiteInputStream	newMultipartCOSCipherInputStream(UploadPartRequest req, com.qcloud.cos.internal.crypto.CipherLite cipherLite)
protected long	plaintextLength(AbstractPutObjectRequest request, ObjectMetadata metadata) Returns the plaintext length from the request and metadata; or -1 if unknown.
PutObjectResult	putInstructionFileSecurely(PutInstructionFileRequest req)
PutObjectResult	putObjectSecurely(PutObjectRequest req)
protected void	securityCheck(com.qcloud.cos.internal.crypto.ContentCryptoMaterial cekMaterial, COSObjectWrapper retrieved) Checks if the the crypto scheme used in the given content crypto material is allowed to be used in this crypto module.
protected PutObjectRequest	updateInstructionPutRequest(PutObjectRequest req, com.qcloud.cos.internal.crypto.ContentCryptoMaterial cekMaterial) Updates put request to store the specified instruction object in COS.
protected ObjectMetadata	updateMetadataWithContentCryptoMaterial(ObjectMetadata metadata, File file, com.qcloud.cos.internal.crypto.ContentCryptoMaterial instruction)
UploadPartResult	uploadPartSecurely(UploadPartRequest req) NOTE: Because the encryption process requires context from previous blocks, parts uploaded with the COSEncryptionClient (as opposed to the normal COSClient) must be uploaded serially, and in order.
protected <R extends AbstractPutObjectRequest> R	wrapWithCipher(R request, com.qcloud.cos.internal.crypto.ContentCryptoMaterial cekMaterial) Returns the given PutObjectRequest but has the content as input stream wrapped with a cipher, and configured with some meta data and user metadata.

从类继承的方法 com.qcloud.cos.internal.crypto.COSCryptoModule

getObjectSecurely, getObjectSecurely

从类继承的方法 java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

字段详细资料

DEFAULT_BUFFER_SIZE

protected static final int DEFAULT_BUFFER_SIZE

另请参阅:

常量字段值

kekMaterialsProvider

protected final EncryptionMaterialsProvider kekMaterialsProvider

log

protected final org.slf4j.Logger log

cryptoScheme

protected final com.qcloud.cos.internal.crypto.COSCryptoScheme cryptoScheme

contentCryptoScheme

protected final com.qcloud.cos.internal.crypto.ContentCryptoScheme contentCryptoScheme

cryptoConfig

protected final CryptoConfiguration cryptoConfig

A read-only copy of the crypto configuration.

multipartUploadContexts

protected final Map<String,MultipartUploadCryptoContext> multipartUploadContexts

Map of data about in progress encrypted multipart uploads.

cos

protected final COSDirect cos

kms

protected final QCLOUDKMS kms

构造器详细资料

COSCryptoModuleBase

protected COSCryptoModuleBase(QCLOUDKMS kms,
                              COSDirect cos,
                              COSCredentialsProvider credentialsProvider,
                              EncryptionMaterialsProvider kekMaterialsProvider,
                              CryptoConfiguration cryptoConfig)

参数:

cryptoConfig - a read-only copy of the crypto configuration.

COSCryptoModuleBase

protected COSCryptoModuleBase(COSDirect cos,
                              COSCredentialsProvider credentialsProvider,
                              EncryptionMaterialsProvider kekMaterialsProvider,
                              CryptoConfiguration cryptoConfig)

For testing purposes only.

方法详细资料

ciphertextLength

protected abstract long ciphertextLength(long plaintextLength)

Returns the length of the ciphertext computed from the length of the plaintext.

参数:

plaintextLength - a non-negative number

返回:

a non-negative number

putObjectSecurely

public PutObjectResult putObjectSecurely(PutObjectRequest req)

指定者:

putObjectSecurely 在类中 COSCryptoModule

返回:

the result of the putting the COS object.

abortMultipartUploadSecurely

public final void abortMultipartUploadSecurely(AbortMultipartUploadRequest req)

指定者:

abortMultipartUploadSecurely 在类中 COSCryptoModule

copyPartSecurely

public final CopyPartResult copyPartSecurely(CopyPartRequest copyPartRequest)

指定者:

copyPartSecurely 在类中 COSCryptoModule

initiateMultipartUploadSecurely

public InitiateMultipartUploadResult initiateMultipartUploadSecurely(InitiateMultipartUploadRequest req)

指定者:

initiateMultipartUploadSecurely 在类中 COSCryptoModule

uploadPartSecurely

public UploadPartResult uploadPartSecurely(UploadPartRequest req)

NOTE: Because the encryption process requires context from previous blocks, parts uploaded with the COSEncryptionClient (as opposed to the normal COSClient) must be uploaded serially, and in order. Otherwise, the previous encryption context isn't available to use when encrypting the current part.

指定者:

uploadPartSecurely 在类中 COSCryptoModule

newMultipartCOSCipherInputStream

protected final CipherLiteInputStream newMultipartCOSCipherInputStream(UploadPartRequest req,
                                                                       com.qcloud.cos.internal.crypto.CipherLite cipherLite)

completeMultipartUploadSecurely

public CompleteMultipartUploadResult completeMultipartUploadSecurely(CompleteMultipartUploadRequest req)

指定者:

completeMultipartUploadSecurely 在类中 COSCryptoModule

updateMetadataWithContentCryptoMaterial

protected final ObjectMetadata updateMetadataWithContentCryptoMaterial(ObjectMetadata metadata,
                                                                       File file,
                                                                       com.qcloud.cos.internal.crypto.ContentCryptoMaterial instruction)

createContentCryptoMaterial

protected final com.qcloud.cos.internal.crypto.ContentCryptoMaterial createContentCryptoMaterial(CosServiceRequest req)

Creates and returns a non-null content crypto material for the given request.

抛出:

CosClientException - if no encryption material can be found.

generateCEK

protected final SecretKey generateCEK(EncryptionMaterials kekMaterials,
                                      Provider providerIn)

参数:

kekMaterials - non-null encryption materials

wrapWithCipher

protected final <R extends AbstractPutObjectRequest> R wrapWithCipher(R request,
                                                                      com.qcloud.cos.internal.crypto.ContentCryptoMaterial cekMaterial)

Returns the given PutObjectRequest but has the content as input stream wrapped with a cipher, and configured with some meta data and user metadata.

plaintextLength

protected final long plaintextLength(AbstractPutObjectRequest request,
                                     ObjectMetadata metadata)

Returns the plaintext length from the request and metadata; or -1 if unknown.

getCOSCryptoScheme

public final com.qcloud.cos.internal.crypto.COSCryptoScheme getCOSCryptoScheme()

updateInstructionPutRequest

protected final PutObjectRequest updateInstructionPutRequest(PutObjectRequest req,
                                                             com.qcloud.cos.internal.crypto.ContentCryptoMaterial cekMaterial)

Updates put request to store the specified instruction object in COS.

参数:

req - The put-instruction-file request for the instruction file to be stored in COS.

cekMaterial - The instruction object to be stored in COS.

返回:

A put request to store the specified instruction object in COS.

createInstructionPutRequest

protected final PutObjectRequest createInstructionPutRequest(String bucketName,
                                                             String key,
                                                             com.qcloud.cos.internal.crypto.ContentCryptoMaterial cekMaterial)

securityCheck

protected void securityCheck(com.qcloud.cos.internal.crypto.ContentCryptoMaterial cekMaterial,
                             COSObjectWrapper retrieved)

Checks if the the crypto scheme used in the given content crypto material is allowed to be used in this crypto module. Default is no-op. Subclass may override.

抛出:

SecurityException - if the crypto scheme used in the given content crypto material is not allowed in this crypto module.

putInstructionFileSecurely

public final PutObjectResult putInstructionFileSecurely(PutInstructionFileRequest req)

指定者:

putInstructionFileSecurely 在类中 COSCryptoModule

返回:

the result of putting the instruction file in COS; or null if the specified COS object doesn't exist. The COS object can be subsequently retrieved using the new instruction file via the usual get operation by specifying a EncryptedGetObjectRequest.