hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/security/GDPRSymmetricKey.java - hadoop - Git at Google

 /**
  * Licensed to the Apache Software Foundation (ASF) under one or more
  * contributor license agreements.  See the NOTICE file distributed with this
  * work for additional information regarding copyright ownership.  The ASF
  * licenses this file to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  * <p>
  * http://www.apache.org/licenses/LICENSE-2.0
  * <p>
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
  * License for the specific language governing permissions and limitations under
  * the License.
  */
 package org.apache.hadoop.ozone.security;

 import com.google.common.base.Preconditions;
 import org.apache.commons.lang3.RandomStringUtils;
 import org.apache.hadoop.ozone.OzoneConsts;

 import java.security.SecureRandom;
 import java.util.HashMap;
 import java.util.Map;

 import javax.crypto.Cipher;
 import javax.crypto.spec.SecretKeySpec;

 /**
  * Symmetric Key structure for GDPR.
  */
 public class GDPRSymmetricKey {

   private SecretKeySpec secretKey;
   private Cipher cipher;
   private String algorithm;
   private String secret;

   public SecretKeySpec getSecretKey() {
     return secretKey;
   }

   public Cipher getCipher() {
     return cipher;
   }

   /**
    * Default constructor creates key with default values.
    * @throws Exception
    */
   public GDPRSymmetricKey(SecureRandom secureRandom) throws Exception {
     algorithm = OzoneConsts.GDPR_ALGORITHM_NAME;
     secret = RandomStringUtils.random(
         OzoneConsts.GDPR_DEFAULT_RANDOM_SECRET_LENGTH,
         0, 0, true, true, null, secureRandom);
     this.secretKey = new SecretKeySpec(
         secret.getBytes(OzoneConsts.GDPR_CHARSET), algorithm);
     this.cipher = Cipher.getInstance(algorithm);
   }

   /**
    * Overloaded constructor creates key with specified values.
    * @throws Exception
    */
   public GDPRSymmetricKey(String secret, String algorithm) throws Exception {
     Preconditions.checkNotNull(secret, "Secret cannot be null");
     //TODO: When we add feature to allow users to customize the secret length,
     // we need to update this length check Precondition
     Preconditions.checkArgument(secret.length() == 16,
         "Secret must be exactly 16 characters");
     Preconditions.checkNotNull(algorithm, "Algorithm cannot be null");
     this.secret = secret;
     this.algorithm = algorithm;
     this.secretKey = new SecretKeySpec(
         secret.getBytes(OzoneConsts.GDPR_CHARSET), algorithm);
     this.cipher = Cipher.getInstance(algorithm);
   }

   public Map<String, String> getKeyDetails() {
     Map<String, String> keyDetail = new HashMap<>();
     keyDetail.put(OzoneConsts.GDPR_SECRET, this.secret);
     keyDetail.put(OzoneConsts.GDPR_ALGORITHM, this.algorithm);
     return keyDetail;
   }

 }
	/**
	* Licensed to the Apache Software Foundation (ASF) under one or more
	* contributor license agreements. See the NOTICE file distributed with this
	* work for additional information regarding copyright ownership. The ASF
	* licenses this file to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	* <p>
	* http://www.apache.org/licenses/LICENSE-2.0
	* <p>
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
	* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
	* License for the specific language governing permissions and limitations under
	* the License.
	*/
	package org.apache.hadoop.ozone.security;

	import com.google.common.base.Preconditions;
	import org.apache.commons.lang3.RandomStringUtils;
	import org.apache.hadoop.ozone.OzoneConsts;

	import java.security.SecureRandom;
	import java.util.HashMap;
	import java.util.Map;

	import javax.crypto.Cipher;
	import javax.crypto.spec.SecretKeySpec;

	/**
	* Symmetric Key structure for GDPR.
	*/
	public class GDPRSymmetricKey {

	private SecretKeySpec secretKey;
	private Cipher cipher;
	private String algorithm;
	private String secret;

	public SecretKeySpec getSecretKey() {
	return secretKey;
	}

	public Cipher getCipher() {
	return cipher;
	}

	/**
	* Default constructor creates key with default values.
	* @throws Exception
	*/
	public GDPRSymmetricKey(SecureRandom secureRandom) throws Exception {
	algorithm = OzoneConsts.GDPR_ALGORITHM_NAME;
	secret = RandomStringUtils.random(
	OzoneConsts.GDPR_DEFAULT_RANDOM_SECRET_LENGTH,
	0, 0, true, true, null, secureRandom);
	this.secretKey = new SecretKeySpec(
	secret.getBytes(OzoneConsts.GDPR_CHARSET), algorithm);
	this.cipher = Cipher.getInstance(algorithm);
	}

	/**
	* Overloaded constructor creates key with specified values.
	* @throws Exception
	*/
	public GDPRSymmetricKey(String secret, String algorithm) throws Exception {
	Preconditions.checkNotNull(secret, "Secret cannot be null");
	//TODO: When we add feature to allow users to customize the secret length,
	// we need to update this length check Precondition
	Preconditions.checkArgument(secret.length() == 16,
	"Secret must be exactly 16 characters");
	Preconditions.checkNotNull(algorithm, "Algorithm cannot be null");
	this.secret = secret;
	this.algorithm = algorithm;
	this.secretKey = new SecretKeySpec(
	secret.getBytes(OzoneConsts.GDPR_CHARSET), algorithm);
	this.cipher = Cipher.getInstance(algorithm);
	}

	public Map<String, String> getKeyDetails() {
	Map<String, String> keyDetail = new HashMap<>();
	keyDetail.put(OzoneConsts.GDPR_SECRET, this.secret);
	keyDetail.put(OzoneConsts.GDPR_ALGORITHM, this.algorithm);
	return keyDetail;
	}

	}