• Home
• com.qcloud
• branch_cos_api
• 5.6.20
• source code
• COSCryptoModuleAEStrict.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.branch.cos.internal.crypto.COSCryptoModuleAEStrict Maven / Gradle / Ivy

/*
 * Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.
 *
 * Licensed under the Apache License, Version 2.0 (the "License").
 * You may not use this file except in compliance with the License.
 * A copy of the License is located at
 *
 *  http://aws.amazon.com/apache2.0
 *
 * or in the "license" file accompanying this file. This file is distributed
 * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
 * express or implied. See the License for the specific language governing
 * permissions and limitations under the License.
 
 * According to cos feature, we modify some class，comment, field name, etc.
 */


package com.branch.cos.internal.crypto;

import static com.branch.cos.internal.crypto.CryptoMode.StrictAuthenticatedEncryption;

import com.branch.cos.auth.COSCredentialsProvider;
import com.branch.cos.internal.COSDirect;

/**
 * Strict Authenticated encryption (AE) cryptographic module for the COS encryption client.
 */
public class COSCryptoModuleAEStrict extends COSCryptoModuleAE {
    /**
     * @param cryptoConfig a read-only copy of the crypto configuration.
     */
    COSCryptoModuleAEStrict(QCLOUDKMS kms, COSDirect cos,
            COSCredentialsProvider credentialsProvider,
            EncryptionMaterialsProvider encryptionMaterialsProvider,
            CryptoConfiguration cryptoConfig) {
        super(kms, cos, credentialsProvider, encryptionMaterialsProvider, cryptoConfig);
        if (cryptoConfig.getCryptoMode() != StrictAuthenticatedEncryption)
            throw new IllegalArgumentException();
    }

    protected final boolean isStrict() {
        return true;
    }

    protected void securityCheck(ContentCryptoMaterial cekMaterial, COSObjectWrapper retrieved) {
        if (!ContentCryptoScheme.AES_GCM.equals(cekMaterial.getContentCryptoScheme())) {
            throw new SecurityException("COS object [bucket: " + retrieved.getBucketName()
                    + ", key: " + retrieved.getKey()
                    + "] not encrypted using authenticated encryption");
        }
    }

}