All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.apache.poi.poifs.crypt.temp.EncryptedTempData Maven / Gradle / Ivy

/*
 *  ====================================================================
 *    Licensed to the Apache Software Foundation (ASF) under one or more
 *    contributor license agreements.  See the NOTICE file distributed with
 *    this work for additional information regarding copyright ownership.
 *    The ASF licenses this file to You under the Apache License, Version 2.0
 *    (the "License"); you may not use this file except in compliance with
 *    the License.  You may obtain a copy of the License at
 *
 *        http://www.apache.org/licenses/LICENSE-2.0
 *
 *    Unless required by applicable law or agreed to in writing, software
 *    distributed under the License is distributed on an "AS IS" BASIS,
 *    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 *    See the License for the specific language governing permissions and
 *    limitations under the License.
 * ====================================================================
 */

package org.apache.poi.poifs.crypt.temp;

import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.nio.file.Files;

import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.spec.SecretKeySpec;

import org.apache.commons.io.output.CountingOutputStream;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.apache.poi.poifs.crypt.ChainingMode;
import org.apache.poi.poifs.crypt.CipherAlgorithm;
import org.apache.poi.poifs.crypt.CryptoFunctions;
import org.apache.poi.util.Beta;
import org.apache.poi.util.RandomSingleton;
import org.apache.poi.util.TempFile;

/**
 * EncryptedTempData can be used to buffer binary data in a secure way, by using encrypted temp files.
 */
@Beta
public class EncryptedTempData {

    private static final Logger LOG = LogManager.getLogger(EncryptedTempData.class);
    private static final CipherAlgorithm cipherAlgorithm = CipherAlgorithm.aes128;
    private static final String PADDING = "PKCS5Padding";
    private final SecretKeySpec skeySpec;
    private final byte[] ivBytes;
    private final File tempFile;
    private CountingOutputStream outputStream;

    public EncryptedTempData() throws IOException {
        ivBytes = new byte[16];
        byte[] keyBytes = new byte[16];
        RandomSingleton.getInstance().nextBytes(ivBytes);
        RandomSingleton.getInstance().nextBytes(keyBytes);
        skeySpec = new SecretKeySpec(keyBytes, cipherAlgorithm.jceId);
        tempFile = TempFile.createTempFile("poi-temp-data", ".tmp");
    }

    /**
     * Returns the output stream for writing the data.

* Make sure to close it, otherwise the last cipher block is not written completely. * * @return the outputstream * @throws IOException if the writing to the underlying file fails */ public OutputStream getOutputStream() throws IOException { Cipher ciEnc = CryptoFunctions.getCipher(skeySpec, cipherAlgorithm, ChainingMode.cbc, ivBytes, Cipher.ENCRYPT_MODE, PADDING); outputStream = new CountingOutputStream(new CipherOutputStream(Files.newOutputStream(tempFile.toPath()), ciEnc)); return outputStream; } /** * Returns the input stream for reading the previously written encrypted data * * @return the inputstream * @throws IOException if the reading of the underlying file fails */ public InputStream getInputStream() throws IOException { Cipher ciDec = CryptoFunctions.getCipher(skeySpec, cipherAlgorithm, ChainingMode.cbc, ivBytes, Cipher.DECRYPT_MODE, PADDING); return new CipherInputStream(Files.newInputStream(tempFile.toPath()), ciDec); } /** * @return number of bytes stored in the temp data file (the number you should expect after you decrypt the data) */ public long getByteCount() { return outputStream == null ? 0 : outputStream.getByteCount(); } /** * Removes the temporarily backing file */ public void dispose() { if (!tempFile.delete()) { LOG.atWarn().log("{} can't be removed (or was already removed).", tempFile::getAbsolutePath); } } }





© 2015 - 2024 Weber Informatics LLC | Privacy Policy