Skip to content

Commit

Permalink
modify encrypt type (#311)
Browse files Browse the repository at this point in the history
* modify encrypt type format

* make key effective

* change default type

---------

Co-authored-by: zhujt <[email protected]>
  • Loading branch information
zhujt20 and zhujt authored Dec 2, 2024
1 parent 64e3c12 commit 686bbab
Show file tree
Hide file tree
Showing 7 changed files with 46 additions and 64 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -161,11 +161,8 @@ public class TSFileConfig implements Serializable {
/** encryptKey, this should be 16 bytes String. */
private String encryptKey = "abcdefghijklmnop";

/**
* default encryptType is "org.apache.tsfile.encrypt.UNENCRYPTED", TsFile supports UNENCRYPTED or
* AES128.
*/
private String encryptType = "org.apache.tsfile.encrypt.UNENCRYPTED";
/** default encryptType is "UNENCRYPTED", TsFile supports UNENCRYPTED or AES128. */
private String encryptType = "UNENCRYPTED";

/** Line count threshold for checking page memory occupied size. */
private int pageCheckSizeThreshold = 100;
Expand Down Expand Up @@ -275,6 +272,8 @@ public void setEncryptKeyFromPath(String encryptKeyPath) {
return;
}
this.encryptKey = EncryptUtils.getEncryptKeyFromPath(encryptKeyPath);
EncryptUtils.encryptParam = EncryptUtils.getEncryptParameter();
EncryptUtils.normalKeyStr = EncryptUtils.getNormalKeyStr();
}

public int getGroupSizeInByte() {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@
import org.apache.tsfile.common.conf.TSFileConfig;
import org.apache.tsfile.common.conf.TSFileDescriptor;
import org.apache.tsfile.exception.encrypt.EncryptException;
import org.apache.tsfile.exception.encrypt.EncryptKeyLengthNotMatchException;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
Expand All @@ -38,10 +39,25 @@ public class EncryptUtils {

private static final String defaultKey = "abcdefghijklmnop";

private static final String encryptClassPrefix = "org.apache.tsfile.encrypt.";

public static String normalKeyStr = getNormalKeyStr();

public static EncryptParameter encryptParam = getEncryptParameter();

public static String getEncryptClass(String encryptType) {
String classNameRegex = "^(\\p{Alpha}\\w*)(\\.\\p{Alpha}\\w+)+$";
if (IEncrypt.encryptTypeToClassMap.containsKey(encryptType)) {
return IEncrypt.encryptTypeToClassMap.get(encryptType);
} else if (encryptType.matches(classNameRegex)) {
IEncrypt.encryptTypeToClassMap.put(encryptType, encryptType);
return encryptType;
} else {
IEncrypt.encryptTypeToClassMap.put(encryptType, encryptClassPrefix + encryptType);
return encryptClassPrefix + encryptType;
}
}

public static String getEncryptKeyFromPath(String path) {
if (path == null) {
logger.error("encrypt key path is null, use the default key");
Expand All @@ -63,6 +79,9 @@ public static String getEncryptKeyFromPath(String path) {
sb.append("\n").append(line);
}
}
if (sb.toString().length() != 16) {
throw new EncryptKeyLengthNotMatchException(16, sb.toString().length());
}
return sb.toString();
} catch (IOException e) {
throw new EncryptException("Read main encrypt key error", e);
Expand Down Expand Up @@ -117,7 +136,7 @@ public static String getNormalKeyStr() {
return str;
} catch (Exception e) {
throw new EncryptException(
"SHA-256 function not found while using SHA-256 to generate data key");
"SHA-256 function not found while using SHA-256 to generate data key", e);
}
}

Expand Down Expand Up @@ -178,13 +197,14 @@ public static IEncrypt getEncrypt() {

public static IEncrypt getEncrypt(String encryptType, byte[] dataEncryptKey) {
try {
if (IEncrypt.encryptMap.containsKey(encryptType)) {
return ((IEncrypt) IEncrypt.encryptMap.get(encryptType).newInstance(dataEncryptKey));
String className = getEncryptClass(encryptType);
if (IEncrypt.encryptMap.containsKey(className)) {
return ((IEncrypt) IEncrypt.encryptMap.get(className).newInstance(dataEncryptKey));
}
Class<?> encryptTypeClass = Class.forName(encryptType);
Class<?> encryptTypeClass = Class.forName(className);
java.lang.reflect.Constructor<?> constructor =
encryptTypeClass.getDeclaredConstructor(byte[].class);
IEncrypt.encryptMap.put(encryptType, constructor);
IEncrypt.encryptMap.put(className, constructor);
return ((IEncrypt) constructor.newInstance(dataEncryptKey));
} catch (ClassNotFoundException e) {
throw new EncryptException("Get encryptor class failed: " + encryptType, e);
Expand Down Expand Up @@ -213,18 +233,7 @@ public static IEncrypt getEncrypt(TSFileConfig conf) {
encryptType = "org.apache.tsfile.encrypt.UNENCRYPTED";
dataEncryptKey = null;
}
try {
Class<?> encryptTypeClass = Class.forName(encryptType);
java.lang.reflect.Constructor<?> constructor =
encryptTypeClass.getDeclaredConstructor(byte[].class);
return ((IEncrypt) constructor.newInstance(dataEncryptKey));
} catch (ClassNotFoundException e) {
throw new EncryptException("Get encryptor class failed: " + encryptType, e);
} catch (NoSuchMethodException e) {
throw new EncryptException("Get constructor for encryptor failed: " + encryptType, e);
} catch (InvocationTargetException | InstantiationException | IllegalAccessException e) {
throw new EncryptException("New encryptor instance failed: " + encryptType, e);
}
return getEncrypt(encryptType, dataEncryptKey);
}

public static byte[] getSecondKeyFromStr(String str) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -34,13 +34,14 @@ public interface IDecryptor {

static IDecryptor getDecryptor(String type, byte[] key) {
try {
if (IEncrypt.encryptMap.containsKey(type)) {
return ((IEncrypt) IEncrypt.encryptMap.get(type).newInstance(key)).getDecryptor();
String className = EncryptUtils.getEncryptClass(type);
if (IEncrypt.encryptMap.containsKey(className)) {
return ((IEncrypt) IEncrypt.encryptMap.get(className).newInstance(key)).getDecryptor();
}
Class<?> encryptClass = Class.forName(type);
Class<?> encryptClass = Class.forName(className);
java.lang.reflect.Constructor<?> constructor =
encryptClass.getDeclaredConstructor(byte[].class);
IEncrypt.encryptMap.put(type, constructor);
IEncrypt.encryptMap.put(className, constructor);
return ((IEncrypt) constructor.newInstance(key)).getDecryptor();
} catch (ClassNotFoundException e) {
throw new EncryptException("Get decryptor class failed: " + type, e);
Expand All @@ -54,22 +55,7 @@ static IDecryptor getDecryptor(String type, byte[] key) {
static IDecryptor getDecryptor(EncryptParameter encryptParam) {
String type = encryptParam.getType();
byte[] key = encryptParam.getKey();
try {
if (IEncrypt.encryptMap.containsKey(type)) {
return ((IEncrypt) IEncrypt.encryptMap.get(type).newInstance(key)).getDecryptor();
}
Class<?> encryptClass = Class.forName(type);
java.lang.reflect.Constructor<?> constructor =
encryptClass.getDeclaredConstructor(byte[].class);
IEncrypt.encryptMap.put(type, constructor);
return ((IEncrypt) constructor.newInstance(key)).getDecryptor();
} catch (ClassNotFoundException e) {
throw new EncryptException("Get decryptor class failed: " + type, e);
} catch (NoSuchMethodException e) {
throw new EncryptException("Get constructor for decryptor failed: " + type, e);
} catch (InvocationTargetException | InstantiationException | IllegalAccessException e) {
throw new EncryptException("New decryptor instance failed: " + type, e);
}
return getDecryptor(type, key);
}

byte[] decrypt(byte[] data);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,8 @@ public interface IEncrypt {
static ConcurrentHashMap<String, java.lang.reflect.Constructor<?>> encryptMap =
new ConcurrentHashMap<>();

static ConcurrentHashMap<String, String> encryptTypeToClassMap = new ConcurrentHashMap<>();

IDecryptor getDecryptor();

IEncryptor getEncryptor();
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -34,13 +34,14 @@ public interface IEncryptor {

static IEncryptor getEncryptor(String type, byte[] key) {
try {
if (IEncrypt.encryptMap.containsKey(type)) {
return ((IEncrypt) IEncrypt.encryptMap.get(type).newInstance(key)).getEncryptor();
String className = EncryptUtils.getEncryptClass(type);
if (IEncrypt.encryptMap.containsKey(className)) {
return ((IEncrypt) IEncrypt.encryptMap.get(className).newInstance(key)).getEncryptor();
}
Class<?> encryptClass = Class.forName(type);
Class<?> encryptClass = Class.forName(className);
java.lang.reflect.Constructor<?> constructor =
encryptClass.getDeclaredConstructor(byte[].class);
IEncrypt.encryptMap.put(type, constructor);
IEncrypt.encryptMap.put(className, constructor);
return ((IEncrypt) constructor.newInstance(key)).getEncryptor();
} catch (ClassNotFoundException e) {
throw new EncryptException("Get encryptor class failed: " + type, e);
Expand All @@ -54,22 +55,7 @@ static IEncryptor getEncryptor(String type, byte[] key) {
static IEncryptor getEncryptor(EncryptParameter encryptParam) {
String type = encryptParam.getType();
byte[] key = encryptParam.getKey();
try {
if (IEncrypt.encryptMap.containsKey(type)) {
return ((IEncrypt) IEncrypt.encryptMap.get(type).newInstance(key)).getEncryptor();
}
Class<?> encryptClass = Class.forName(type);
java.lang.reflect.Constructor<?> constructor =
encryptClass.getDeclaredConstructor(byte[].class);
IEncrypt.encryptMap.put(type, constructor);
return ((IEncrypt) constructor.newInstance(key)).getEncryptor();
} catch (ClassNotFoundException e) {
throw new EncryptException("Get encryptor class failed: " + type, e);
} catch (NoSuchMethodException e) {
throw new EncryptException("Get constructor for encryptor failed: " + type, e);
} catch (InvocationTargetException | InstantiationException | IllegalAccessException e) {
throw new EncryptException("New encryptor instance failed: " + type, e);
}
return getEncryptor(type, key);
}

byte[] encrypt(byte[] data);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -202,7 +202,7 @@ protected TsFileWriter(TsFileIOWriter fileWriter, Schema schema, TSFileConfig co
.encrypt(dataEncryptKey);
} catch (Exception e) {
throw new EncryptException(
"SHA-256 function not found while using SHA-256 to generate data key");
"SHA-256 function not found while using SHA-256 to generate data key", e);
}
} else {
encryptLevel = "0";
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -66,7 +66,7 @@ public class AES128TsFileReadWriteTest {
@Before
public void setUp() {
conf.setEncryptFlag("true");
conf.setEncryptType("org.apache.tsfile.encrypt.AES128");
conf.setEncryptType("AES128");
conf.setEncryptKey("thisisourtestkey");
f = new File(path);
if (f.exists()) {
Expand Down

0 comments on commit 686bbab

Please sign in to comment.