Package org.nuxeo.ecm.core.blob

Class AESBlobStore

java.lang.Object

org.nuxeo.ecm.core.blob.AbstractBlobStore

org.nuxeo.ecm.core.blob.LocalBlobStore

org.nuxeo.ecm.core.blob.AESBlobStore

All Implemented Interfaces:

BlobStore

public class AESBlobStore
extends LocalBlobStore

A blob store that encrypts binaries on the filesystem using AES.

Since:

11.1

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	AESBlobStore.DecryptingInputStream	Input stream that decrypts while reading.
static class	AESBlobStore.EncryptingOutputStream	Output stream that encrypts while writing.

Nested classes/interfaces inherited from class org.nuxeo.ecm.core.blob.LocalBlobStore

LocalBlobStore.LocalBlobGarbageCollector

Nested classes/interfaces inherited from interface org.nuxeo.ecm.core.blob.BlobStore

BlobStore.OptionalOrUnknown<T>

Field Summary

Fields

Modifier and Type	Field	Description
protected AESBlobStoreConfiguration	aesConfig
protected static byte[]	FILE_MAGIC
protected static int	FILE_VERSION_1
protected static Random	RANDOM
protected static int	USE_KEYSTORE
protected static int	USE_PBKDF2

Fields inherited from class org.nuxeo.ecm.core.blob.LocalBlobStore

gc, pathStrategy

Fields inherited from class org.nuxeo.ecm.core.blob.AbstractBlobStore

blobProviderId, BYTE_RANGE_SEP, keyStrategy, name

Constructor Summary

Constructors

Constructor	Description
AESBlobStore(String name, KeyStrategy keyStrategy, PathStrategy pathStrategy, AESBlobStoreConfiguration aesConfig)

Method Summary

Modifier and Type	Method	Description
boolean	copyBlobIsOptimized(BlobStore sourceStore)	Checks if blob copy/move from another blob store to this one can be done efficiently.
String	copyOrMoveBlob(String key, BlobStore sourceStore, String sourceKey, boolean atomicMove)	Writes a file based on a key, as an optimized copy/move from a source in another compatible blob store.
BlobStore.OptionalOrUnknown<Path>	getFile(String key)	Gets an already-existing file containing the blob for the given key, if present.
BlobStore.OptionalOrUnknown<InputStream>	getStream(String key)	Gets the stream of the blob for the given key, if present.
boolean	readBlob(String key, Path dest)	Reads a blob based on its key into the given file.
protected void	write(BlobWriteContext blobWriteContext, Path file)

Methods inherited from class org.nuxeo.ecm.core.blob.LocalBlobStore

clear, copyBlob, copyBlobGeneric, deleteBlob, exists, getBinaryGarbageCollector, getDirectory, getPathStrategy, getStoredFile, writeBlobGeneric

Methods inherited from class org.nuxeo.ecm.core.blob.AbstractBlobStore

deleteBlob, getBlobKeyReplacement, getByteRangeFromKey, getKeyStrategy, getName, hasVersioning, logTrace, logTrace, logTrace, notifyAsyncDigest, randomLong, randomString, setByteRangeInKey, stripBlobKeyPrefix, stripBlobKeyVersionSuffix, transfer, transfer, transfer, unwrap, useAsyncDigest, writeBlob, writeBlob, writeBlobProperties, writeBlobUsingOptimizedCopy

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.nuxeo.ecm.core.blob.BlobStore

copyBlob, hasDefaultStorageClass

Field Detail

FILE_MAGIC

protected static final byte[] FILE_MAGIC

FILE_VERSION_1

protected static final int FILE_VERSION_1

See Also:

Constant Field Values

USE_KEYSTORE

protected static final int USE_KEYSTORE

See Also:

Constant Field Values

USE_PBKDF2

protected static final int USE_PBKDF2

See Also:

Constant Field Values

RANDOM

protected static final Random RANDOM

aesConfig

protected final AESBlobStoreConfiguration aesConfig

Constructor Detail

AESBlobStore

public AESBlobStore(String name,
                    KeyStrategy keyStrategy,
                    PathStrategy pathStrategy,
                    AESBlobStoreConfiguration aesConfig)

Method Detail

write

protected void write(BlobWriteContext blobWriteContext,
                     Path file)
              throws IOException

Overrides:

write in class LocalBlobStore

Throws:

IOException

getFile

public BlobStore.OptionalOrUnknown<Path> getFile(String key)

Description copied from interface: BlobStore

Gets an already-existing file containing the blob for the given key, if present.

Note that this method is best-effort, it may return unknown even though the blob exists in the store, it's just that it's not handily available locally in a file.

Specified by:

getFile in interface BlobStore

Overrides:

getFile in class LocalBlobStore

Parameters:

key - the blob key

Returns:

the file containing the blob, or empty if the blob cannot be found, or unknown if no file is available locally

getStream

public BlobStore.OptionalOrUnknown<InputStream> getStream(String key)
                                                   throws IOException

Description copied from interface: BlobStore

Gets the stream of the blob for the given key, if present.

Note that this method is best-effort, it may return unknown even though the blob exists in the store, it's just that it's not efficient to return it as a stream.

Specified by:

getStream in interface BlobStore

Overrides:

getStream in class LocalBlobStore

Parameters:

key - the blob key

Returns:

the blob stream, or empty if the blob cannot be found, or unknown if no stream is efficiently available

Throws:

IOException

readBlob

public boolean readBlob(String key,
                        Path dest)
                 throws IOException

Description copied from interface: BlobStore

Reads a blob based on its key into the given file.

Specified by:

readBlob in interface BlobStore

Overrides:

readBlob in class LocalBlobStore

Parameters:

key - the blob key

dest - the file to use to store the fetched data

Returns:

true if the file was fetched, false if the file was not found

Throws:

IOException

copyBlobIsOptimized

public boolean copyBlobIsOptimized(BlobStore sourceStore)

Description copied from interface: BlobStore

Checks if blob copy/move from another blob store to this one can be done efficiently.

Specified by:

copyBlobIsOptimized in interface BlobStore

Overrides:

copyBlobIsOptimized in class LocalBlobStore

Parameters:

sourceStore - the source store

Returns:

true if the copy/move can be done efficiently

copyOrMoveBlob

public String copyOrMoveBlob(String key,
                             BlobStore sourceStore,
                             String sourceKey,
                             boolean atomicMove)
                      throws IOException

Description copied from interface: BlobStore

Writes a file based on a key, as an optimized copy/move from a source in another compatible blob store.

The target key may be null, which is a signal from the caller that it has determined that deduplication is enabled and async digest computation is enabled, but the needed digest hasn't been computed, so this method should either find the digest in an efficient way if it can, or otherwise trigger an async digest computation.

If the copy/move is requested to be atomic, then the destination file is created atomically. In case of atomic move, in some stores the destination will be created atomically but the source will only be deleted afterwards.

The returned key may be different than the passed one when versioning is used.

Specified by:

copyOrMoveBlob in interface BlobStore

Overrides:

copyOrMoveBlob in class LocalBlobStore

Parameters:

key - the key; or null if the store should choose it or trigger async digest computation

sourceStore - the source store

sourceKey - the source key

atomicMove - true for an atomic move, false for a regular copy

Returns:

the key of the copied/moved file, or null if copy/move failed

Throws:

IOException