in parquet-hadoop/src/main/java/org/apache/parquet/crypto/FileEncryptionProperties.java [45:104]
private FileEncryptionProperties(
ParquetCipher cipher,
byte[] footerKey,
byte[] footerKeyMetadata,
boolean encryptedFooter,
byte[] aadPrefix,
boolean storeAadPrefixInFile,
Map<ColumnPath, ColumnEncryptionProperties> columnPropertyMap,
boolean completeColumnEncryption) {
if (null == footerKey) {
throw new IllegalArgumentException("Footer key is null");
}
if (!(footerKey.length == 16 || footerKey.length == 24 || footerKey.length == 32)) {
throw new IllegalArgumentException("Wrong footer key length " + footerKey.length);
}
if (null != columnPropertyMap) {
if (columnPropertyMap.isEmpty()) {
throw new IllegalArgumentException("No encrypted columns");
}
} else {
if (completeColumnEncryption) {
throw new IllegalArgumentException("Encrypted columns are not specified, cannot complete");
}
}
SecureRandom random = new SecureRandom();
byte[] aadFileUnique = new byte[AAD_FILE_UNIQUE_LENGTH];
random.nextBytes(aadFileUnique);
boolean supplyAadPrefix = false;
if (null == aadPrefix) {
this.fileAAD = aadFileUnique;
} else {
this.fileAAD = AesCipher.concatByteArrays(aadPrefix, aadFileUnique);
if (!storeAadPrefixInFile) supplyAadPrefix = true;
}
this.algorithm = cipher.getEncryptionAlgorithm();
if (algorithm.isSetAES_GCM_V1()) {
algorithm.getAES_GCM_V1().setAad_file_unique(aadFileUnique);
algorithm.getAES_GCM_V1().setSupply_aad_prefix(supplyAadPrefix);
if (null != aadPrefix && storeAadPrefixInFile) {
algorithm.getAES_GCM_V1().setAad_prefix(aadPrefix);
}
} else {
algorithm.getAES_GCM_CTR_V1().setAad_file_unique(aadFileUnique);
algorithm.getAES_GCM_CTR_V1().setSupply_aad_prefix(supplyAadPrefix);
if (null != aadPrefix && storeAadPrefixInFile) {
algorithm.getAES_GCM_CTR_V1().setAad_prefix(aadPrefix);
}
}
this.footerKey = footerKey;
this.footerKeyMetadata = footerKeyMetadata;
this.encryptedFooter = encryptedFooter;
this.columnPropertyMap = columnPropertyMap;
this.completeColumnEncryption = completeColumnEncryption;
}