de.schlichtherle.truezip.fs.archive.zip.raes
Class ParanoidZipRaesDriver
java.lang.Object
de.schlichtherle.truezip.fs.FsDriver
de.schlichtherle.truezip.fs.archive.FsArchiveDriver<E>
de.schlichtherle.truezip.fs.archive.FsCharsetArchiveDriver<ZipArchiveEntry>
de.schlichtherle.truezip.fs.archive.zip.ZipDriver
de.schlichtherle.truezip.fs.archive.zip.JarDriver
de.schlichtherle.truezip.fs.archive.zip.raes.ZipRaesDriver
de.schlichtherle.truezip.fs.archive.zip.raes.ParanoidZipRaesDriver
- All Implemented Interfaces:
- ZipEntryFactory<ZipArchiveEntry>
@Immutable
public class ParanoidZipRaesDriver
- extends ZipRaesDriver
A paranoid archive driver which builds RAES encrypted ZIP files.
This driver always checks the cipher text of input archive files
using the RAES Message Authentication Code (MAC), which makes it slower than
the SafeZipRaesDriver for archive files larger than 512 KB and
may pause the client application on the first access to the archive file
for a while if the file is large.
Note that the CRC-32 value of the plain text ZIP file is never checked
because this is made redundant by the MAC verification.
In addition, this driver limits the number of concurrent entry output
streams to one, so that writing unencrypted temporary files is inhibited.
- Author:
- Christian Schlichtherle
- See Also:
SafeZipRaesDriver
ParanoidZipRaesDriver
public ParanoidZipRaesDriver(IOPoolProvider ioPoolProvider,
KeyManagerProvider keyManagerProvider)
getAuthenticationTrigger
public final long getAuthenticationTrigger()
- Description copied from class:
ZipRaesDriver
- Constructs a new abstract ZIP.RAES driver which
uses the given byte
size to trigger verification of the Message Authentication Code (MAC).
Note that the given parameter only affects the authentication of the
cipher text in input archives - the cipher key and
file length are always authenticated with RAES.
Returns the value of the property
authenticationTrigger.
If the size of an input file is smaller than or equal to this value,
the Message Authentication Code (MAC) for the entire
cipher text is computed and verified in order to authenticate
the file.
Otherwise, only the cipher key and the file length
get authenticated.
Consequently, if the value of this property is set to a negative value,
the cipher text gets never verified, and if set to
Long.MAX_VALUE, the cipher text gets always
authenticated.
- Specified by:
getAuthenticationTrigger in class ZipRaesDriver
- Returns:
- The value of the property
authenticationTrigger.
newOutputShop
public final OutputShop<ZipArchiveEntry> newOutputShop(FsModel model,
OutputSocket<?> output,
InputShop<ZipArchiveEntry> source)
throws IOException
- This implementation calls
ZipRaesDriver.getRaesParameters(de.schlichtherle.truezip.fs.FsModel), with which it
initializes a new RaesOutputStream, and finally passes the
resulting stream to ZipDriver.newZipOutputShop(de.schlichtherle.truezip.fs.FsModel, java.io.OutputStream, de.schlichtherle.truezip.fs.archive.zip.ZipInputShop).
Note that this limits the number of concurrent output entry streams
to one in order to inhibit writing unencrypted temporary files for
buffering the written entries.
- Overrides:
newOutputShop in class ZipRaesDriver
- Throws:
IOException
Copyright © 2005-2011 Schlichtherle IT Services. All Rights Reserved.