FieldEncryptor.java 文件源码-java代码片段

/**
 * Retrieve a field encryption key to use in <strong>decrypting</strong> the field.
 * <p>
 * Metadata can be read from the DataInput object. All meta-data that was written to the stream should be read out, regardless if it is used.
 *
 * @param visibility
 *          Visibility expression for the field.
 * @param in
 *          Stream from which metadata is read.
 * @return Field encryption key.
 * @throws IOException
 *           Not actually thrown.
 */
private byte[] getKey(ColumnVisibility visibility, DataInput in) throws IOException {
  if (config.encryptUsingVisibility) {
    if (visibility.getParseTree().getType() != NodeType.EMPTY) {
      // Rebuild the key from the shares created based on the visibility expression.
      byte[] key = readVisibilityShare(visibility.getParseTree(), visibility.getExpression(), in, false);

      if (key == null) {
        throw new IllegalKeyRequestException();
      }
      return key;
    } else {
      return new byte[config.keyLength];
    }
  } else {
    int version = WritableUtils.readVInt(in);
    return keys.getKey(config.keyId, version, config.keyLength);
  }
}