Chimera is a cryptographic library optimized with AES-NI (Advanced Encryption Standard New Instructions). It provides Java API for both cipher level and Java stream level. Developers can use it to implement high performance AES encryption/decryption with the minimum code and effort. Please note that Chimera doesn't implement the cryptographic algorithm such as AES directly. It wraps to Openssl or JCE which implement the algorithms.
- Cipher API for low level cryptographic operations.
- Java stream API (CryptoInputStream/CryptoOutputStream) for high level stream encyrption/decryption.
- Both optimized with high performance AES encryption/decryption. (1400 MB/s - 1700 MB/s throughput in modern Xeon processors).
- JNI-based implementation to achieve comparable performance to the native C++ version based on Openssl.
- Portable across various operating systems (currently only Linux); Chimera loads the library according to your machine environment (It looks system properties,
os.name
andos.arch
). - Simple usage. Add the chimera-(version).jar file to your classpath.
- Apache License Version 2.0. Free for both commercial and non-commercial use.
- Release version: http://central.maven.org/maven2/com/intel/chimera/chimera/
- Snapshot version (the latest beta version): https://oss.sonatype.org/content/repositories/snapshots/com/intel/chimera/chimera/
- Chimera is available from Maven's central repository: http://central.maven.org/maven2/com/intel/chimera/chimera
Add the following dependency to your pom.xml:
<dependency>
<groupId>com.intel.chimera</groupId>
<artifactId>chimera</artifactId>
<version>0.9.0</version>
<type>jar</type>
<scope>compile</scope>
</dependency>
libraryDependencies += "com.intel.chimera" % "chimera" % "0.9.0"
Properties properties = new Properties();
properties.setProperty("chimera.crypto.cipher.transformation", "AES/CTR/NoPadding");
properties.setProperty("chimera.crypto.cipher.classes", "com.intel.chimera.crypto.OpensslCipher");
Cipher cipher = Utils.getCipherInstance(properties);
byte[] key = new byte[16];
byte[] iv = new byte[16];
int bufferSize = 4096;
String input = "hello world!";
byte[] decryptedData = new byte[1024];
// Encrypt
ByteArrayOutputStream os = new ByteArrayOutputStream();
CryptoOutputStream cos = new CryptoOutputStream(os, cipher, bufferSize, key, iv);
cos.write(input.getBytes("UTF-8"));
cos.flush();
cos.close();
// Decrypt
CryptoInputStream cis = new CryptoInputStream(new ByteArrayInputStream(os.toByteArray()), cipher, bufferSize, key, iv);
int decryptedLen = cis.read(decryptedData, 0, 1024);
Currently, two ciphers are supported: JceCipher and OpensslCipher, you can configure which cipher to use as follows:
$ java -Dchimera.crypto.cipher.classes=com.intel.chimera.crypto.OpensslCipher Sample
$ java -Dchimera.crypto.cipher.classes=com.intel.chimera.crypto.JceCipher Sample
More detailed information about the configurations are as follows.
Property Name | Default | Meaning |
---|---|---|
chimera.crypto.cipher.transformation | AES/CTR/NoPadding | The value is identical to the transformations described in the Cipher section of the Java Cryptography Architecture Standard Algorithm Name Documentation. Currently only "AES/CTR/NoPadding" algorithm is supported. |
chimera.crypto.cipher.classes | com.intel.chimera.crypto.OpensslCipher, com.intel.chimera.crypto.JceCipher | Comma-separated list of cipher classes which implement cipher algorithm of "AES/CTR/NoPadding". A cipher implementation encapsulates the encryption and decryption details. The first available implementation appearing in this list will be used. |
Building from the source code is an option when your OS platform and CPU architecture is not supported. To build chimera, you need Git, JDK (1.6 or higher), g++ compiler (mingw in Windows) etc.
$ git clone https://github.com/intel-hadoop/chimera.git
$ cd chimera
$ mvn clean install
A file target/chimera-$(version).jar
is the product additionally containing the native library built for your platform.
gpg --gen-key # generate gpg public/private key pair gpg --list-keys # list available public/private key pairs gpg --keyserver hkp://pgp.mit.edu --send-keys [public key] # we use mit pgp server, you can also choose others
Set Sonatype account information (user name and password) in the global sbt settings [$HOME/.sbt/(sbt-version)/sonatype.sbt]. credentials += Credentials("Sonatype Nexus Repository Manager", "oss.sonatype.org", "(Sonatype user name)", "(Sonatype password)")
make clean; # clean up the environment make publishSigned; # publish your GPG-signed artifact to staging repository of Sonatype, related files will be uploaded to Sonatype server in this step make sonatypeRelease; # make a release. You can also make a release manually in the site of Sonatype [https://oss.sonatype.org].
chimera uses sbt (simple build tool for Scala) as a build tool. Here is a simple usage
$ ./sbt # enter sbt console
> ~test # run tests upon source code change
> ~test-only * # run tests that matches a given name pattern
> publishM2 # publish jar to $HOME/.m2/repository
> package # create jar file
For development related discussion, please go to dev google group. For issues or bugs, please file tickets through github.