public class KeystoreEncryptionSpi extends IgniteSpiAdapter implements EncryptionSpi
EncryptionSpi
,
KeystoreEncryptionKey
Modifier and Type | Field and Description |
---|---|
static String |
CIPHER_ALGO
Algorithm supported by implementation.
|
static int |
DEFAULT_KEY_SIZE
Default encryption key size;
|
static String |
DEFAULT_MASTER_KEY_NAME
Default key store entry name to store Encryption master key.
|
protected IgniteLogger |
log
Logger.
|
ignite, igniteInstanceName
Constructor and Description |
---|
KeystoreEncryptionSpi() |
Modifier and Type | Method and Description |
---|---|
int |
blockSize() |
KeystoreEncryptionKey |
create()
Creates new key for an encryption/decryption of cache persistent data: pages, WAL records.
|
byte[] |
decrypt(byte[] data,
Serializable key)
Decrypts data encrypted with
EncryptionSpi.encrypt(ByteBuffer, Serializable, ByteBuffer) |
KeystoreEncryptionKey |
decryptKey(byte[] key)
Decrypts key and checks it integrity.
|
KeystoreEncryptionKey |
decryptKey(byte[] data,
String masterKeyName)
Decrypts key and checks its integrity using the master key specified by name.
|
void |
decryptNoPadding(ByteBuffer data,
Serializable key,
ByteBuffer res)
Decrypts data encrypted with
EncryptionSpi.encryptNoPadding(ByteBuffer, Serializable, ByteBuffer) |
void |
encrypt(ByteBuffer data,
Serializable key,
ByteBuffer res)
Encrypts data.
|
int |
encryptedSize(int dataSize) |
int |
encryptedSizeNoPadding(int dataSize) |
byte[] |
encryptKey(Serializable key)
Encrypts key.
|
byte[] |
encryptKey(Serializable key,
String masterKeyName)
Encrypts a key with the master key specified by name.
|
void |
encryptNoPadding(ByteBuffer data,
Serializable key,
ByteBuffer res)
Encrypts data without padding info.
|
int |
getKeySize()
Gets encryption key size.
|
String |
getKeyStorePath()
Gets path to jdk keyStore that stores master key.
|
char[] |
getKeyStorePwd()
Gets key store password.
|
String |
getMasterKeyName()
Gets the current master key name.
|
byte[] |
masterKeyDigest()
Returns master key digest.
|
byte[] |
masterKeyDigest(String masterKeyName)
Returns master key digest by name.
|
void |
setKeySize(int keySize)
Sets encryption key size.
|
void |
setKeyStorePassword(char[] keyStorePassword)
Sets password to access KeyStore.
|
void |
setKeyStorePath(String keyStorePath)
Sets path to jdk keyStore that stores master key.
|
void |
setMasterKeyName(String masterKeyName)
Sets master key Name that will be used for keys encryption in
EncryptionSpi.encryptKey(Serializable) and EncryptionSpi.decryptKey(byte[]) methods and in the EncryptionSpi.masterKeyDigest() method. |
void |
spiStart(@Nullable String igniteInstanceName)
This method is called to start SPI.
|
void |
spiStop()
This method is called to stop SPI.
|
addTimeoutObject, assertParameter, checkConfigurationConsistency0, clientFailureDetectionTimeout, configInfo, createSpiAttributeName, failureDetectionTimeout, failureDetectionTimeoutEnabled, failureDetectionTimeoutEnabled, getConsistentAttributeNames, getExceptionRegistry, getLocalNode, getName, getNodeAttributes, getSpiContext, ignite, initFailureDetectionTimeout, injectables, injectResources, isNodeStopping, onBeforeStart, onClientDisconnected, onClientReconnected, onContextDestroyed, onContextDestroyed0, onContextInitialized, onContextInitialized0, registerMBean, removeTimeoutObject, setName, started, startInfo, startStopwatch, stopInfo, unregisterMBean
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
getName, getNodeAttributes, onClientDisconnected, onClientReconnected, onContextDestroyed, onContextInitialized
public static final String DEFAULT_MASTER_KEY_NAME
public static final String CIPHER_ALGO
public static final int DEFAULT_KEY_SIZE
@LoggerResource protected IgniteLogger log
public void spiStart(@Nullable @Nullable String igniteInstanceName) throws IgniteSpiException
spiStart
in interface IgniteSpi
igniteInstanceName
- Name of Ignite instance this SPI is being started for
(null
for default Ignite instance).IgniteSpiException
- Throws in case of any error during SPI start.public void spiStop() throws IgniteSpiException
Note that this method can be called at any point including during recovery of failed start. It should make no assumptions on what state SPI will be in when this method is called.
spiStop
in interface IgniteSpi
IgniteSpiException
- Thrown in case of any error during SPI stop.public byte[] masterKeyDigest()
masterKeyDigest
in interface EncryptionSpi
public byte[] masterKeyDigest(String masterKeyName)
masterKeyDigest
in interface EncryptionSpi
masterKeyName
- Master key name.public KeystoreEncryptionKey create() throws IgniteException
create
in interface EncryptionSpi
IgniteException
- If key creation failed.public void encrypt(ByteBuffer data, Serializable key, ByteBuffer res)
encrypt
in interface EncryptionSpi
data
- Data to encrypt.key
- Encryption key.res
- Destination buffer.public void encryptNoPadding(ByteBuffer data, Serializable key, ByteBuffer res)
encryptNoPadding
in interface EncryptionSpi
data
- Data to encrypt.key
- Encryption key.res
- Destination buffer.public byte[] decrypt(byte[] data, Serializable key)
EncryptionSpi.encrypt(ByteBuffer, Serializable, ByteBuffer)
decrypt
in interface EncryptionSpi
data
- Data to decrypt.key
- Encryption key.public void decryptNoPadding(ByteBuffer data, Serializable key, ByteBuffer res)
EncryptionSpi.encryptNoPadding(ByteBuffer, Serializable, ByteBuffer)
decryptNoPadding
in interface EncryptionSpi
data
- Data to decrypt.key
- Encryption key.public byte[] encryptKey(Serializable key)
encryptKey
in interface EncryptionSpi
key
- Key to encrypt.public byte[] encryptKey(Serializable key, String masterKeyName)
encryptKey
in interface EncryptionSpi
key
- Key to encrypt.masterKeyName
- Master key name.public KeystoreEncryptionKey decryptKey(byte[] key)
decryptKey
in interface EncryptionSpi
key
- Key to decrypt.public KeystoreEncryptionKey decryptKey(byte[] data, String masterKeyName)
decryptKey
in interface EncryptionSpi
data
- Key to decrypt.masterKeyName
- Master key name.public int encryptedSize(int dataSize)
encryptedSize
in interface EncryptionSpi
dataSize
- Size of plain data in bytes.public int encryptedSizeNoPadding(int dataSize)
encryptedSizeNoPadding
in interface EncryptionSpi
dataSize
- Size of plain data in bytes.public int blockSize()
blockSize
in interface EncryptionSpi
public String getMasterKeyName()
getMasterKeyName
in interface EncryptionSpi
EncryptionSpi.setMasterKeyName(String)
public void setMasterKeyName(String masterKeyName)
EncryptionSpi.encryptKey(Serializable)
and EncryptionSpi.decryptKey(byte[])
methods and in the EncryptionSpi.masterKeyDigest()
method.setMasterKeyName
in interface EncryptionSpi
masterKeyName
- Master key name.public String getKeyStorePath()
public void setKeyStorePath(String keyStorePath)
keyStorePath
- Path to JDK KeyStore.public char[] getKeyStorePwd()
public void setKeyStorePassword(char[] keyStorePassword)
keyStorePassword
- Password for Key Store.public int getKeySize()
public void setKeySize(int keySize)
keySize
- Key size.
GridGain In-Memory Computing Platform : ver. 8.9.14 Release Date : November 5 2024