Package org.apache.ignite.spi.encryption
Interface EncryptionSpi
-
- All Superinterfaces:
IgniteSpi
- All Known Implementing Classes:
KeystoreEncryptionSpi
,NoopEncryptionSpi
public interface EncryptionSpi extends IgniteSpi
SPI provides encryption features for an Ignite.
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description int
blockSize()
Serializable
create()
Creates new key for an encryption/decryption of cache persistent data: pages, WAL records.byte[]
decrypt(byte[] data, Serializable key)
Decrypts data encrypted withencrypt(ByteBuffer, Serializable, ByteBuffer)
Serializable
decryptKey(byte[] key)
Decrypts key and checks it integrity.Serializable
decryptKey(byte[] key, String masterKeyName)
Decrypts key and checks its integrity using the master key specified by name.void
decryptNoPadding(ByteBuffer data, Serializable key, ByteBuffer res)
Decrypts data encrypted withencryptNoPadding(ByteBuffer, Serializable, ByteBuffer)
void
encrypt(ByteBuffer data, Serializable key, ByteBuffer res)
Encrypts data.int
encryptedSize(int dataSize)
int
encryptedSizeNoPadding(int dataSize)
byte[]
encryptKey(Serializable key)
Encrypts key.byte[]
encryptKey(Serializable key, String masterKeyName)
Encrypts a key with the master key specified by name.void
encryptNoPadding(ByteBuffer data, Serializable key, ByteBuffer res)
Encrypts data without padding info.String
getMasterKeyName()
Gets the current master key name.byte[]
masterKeyDigest()
Returns master key digest.byte[]
masterKeyDigest(String masterKeyName)
Returns master key digest by name.void
setMasterKeyName(String masterKeyName)
Sets master key Name that will be used for keys encryption inencryptKey(Serializable)
anddecryptKey(byte[])
methods and in themasterKeyDigest()
method.-
Methods inherited from interface org.apache.ignite.spi.IgniteSpi
getName, getNodeAttributes, onClientDisconnected, onClientReconnected, onContextDestroyed, onContextInitialized, spiStart, spiStop
-
-
-
-
Method Detail
-
masterKeyDigest
byte[] masterKeyDigest()
Returns master key digest. Should always return same digest for a same key. Digest used for a configuration consistency check.- Returns:
- Master key digest.
-
masterKeyDigest
byte[] masterKeyDigest(String masterKeyName)
Returns master key digest by name. Should always return same digest for a same key. Digest used for a configuration consistency check.- Parameters:
masterKeyName
- Master key name.- Returns:
- Master key digest.
-
create
Serializable create() throws IgniteException
Creates new key for an encryption/decryption of cache persistent data: pages, WAL records.- Returns:
- Newly created encryption key.
- Throws:
IgniteException
- If key creation failed.
-
encrypt
void encrypt(ByteBuffer data, Serializable key, ByteBuffer res)
Encrypts data.- Parameters:
data
- Data to encrypt.key
- Encryption key.res
- Destination buffer.
-
encryptNoPadding
void encryptNoPadding(ByteBuffer data, Serializable key, ByteBuffer res)
Encrypts data without padding info.- Parameters:
data
- Data to encrypt.key
- Encryption key.res
- Destination buffer.
-
decrypt
byte[] decrypt(byte[] data, Serializable key)
Decrypts data encrypted withencrypt(ByteBuffer, Serializable, ByteBuffer)
- Parameters:
data
- Data to decrypt.key
- Encryption key.- Returns:
- Encrypted data.
-
decryptNoPadding
void decryptNoPadding(ByteBuffer data, Serializable key, ByteBuffer res)
Decrypts data encrypted withencryptNoPadding(ByteBuffer, Serializable, ByteBuffer)
- Parameters:
data
- Data to decrypt.key
- Encryption key.res
- Destination of the decrypted data.
-
encryptKey
byte[] encryptKey(Serializable key)
Encrypts key. Adds some info to check key integrity on decryption.- Parameters:
key
- Key to encrypt.- Returns:
- Encrypted key.
-
encryptKey
byte[] encryptKey(Serializable key, String masterKeyName)
Encrypts a key with the master key specified by name. Adds some info to check key integrity on decryption.- Parameters:
key
- Key to encrypt.masterKeyName
- Master key name.- Returns:
- Encrypted key.
-
decryptKey
Serializable decryptKey(byte[] key)
Decrypts key and checks it integrity.- Parameters:
key
- Key to decrypt.- Returns:
- Encrypted key.
-
decryptKey
Serializable decryptKey(byte[] key, String masterKeyName)
Decrypts key and checks its integrity using the master key specified by name.- Parameters:
key
- Key to decrypt.masterKeyName
- Master key name.- Returns:
- Encrypted key.
-
encryptedSize
int encryptedSize(int dataSize)
- Parameters:
dataSize
- Size of plain data in bytes.- Returns:
- Size of encrypted data in bytes for padding encryption mode.
-
encryptedSizeNoPadding
int encryptedSizeNoPadding(int dataSize)
- Parameters:
dataSize
- Size of plain data in bytes.- Returns:
- Size of encrypted data in bytes for nopadding encryption mode.
-
blockSize
int blockSize()
- Returns:
- Encrypted data block size.
-
getMasterKeyName
String getMasterKeyName()
Gets the current master key name.- Returns:
- Master key name.
- See Also:
setMasterKeyName(String)
-
setMasterKeyName
void setMasterKeyName(String masterKeyName) throws IgniteSpiException
Sets master key Name that will be used for keys encryption inencryptKey(Serializable)
anddecryptKey(byte[])
methods and in themasterKeyDigest()
method.- Parameters:
masterKeyName
- Master key name.- Throws:
IgniteSpiException
- In case of error.
-
-