Package org.apache.ignite.spi.encryption.keystore

Class KeystoreEncryptionSpi

    • Constructor Detail

      • KeystoreEncryptionSpi

        public KeystoreEncryptionSpi()

    • Method Detail

      • spiStart

        public void spiStart​(@Nullable
                     @Nullable String igniteInstanceName)
              throws IgniteSpiException
        This method is called to start SPI. After this method returns successfully kernel assumes that SPI is fully operational.
        Specified by:
        spiStart in interface IgniteSpi
        Parameters:
        igniteInstanceName - Name of Ignite instance this SPI is being started for (null for default Ignite instance).
        Throws:
        IgniteSpiException - Throws in case of any error during SPI start.

      • spiStop

        public void spiStop()
             throws IgniteSpiException
        This method is called to stop SPI. After this method returns kernel assumes that this SPI is finished and all resources acquired by it are released.

        Note that this method can be called at any point including during recovery of failed start. It should make no assumptions on what state SPI will be in when this method is called.

        Specified by:
        spiStop in interface IgniteSpi
        Throws:
        IgniteSpiException - Thrown in case of any error during SPI stop.

      • masterKeyDigest

        public byte[] masterKeyDigest()
        Returns master key digest. Should always return same digest for a same key. Digest used for a configuration consistency check.
        Specified by:
        masterKeyDigest in interface EncryptionSpi
        Returns:
        Master key digest.

      • masterKeyDigest

        public byte[] masterKeyDigest​(String masterKeyName)
        Returns master key digest by name. Should always return same digest for a same key. Digest used for a configuration consistency check.
        Specified by:
        masterKeyDigest in interface EncryptionSpi
        Parameters:
        masterKeyName - Master key name.
        Returns:
        Master key digest.

      • encryptKey

        public byte[] encryptKey​(Serializable key)
        Encrypts key. Adds some info to check key integrity on decryption.
        Specified by:
        encryptKey in interface EncryptionSpi
        Parameters:
        key - Key to encrypt.
        Returns:
        Encrypted key.

      • encryptKey

        public byte[] encryptKey​(Serializable key,
                         String masterKeyName)
        Encrypts a key with the master key specified by name. Adds some info to check key integrity on decryption.
        Specified by:
        encryptKey in interface EncryptionSpi
        Parameters:
        key - Key to encrypt.
        masterKeyName - Master key name.
        Returns:
        Encrypted key.

      • decryptKey

        public KeystoreEncryptionKey decryptKey​(byte[] key)
        Decrypts key and checks it integrity.
        Specified by:
        decryptKey in interface EncryptionSpi
        Parameters:
        key - Key to decrypt.
        Returns:
        Encrypted key.

      • decryptKey

        public KeystoreEncryptionKey decryptKey​(byte[] data,
                                        String masterKeyName)
        Decrypts key and checks its integrity using the master key specified by name.
        Specified by:
        decryptKey in interface EncryptionSpi
        Parameters:
        data - Key to decrypt.
        masterKeyName - Master key name.
        Returns:
        Encrypted key.

      • encryptedSize

        public int encryptedSize​(int dataSize)
        Specified by:
        encryptedSize in interface EncryptionSpi
        Parameters:
        dataSize - Size of plain data in bytes.
        Returns:
        Size of encrypted data in bytes for padding encryption mode.

      • encryptedSizeNoPadding

        public int encryptedSizeNoPadding​(int dataSize)
        Specified by:
        encryptedSizeNoPadding in interface EncryptionSpi
        Parameters:
        dataSize - Size of plain data in bytes.
        Returns:
        Size of encrypted data in bytes for nopadding encryption mode.

      • blockSize

        public int blockSize()
        Specified by:
        blockSize in interface EncryptionSpi
        Returns:
        Encrypted data block size.

      • getKeyStorePath

        public String getKeyStorePath()
        Gets path to jdk keyStore that stores master key.
        Returns:
        Key store path.

      • setKeyStorePath

        public void setKeyStorePath​(String keyStorePath)
        Sets path to jdk keyStore that stores master key.
        Parameters:
        keyStorePath - Path to JDK KeyStore.

      • getKeyStorePwd

        public char[] getKeyStorePwd()
        Gets key store password.
        Returns:
        Key store password.

      • setKeyStorePassword

        public void setKeyStorePassword​(char[] keyStorePassword)
        Sets password to access KeyStore.
        Parameters:
        keyStorePassword - Password for Key Store.

      • getKeySize

        public int getKeySize()
        Gets encryption key size.
        Returns:
        Encryption key size.

      • setKeySize

        public void setKeySize​(int keySize)
        Sets encryption key size.
        Parameters:
        keySize - Key size.