Class KeystoreEncryptionSpi
- java.lang.Object
- 
- org.apache.ignite.spi.IgniteSpiAdapter
- 
- org.apache.ignite.spi.encryption.keystore.KeystoreEncryptionSpi
 
 
- 
- All Implemented Interfaces:
- EncryptionSpi,- IgniteSpi
 
 public class KeystoreEncryptionSpi extends IgniteSpiAdapter implements EncryptionSpi EncryptionSPI implementation base on JDK provided cipher algorithm implementations.- See Also:
- EncryptionSpi,- KeystoreEncryptionKey
 
- 
- 
Field SummaryFields Modifier and Type Field Description static StringCIPHER_ALGOAlgorithm supported by implementation.static intDEFAULT_KEY_SIZEDefault encryption key size;static StringDEFAULT_MASTER_KEY_NAMEDefault key store entry name to store Encryption master key.protected IgniteLoggerlogLogger.- 
Fields inherited from class org.apache.ignite.spi.IgniteSpiAdapterignite, igniteInstanceName
 
- 
 - 
Constructor SummaryConstructors Constructor Description KeystoreEncryptionSpi()
 - 
Method SummaryAll Methods Instance Methods Concrete Methods Modifier and Type Method Description intblockSize()KeystoreEncryptionKeycreate()Creates new key for an encryption/decryption of cache persistent data: pages, WAL records.byte[]decrypt(byte[] data, Serializable key)Decrypts data encrypted withEncryptionSpi.encrypt(ByteBuffer, Serializable, ByteBuffer)KeystoreEncryptionKeydecryptKey(byte[] key)Decrypts key and checks it integrity.KeystoreEncryptionKeydecryptKey(byte[] data, String masterKeyName)Decrypts key and checks its integrity using the master key specified by name.voiddecryptNoPadding(ByteBuffer data, Serializable key, ByteBuffer res)Decrypts data encrypted withEncryptionSpi.encryptNoPadding(ByteBuffer, Serializable, ByteBuffer)voidencrypt(ByteBuffer data, Serializable key, ByteBuffer res)Encrypts data.intencryptedSize(int dataSize)intencryptedSizeNoPadding(int dataSize)byte[]encryptKey(Serializable key)Encrypts key.byte[]encryptKey(Serializable key, String masterKeyName)Encrypts a key with the master key specified by name.voidencryptNoPadding(ByteBuffer data, Serializable key, ByteBuffer res)Encrypts data without padding info.intgetKeySize()Gets encryption key size.StringgetKeyStorePath()Gets path to jdk keyStore that stores master key.char[]getKeyStorePwd()Gets key store password.StringgetMasterKeyName()Gets the current master key name.byte[]masterKeyDigest()Returns master key digest.byte[]masterKeyDigest(String masterKeyName)Returns master key digest by name.voidsetKeySize(int keySize)Sets encryption key size.voidsetKeyStorePassword(char[] keyStorePassword)Sets password to access KeyStore.voidsetKeyStorePath(String keyStorePath)Sets path to jdk keyStore that stores master key.voidsetMasterKeyName(String masterKeyName)Sets master key Name that will be used for keys encryption inEncryptionSpi.encryptKey(Serializable)andEncryptionSpi.decryptKey(byte[])methods and in theEncryptionSpi.masterKeyDigest()method.voidspiStart(@Nullable String igniteInstanceName)This method is called to start SPI.voidspiStop()This method is called to stop SPI.- 
Methods inherited from class org.apache.ignite.spi.IgniteSpiAdapteraddTimeoutObject, assertParameter, checkConfigurationConsistency0, clientFailureDetectionTimeout, configInfo, createSpiAttributeName, failureDetectionTimeout, failureDetectionTimeoutEnabled, failureDetectionTimeoutEnabled, getConsistentAttributeNames, getExceptionRegistry, getLocalNode, getName, getNodeAttributes, getSpiContext, ignite, initFailureDetectionTimeout, injectables, injectResources, isNodeStopping, onBeforeStart, onClientDisconnected, onClientReconnected, onContextDestroyed, onContextDestroyed0, onContextInitialized, onContextInitialized0, registerMBean, removeTimeoutObject, setName, started, startInfo, startStopwatch, stopInfo, unregisterMBean
 - 
Methods inherited from class java.lang.Objectclone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 - 
Methods inherited from interface org.apache.ignite.spi.IgniteSpigetName, getNodeAttributes, onClientDisconnected, onClientReconnected, onContextDestroyed, onContextInitialized
 
- 
 
- 
- 
- 
Field Detail- 
DEFAULT_MASTER_KEY_NAMEpublic static final String DEFAULT_MASTER_KEY_NAME Default key store entry name to store Encryption master key.- See Also:
- Constant Field Values
 
 - 
CIPHER_ALGOpublic static final String CIPHER_ALGO Algorithm supported by implementation.- See Also:
- Constant Field Values
 
 - 
DEFAULT_KEY_SIZEpublic static final int DEFAULT_KEY_SIZE Default encryption key size;- See Also:
- Constant Field Values
 
 - 
log@LoggerResource protected IgniteLogger log Logger.
 
- 
 - 
Method Detail- 
spiStartpublic void spiStart(@Nullable @Nullable String igniteInstanceName) throws IgniteSpiExceptionThis method is called to start SPI. After this method returns successfully kernel assumes that SPI is fully operational.- Specified by:
- spiStartin interface- IgniteSpi
- Parameters:
- igniteInstanceName- Name of Ignite instance this SPI is being started for (- nullfor default Ignite instance).
- Throws:
- IgniteSpiException- Throws in case of any error during SPI start.
 
 - 
spiStoppublic void spiStop() throws IgniteSpiExceptionThis method is called to stop SPI. After this method returns kernel assumes that this SPI is finished and all resources acquired by it are released.Note that this method can be called at any point including during recovery of failed start. It should make no assumptions on what state SPI will be in when this method is called. - Specified by:
- spiStopin interface- IgniteSpi
- Throws:
- IgniteSpiException- Thrown in case of any error during SPI stop.
 
 - 
masterKeyDigestpublic byte[] masterKeyDigest() Returns master key digest. Should always return same digest for a same key. Digest used for a configuration consistency check.- Specified by:
- masterKeyDigestin interface- EncryptionSpi
- Returns:
- Master key digest.
 
 - 
masterKeyDigestpublic byte[] masterKeyDigest(String masterKeyName) Returns master key digest by name. Should always return same digest for a same key. Digest used for a configuration consistency check.- Specified by:
- masterKeyDigestin interface- EncryptionSpi
- Parameters:
- masterKeyName- Master key name.
- Returns:
- Master key digest.
 
 - 
createpublic KeystoreEncryptionKey create() throws IgniteException Creates new key for an encryption/decryption of cache persistent data: pages, WAL records.- Specified by:
- createin interface- EncryptionSpi
- Returns:
- Newly created encryption key.
- Throws:
- IgniteException- If key creation failed.
 
 - 
encryptpublic void encrypt(ByteBuffer data, Serializable key, ByteBuffer res) Encrypts data.- Specified by:
- encryptin interface- EncryptionSpi
- Parameters:
- data- Data to encrypt.
- key- Encryption key.
- res- Destination buffer.
 
 - 
encryptNoPaddingpublic void encryptNoPadding(ByteBuffer data, Serializable key, ByteBuffer res) Encrypts data without padding info.- Specified by:
- encryptNoPaddingin interface- EncryptionSpi
- Parameters:
- data- Data to encrypt.
- key- Encryption key.
- res- Destination buffer.
 
 - 
decryptpublic byte[] decrypt(byte[] data, Serializable key)Decrypts data encrypted withEncryptionSpi.encrypt(ByteBuffer, Serializable, ByteBuffer)- Specified by:
- decryptin interface- EncryptionSpi
- Parameters:
- data- Data to decrypt.
- key- Encryption key.
- Returns:
- Encrypted data.
 
 - 
decryptNoPaddingpublic void decryptNoPadding(ByteBuffer data, Serializable key, ByteBuffer res) Decrypts data encrypted withEncryptionSpi.encryptNoPadding(ByteBuffer, Serializable, ByteBuffer)- Specified by:
- decryptNoPaddingin interface- EncryptionSpi
- Parameters:
- data- Data to decrypt.
- key- Encryption key.
- res- Destination of the decrypted data.
 
 - 
encryptKeypublic byte[] encryptKey(Serializable key) Encrypts key. Adds some info to check key integrity on decryption.- Specified by:
- encryptKeyin interface- EncryptionSpi
- Parameters:
- key- Key to encrypt.
- Returns:
- Encrypted key.
 
 - 
encryptKeypublic byte[] encryptKey(Serializable key, String masterKeyName) Encrypts a key with the master key specified by name. Adds some info to check key integrity on decryption.- Specified by:
- encryptKeyin interface- EncryptionSpi
- Parameters:
- key- Key to encrypt.
- masterKeyName- Master key name.
- Returns:
- Encrypted key.
 
 - 
decryptKeypublic KeystoreEncryptionKey decryptKey(byte[] key) Decrypts key and checks it integrity.- Specified by:
- decryptKeyin interface- EncryptionSpi
- Parameters:
- key- Key to decrypt.
- Returns:
- Encrypted key.
 
 - 
decryptKeypublic KeystoreEncryptionKey decryptKey(byte[] data, String masterKeyName) Decrypts key and checks its integrity using the master key specified by name.- Specified by:
- decryptKeyin interface- EncryptionSpi
- Parameters:
- data- Key to decrypt.
- masterKeyName- Master key name.
- Returns:
- Encrypted key.
 
 - 
encryptedSizepublic int encryptedSize(int dataSize) - Specified by:
- encryptedSizein interface- EncryptionSpi
- Parameters:
- dataSize- Size of plain data in bytes.
- Returns:
- Size of encrypted data in bytes for padding encryption mode.
 
 - 
encryptedSizeNoPaddingpublic int encryptedSizeNoPadding(int dataSize) - Specified by:
- encryptedSizeNoPaddingin interface- EncryptionSpi
- Parameters:
- dataSize- Size of plain data in bytes.
- Returns:
- Size of encrypted data in bytes for nopadding encryption mode.
 
 - 
blockSizepublic int blockSize() - Specified by:
- blockSizein interface- EncryptionSpi
- Returns:
- Encrypted data block size.
 
 - 
getMasterKeyNamepublic String getMasterKeyName() Gets the current master key name.- Specified by:
- getMasterKeyNamein interface- EncryptionSpi
- Returns:
- Master key name.
- See Also:
- EncryptionSpi.setMasterKeyName(String)
 
 - 
setMasterKeyNamepublic void setMasterKeyName(String masterKeyName) Sets master key Name that will be used for keys encryption inEncryptionSpi.encryptKey(Serializable)andEncryptionSpi.decryptKey(byte[])methods and in theEncryptionSpi.masterKeyDigest()method.- Specified by:
- setMasterKeyNamein interface- EncryptionSpi
- Parameters:
- masterKeyName- Master key name.
 
 - 
getKeyStorePathpublic String getKeyStorePath() Gets path to jdk keyStore that stores master key.- Returns:
- Key store path.
 
 - 
setKeyStorePathpublic void setKeyStorePath(String keyStorePath) Sets path to jdk keyStore that stores master key.- Parameters:
- keyStorePath- Path to JDK KeyStore.
 
 - 
getKeyStorePwdpublic char[] getKeyStorePwd() Gets key store password.- Returns:
- Key store password.
 
 - 
setKeyStorePasswordpublic void setKeyStorePassword(char[] keyStorePassword) Sets password to access KeyStore.- Parameters:
- keyStorePassword- Password for Key Store.
 
 - 
getKeySizepublic int getKeySize() Gets encryption key size.- Returns:
- Encryption key size.
 
 - 
setKeySizepublic void setKeySize(int keySize) Sets encryption key size.- Parameters:
- keySize- Key size.
 
 
- 
 
-