public abstract class AbstractPbeReplacer extends Object implements ConfigReplacer
ConfigReplacer
implementations which allow to mask values by encrypting the value. This parent
class contains shared methods responsible for encryption/decryption. The implementing classes have to provide
getPassword()
implementation - the password will be used to generate a secret key.Modifier and Type | Field and Description |
---|---|
static String |
DEFAULT_CIPHER_ALGORITHM
Default value for "cipherAlgorithm" property.
|
static String |
DEFAULT_SECRET_KEY_FACTORY_ALGORITHM
Default value for "secretKeyFactoryAlgorithm" property.
|
static String |
PROPERTY_CIPHER_ALGORITHM
Replacer property name to configure
Cipher algorithm name. |
static String |
PROPERTY_KEY_LENGTH_BITS
Replacer property name to configure key length (in bits).
|
static String |
PROPERTY_SALT_LENGTH_BYTES
Replacer property name to configure salt length (in bytes).
|
static String |
PROPERTY_SECRET_KEY_ALGORITHM
Replacer property name to configure
SecretKeySpec algorithm name. |
static String |
PROPERTY_SECRET_KEY_FACTORY_ALGORITHM
Replacer property name to configure
SecretKeyFactory algorithm name. |
static String |
PROPERTY_SECURITY_PROVIDER
Replacer property name to configure Java Security provider name used for
Cipher and SecretKeyFactory
selection. |
Constructor and Description |
---|
AbstractPbeReplacer() |
Modifier and Type | Method and Description |
---|---|
protected String |
decrypt(String encryptedStr)
Decrypts given encrypted variable.
|
protected String |
encrypt(String secretStr,
int iterations)
Encrypts given string with key generated from
getPassword() with given iteration count and return the masked
value (to be used as the variable). |
protected abstract char[] |
getPassword()
Provides password for a chosen SecretKeyFactory.
|
String |
getReplacement(String variable)
Provides String which should be used as a variable replacement for given masked value.
|
void |
init(Properties properties)
Initialization method called before first usage of the config replacer.
|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
getPrefix
public static final String PROPERTY_CIPHER_ALGORITHM
Cipher
algorithm name.public static final String PROPERTY_SECRET_KEY_FACTORY_ALGORITHM
SecretKeyFactory
algorithm name.public static final String PROPERTY_SECRET_KEY_ALGORITHM
SecretKeySpec
algorithm name.public static final String PROPERTY_KEY_LENGTH_BITS
public static final String PROPERTY_SALT_LENGTH_BYTES
public static final String PROPERTY_SECURITY_PROVIDER
Cipher
and SecretKeyFactory
selection.public static final String DEFAULT_CIPHER_ALGORITHM
public static final String DEFAULT_SECRET_KEY_FACTORY_ALGORITHM
public void init(Properties properties)
ConfigReplacer
init
in interface ConfigReplacer
properties
- properties configured (not null
)protected abstract char[] getPassword()
null
or emptypublic String getReplacement(String variable)
ConfigReplacer
getReplacement
in interface ConfigReplacer
variable
- the masked valuenull
String to be used as a replacement for the variable; or null when this replacer is not
able to handle the masked value.protected String encrypt(String secretStr, int iterations) throws Exception
getPassword()
with given iteration count and return the masked
value (to be used as the variable).secretStr
- sensitive string to be protected by encryptioniterations
- iteration countException
Copyright © 2020 Hazelcast, Inc.. All Rights Reserved.