Package com.hazelcast.config.replacer
Class AbstractPbeReplacer
java.lang.Object
com.hazelcast.config.replacer.AbstractPbeReplacer
- All Implemented Interfaces:
ConfigReplacer
- Direct Known Subclasses:
EncryptionReplacer
The common parent for
ConfigReplacer
implementations which allow to mask values by encrypting the value. This parent
class contains shared methods responsible for encryption/decryption. The implementing classes have to provide
getPassword()
implementation - the password will be used to generate a secret key.-
Field Summary
Modifier and TypeFieldDescriptionstatic final String
Default value for "cipherAlgorithm" property.static final String
Default value for "secretKeyFactoryAlgorithm" property.static final String
Replacer property name to configureCipher
algorithm name.static final String
Replacer property name to configure key length (in bits).static final String
Replacer property name to configure salt length (in bytes).static final String
Replacer property name to configureSecretKeySpec
algorithm name.static final String
Replacer property name to configureSecretKeyFactory
algorithm name.static final String
Replacer property name to configure Java Security provider name used forCipher
andSecretKeyFactory
selection. -
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionprotected String
Decrypts given encrypted variable.protected String
Encrypts given string with key generated fromgetPassword()
with given iteration count and return the masked value (to be used as the variable).protected abstract char[]
Provides password for a chosen SecretKeyFactory.getReplacement
(String variable) Provides String which should be used as a variable replacement for given masked value.void
init
(Properties properties) Initialization method called before first usage of the config replacer.Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Methods inherited from interface com.hazelcast.config.replacer.spi.ConfigReplacer
getPrefix
-
Field Details
-
PROPERTY_CIPHER_ALGORITHM
Replacer property name to configureCipher
algorithm name.- See Also:
-
PROPERTY_SECRET_KEY_FACTORY_ALGORITHM
Replacer property name to configureSecretKeyFactory
algorithm name.- See Also:
-
PROPERTY_SECRET_KEY_ALGORITHM
Replacer property name to configureSecretKeySpec
algorithm name.- See Also:
-
PROPERTY_KEY_LENGTH_BITS
Replacer property name to configure key length (in bits).- See Also:
-
PROPERTY_SALT_LENGTH_BYTES
Replacer property name to configure salt length (in bytes).- See Also:
-
PROPERTY_SECURITY_PROVIDER
Replacer property name to configure Java Security provider name used forCipher
andSecretKeyFactory
selection.- See Also:
-
DEFAULT_CIPHER_ALGORITHM
Default value for "cipherAlgorithm" property.- See Also:
-
DEFAULT_SECRET_KEY_FACTORY_ALGORITHM
Default value for "secretKeyFactoryAlgorithm" property.- See Also:
-
-
Constructor Details
-
AbstractPbeReplacer
public AbstractPbeReplacer()
-
-
Method Details
-
init
Description copied from interface:ConfigReplacer
Initialization method called before first usage of the config replacer.- Specified by:
init
in interfaceConfigReplacer
- Parameters:
properties
- properties configured (notnull
)
-
getPassword
protected abstract char[] getPassword()Provides password for a chosen SecretKeyFactory.- Returns:
- password must not be
null
or empty
-
getReplacement
Description copied from interface:ConfigReplacer
Provides String which should be used as a variable replacement for given masked value.- Specified by:
getReplacement
in interfaceConfigReplacer
- Parameters:
variable
- the masked value- Returns:
- either not
null
String to be used as a replacement for the variable; or null when this replacer is not able to handle the masked value.
-
encrypt
Encrypts given string with key generated fromgetPassword()
with given iteration count and return the masked value (to be used as the variable).- Parameters:
secretStr
- sensitive string to be protected by encryptioniterations
- iteration count- Returns:
- the encrypted value.
- Throws:
Exception
- in case of any exceptional case
-
decrypt
Decrypts given encrypted variable.- Parameters:
encryptedStr
- the encrypted value- Returns:
- the decrypted value
- Throws:
Exception
- in case of any exceptional case
-