Package com.hazelcast.config.replacer

Class AbstractPbeReplacer

java.lang.Object

com.hazelcast.config.replacer.AbstractPbeReplacer

All Implemented Interfaces:

ConfigReplacer

Direct Known Subclasses:

EncryptionReplacer

public abstract class AbstractPbeReplacer
extends Object
implements ConfigReplacer

The common parent for ConfigReplacer implementations which allow to mask values by encrypting the value. This parent class contains shared methods responsible for encryption/decryption. The implementing classes have to provide getPassword() implementation - the password will be used to generate a secret key.

Field Summary

Fields

Modifier and Type	Field	Description
static final String	DEFAULT_CIPHER_ALGORITHM	Default value for "cipherAlgorithm" property.
static final String	DEFAULT_SECRET_KEY_FACTORY_ALGORITHM	Default value for "secretKeyFactoryAlgorithm" property.
static final String	PROPERTY_CIPHER_ALGORITHM	Replacer property name to configure Cipher algorithm name.
static final String	PROPERTY_KEY_LENGTH_BITS	Replacer property name to configure key length (in bits).
static final String	PROPERTY_SALT_LENGTH_BYTES	Replacer property name to configure salt length (in bytes).
static final String	PROPERTY_SECRET_KEY_ALGORITHM	Replacer property name to configure SecretKeySpec algorithm name.
static final String	PROPERTY_SECRET_KEY_FACTORY_ALGORITHM	Replacer property name to configure SecretKeyFactory algorithm name.
static final String	PROPERTY_SECURITY_PROVIDER	Replacer property name to configure Java Security provider name used for Cipher and SecretKeyFactory selection.

Constructor Summary

Constructors

Constructor	Description
AbstractPbeReplacer()

Method Summary

Modifier and Type	Method	Description
protected String	decrypt(String encryptedStr)	Decrypts given encrypted variable.
protected String	encrypt(String secretStr, int iterations)	Encrypts given string with key generated from getPassword() with given iteration count and return the masked value (to be used as the variable).
protected abstract char[]	getPassword()	Provides password for a chosen SecretKeyFactory.
String	getReplacement(String variable)	Provides String which should be used as a variable replacement for given masked value.
void	init(Properties properties)	Initialization method called before first usage of the config replacer.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface com.hazelcast.config.replacer.spi.ConfigReplacer

getPrefix

Field Details

PROPERTY_CIPHER_ALGORITHM

public static final String PROPERTY_CIPHER_ALGORITHM

Replacer property name to configure Cipher algorithm name.

See Also:

• Constant Field Values

PROPERTY_SECRET_KEY_FACTORY_ALGORITHM

public static final String PROPERTY_SECRET_KEY_FACTORY_ALGORITHM

Replacer property name to configure SecretKeyFactory algorithm name.

See Also:

• Constant Field Values

PROPERTY_SECRET_KEY_ALGORITHM

public static final String PROPERTY_SECRET_KEY_ALGORITHM

Replacer property name to configure SecretKeySpec algorithm name.

See Also:

• Constant Field Values

PROPERTY_KEY_LENGTH_BITS

public static final String PROPERTY_KEY_LENGTH_BITS

Replacer property name to configure key length (in bits).

See Also:

• Constant Field Values

PROPERTY_SALT_LENGTH_BYTES

public static final String PROPERTY_SALT_LENGTH_BYTES

Replacer property name to configure salt length (in bytes).

See Also:

• Constant Field Values

PROPERTY_SECURITY_PROVIDER

public static final String PROPERTY_SECURITY_PROVIDER

Replacer property name to configure Java Security provider name used for Cipher and SecretKeyFactory selection.

See Also:

• Constant Field Values

DEFAULT_CIPHER_ALGORITHM

public static final String DEFAULT_CIPHER_ALGORITHM

Default value for "cipherAlgorithm" property.

See Also:

• Constant Field Values

DEFAULT_SECRET_KEY_FACTORY_ALGORITHM

public static final String DEFAULT_SECRET_KEY_FACTORY_ALGORITHM

Default value for "secretKeyFactoryAlgorithm" property.

See Also:

• Constant Field Values

Constructor Details

AbstractPbeReplacer

public AbstractPbeReplacer()

Method Details

init

public void init(Properties properties)

Description copied from interface: ConfigReplacer

Initialization method called before first usage of the config replacer.

Specified by:

init in interface ConfigReplacer

Parameters:

properties - properties configured (not null)

getPassword

protected abstract char[] getPassword()

Provides password for a chosen SecretKeyFactory.

Returns:

password must not be null or empty

getReplacement

public String getReplacement(String variable)

Description copied from interface: ConfigReplacer

Provides String which should be used as a variable replacement for given masked value.

Specified by:

getReplacement in interface ConfigReplacer

Parameters:

variable - the masked value

Returns:

either not null String to be used as a replacement for the variable; or null when this replacer is not able to handle the masked value.

encrypt

protected String encrypt(String secretStr,
 int iterations)
                  throws Exception

Encrypts given string with key generated from getPassword() with given iteration count and return the masked value (to be used as the variable).

Parameters:

secretStr - sensitive string to be protected by encryption

iterations - iteration count

Returns:

the encrypted value.

Throws:

Exception - in case of any exceptional case

decrypt

protected String decrypt(String encryptedStr)
                  throws Exception

Decrypts given encrypted variable.

Parameters:

encryptedStr - the encrypted value

Returns:

the decrypted value

Throws:

Exception - in case of any exceptional case