Module com.microsoft.sqlserver.jdbc
Package com.microsoft.sqlserver.jdbc
Class SQLServerColumnEncryptionCertificateStoreProvider
- java.lang.Object
-
- com.microsoft.sqlserver.jdbc.SQLServerColumnEncryptionKeyStoreProvider
-
- com.microsoft.sqlserver.jdbc.SQLServerColumnEncryptionCertificateStoreProvider
-
public final class SQLServerColumnEncryptionCertificateStoreProvider extends SQLServerColumnEncryptionKeyStoreProvider
Provides the implementation of the key store provider for the Windows Certificate Store. This class enables using keys stored in the Windows Certificate Store as column master keys.
-
-
Constructor Summary
Constructors Constructor Description SQLServerColumnEncryptionCertificateStoreProvider()Constructs a SQLServerColumnEncryptionCertificateStoreProvider.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description byte[]decryptColumnEncryptionKey(String masterKeyPath, String encryptionAlgorithm, byte[] encryptedColumnEncryptionKey)Decrypts the specified encrypted value of a column encryption key.byte[]encryptColumnEncryptionKey(String masterKeyPath, String encryptionAlgorithm, byte[] plainTextColumnEncryptionKey)Encrypts a column encryption key using the column master key with the specified key path and using the specified algorithm.StringgetName()Returns the name of this key store provider.voidsetName(String name)Sets the name of this key store provider.booleanverifyColumnMasterKeyMetadata(String masterKeyPath, boolean allowEnclaveComputations, byte[] signature)Verify the signature is valid for the column master key-
Methods inherited from class com.microsoft.sqlserver.jdbc.SQLServerColumnEncryptionKeyStoreProvider
getColumnEncryptionKeyCacheTtl, setColumnEncryptionCacheTtl
-
-
-
-
Method Detail
-
setName
public void setName(String name)
Description copied from class:SQLServerColumnEncryptionKeyStoreProviderSets the name of this key store provider.- Specified by:
setNamein classSQLServerColumnEncryptionKeyStoreProvider- Parameters:
name- value to be set for the key store provider.
-
getName
public String getName()
Description copied from class:SQLServerColumnEncryptionKeyStoreProviderReturns the name of this key store provider.- Specified by:
getNamein classSQLServerColumnEncryptionKeyStoreProvider- Returns:
- the name of this key store provider.
-
encryptColumnEncryptionKey
public byte[] encryptColumnEncryptionKey(String masterKeyPath, String encryptionAlgorithm, byte[] plainTextColumnEncryptionKey) throws SQLServerException
Description copied from class:SQLServerColumnEncryptionKeyStoreProviderEncrypts a column encryption key using the column master key with the specified key path and using the specified algorithm.- Specified by:
encryptColumnEncryptionKeyin classSQLServerColumnEncryptionKeyStoreProvider- Parameters:
masterKeyPath- The column master key path.encryptionAlgorithm- the specific encryption algorithm.plainTextColumnEncryptionKey- column encryption key to be encrypted.- Returns:
- the encrypted column encryption key.
- Throws:
SQLServerException- when an error occurs while encrypting the CEK
-
decryptColumnEncryptionKey
public byte[] decryptColumnEncryptionKey(String masterKeyPath, String encryptionAlgorithm, byte[] encryptedColumnEncryptionKey) throws SQLServerException
Description copied from class:SQLServerColumnEncryptionKeyStoreProviderDecrypts the specified encrypted value of a column encryption key. The encrypted value is expected to be encrypted using the column master key with the specified key path and using the specified algorithm.- Specified by:
decryptColumnEncryptionKeyin classSQLServerColumnEncryptionKeyStoreProvider- Parameters:
masterKeyPath- The column master key path.encryptionAlgorithm- the specific encryption algorithm.encryptedColumnEncryptionKey- the encrypted column encryption key- Returns:
- the decrypted value of column encryption key.
- Throws:
SQLServerException- when an error occurs while decrypting the CEK
-
verifyColumnMasterKeyMetadata
public boolean verifyColumnMasterKeyMetadata(String masterKeyPath, boolean allowEnclaveComputations, byte[] signature) throws SQLServerException
Description copied from class:SQLServerColumnEncryptionKeyStoreProviderVerify the signature is valid for the column master key- Specified by:
verifyColumnMasterKeyMetadatain classSQLServerColumnEncryptionKeyStoreProvider- Parameters:
masterKeyPath- column master key pathallowEnclaveComputations- indicates whether the column master key supports enclave computationssignature- signature of the column master key metadata- Returns:
- whether the signature is valid for the column master key
- Throws:
SQLServerException- when an error occurs while verifying the signature
-
-