Package com.microsoft.sqlserver.jdbc
Class SQLServerColumnEncryptionJavaKeyStoreProvider
- java.lang.Object
-
- com.microsoft.sqlserver.jdbc.SQLServerColumnEncryptionKeyStoreProvider
-
- com.microsoft.sqlserver.jdbc.SQLServerColumnEncryptionJavaKeyStoreProvider
-
public class SQLServerColumnEncryptionJavaKeyStoreProvider extends SQLServerColumnEncryptionKeyStoreProvider
Provides the implementation of the key store provider for Java Key Store. This class enables using certificates stored in the Java keystore as column master keys.
-
-
Constructor Summary
Constructors Constructor Description SQLServerColumnEncryptionJavaKeyStoreProvider(String keyStoreLocation, char[] keyStoreSecret)Constructs a SQLServerColumnEncryptionJavaKeyStoreProvider for the Java Key Store.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description byte[]decryptColumnEncryptionKey(String masterKeyPath, String encryptionAlgorithm, byte[] encryptedColumnEncryptionKey)Decrypts the specified encrypted value of a column encryption key.byte[]encryptColumnEncryptionKey(String masterKeyPath, String encryptionAlgorithm, byte[] plainTextColumnEncryptionKey)Encrypts a column encryption key using the column master key with the specified key path and using the specified algorithm.StringgetName()Returns the name of this key store provider.voidsetName(String name)Sets the name of this key store provider.byte[]signColumnMasterKeyMetadata(String masterKeyPath, boolean allowEnclaveComputations)Sign column master key metadatabooleanverifyColumnMasterKeyMetadata(String masterKeyPath, boolean allowEnclaveComputations, byte[] signature)Verify the signature is valid for the column master key-
Methods inherited from class com.microsoft.sqlserver.jdbc.SQLServerColumnEncryptionKeyStoreProvider
getColumnEncryptionKeyCacheTtl, setColumnEncryptionCacheTtl
-
-
-
-
Constructor Detail
-
SQLServerColumnEncryptionJavaKeyStoreProvider
public SQLServerColumnEncryptionJavaKeyStoreProvider(String keyStoreLocation, char[] keyStoreSecret) throws SQLServerException
Constructs a SQLServerColumnEncryptionJavaKeyStoreProvider for the Java Key Store.- Parameters:
keyStoreLocation- specifies the location of the keystorekeyStoreSecret- specifies the secret used for keystore- Throws:
SQLServerException- when an error occurs
-
-
Method Detail
-
setName
public void setName(String name)
Description copied from class:SQLServerColumnEncryptionKeyStoreProviderSets the name of this key store provider.- Specified by:
setNamein classSQLServerColumnEncryptionKeyStoreProvider- Parameters:
name- value to be set for the key store provider.
-
getName
public String getName()
Description copied from class:SQLServerColumnEncryptionKeyStoreProviderReturns the name of this key store provider.- Specified by:
getNamein classSQLServerColumnEncryptionKeyStoreProvider- Returns:
- the name of this key store provider.
-
decryptColumnEncryptionKey
public byte[] decryptColumnEncryptionKey(String masterKeyPath, String encryptionAlgorithm, byte[] encryptedColumnEncryptionKey) throws SQLServerException
Description copied from class:SQLServerColumnEncryptionKeyStoreProviderDecrypts the specified encrypted value of a column encryption key. The encrypted value is expected to be encrypted using the column master key with the specified key path and using the specified algorithm.- Specified by:
decryptColumnEncryptionKeyin classSQLServerColumnEncryptionKeyStoreProvider- Parameters:
masterKeyPath- The column master key path.encryptionAlgorithm- the specific encryption algorithm.encryptedColumnEncryptionKey- the encrypted column encryption key- Returns:
- the decrypted value of column encryption key.
- Throws:
SQLServerException- when an error occurs while decrypting the CEK
-
verifyColumnMasterKeyMetadata
public boolean verifyColumnMasterKeyMetadata(String masterKeyPath, boolean allowEnclaveComputations, byte[] signature) throws SQLServerException
Description copied from class:SQLServerColumnEncryptionKeyStoreProviderVerify the signature is valid for the column master key- Specified by:
verifyColumnMasterKeyMetadatain classSQLServerColumnEncryptionKeyStoreProvider- Parameters:
masterKeyPath- column master key pathallowEnclaveComputations- indicates whether the column master key supports enclave computationssignature- signature of the column master key metadata- Returns:
- whether the signature is valid for the column master key
- Throws:
SQLServerException- when an error occurs while verifying the signature
-
signColumnMasterKeyMetadata
public byte[] signColumnMasterKeyMetadata(String masterKeyPath, boolean allowEnclaveComputations) throws SQLServerException
Sign column master key metadata- Parameters:
masterKeyPath- master key pathallowEnclaveComputations- flag whether to allow enclave computations- Returns:
- column master key metadata
- Throws:
SQLServerException- when an error occurs
-
encryptColumnEncryptionKey
public byte[] encryptColumnEncryptionKey(String masterKeyPath, String encryptionAlgorithm, byte[] plainTextColumnEncryptionKey) throws SQLServerException
Description copied from class:SQLServerColumnEncryptionKeyStoreProviderEncrypts a column encryption key using the column master key with the specified key path and using the specified algorithm.- Specified by:
encryptColumnEncryptionKeyin classSQLServerColumnEncryptionKeyStoreProvider- Parameters:
masterKeyPath- The column master key path.encryptionAlgorithm- the specific encryption algorithm.plainTextColumnEncryptionKey- column encryption key to be encrypted.- Returns:
- the encrypted column encryption key.
- Throws:
SQLServerException- when an error occurs while encrypting the CEK
-
-