Package com.microsoft.sqlserver.jdbc
Class SQLServerColumnEncryptionKeyStoreProvider
- java.lang.Object
- 
- com.microsoft.sqlserver.jdbc.SQLServerColumnEncryptionKeyStoreProvider
 
- 
- Direct Known Subclasses:
- SQLServerColumnEncryptionAzureKeyVaultProvider,- SQLServerColumnEncryptionCertificateStoreProvider,- SQLServerColumnEncryptionJavaKeyStoreProvider
 
 public abstract class SQLServerColumnEncryptionKeyStoreProvider extends Object Defines the abstract class for a SQL Server Column Encryption key store provider Extend this class to implement a custom key store provider.
- 
- 
Constructor SummaryConstructors Constructor Description SQLServerColumnEncryptionKeyStoreProvider()default constructor
 - 
Method SummaryAll Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description abstract byte[]decryptColumnEncryptionKey(String masterKeyPath, String encryptionAlgorithm, byte[] encryptedColumnEncryptionKey)Decrypts the specified encrypted value of a column encryption key.abstract byte[]encryptColumnEncryptionKey(String masterKeyPath, String encryptionAlgorithm, byte[] columnEncryptionKey)Encrypts a column encryption key using the column master key with the specified key path and using the specified algorithm.DurationgetColumnEncryptionKeyCacheTtl()Returns the time-to-live for items in the cache of column encryption keys, as implemented in the key store provider.abstract StringgetName()Returns the name of this key store provider.voidsetColumnEncryptionCacheTtl(Duration duration)Sets the the time-to-live for items in the cache of column encryption keys in the key store provider.abstract voidsetName(String name)Sets the name of this key store provider.abstract booleanverifyColumnMasterKeyMetadata(String masterKeyPath, boolean allowEnclaveComputations, byte[] signature)Verify the signature is valid for the column master key
 
- 
- 
- 
Method Detail- 
setNamepublic abstract void setName(String name) Sets the name of this key store provider.- Parameters:
- name- value to be set for the key store provider.
 
 - 
getNamepublic abstract String getName() Returns the name of this key store provider.- Returns:
- the name of this key store provider.
 
 - 
decryptColumnEncryptionKeypublic abstract byte[] decryptColumnEncryptionKey(String masterKeyPath, String encryptionAlgorithm, byte[] encryptedColumnEncryptionKey) throws SQLServerException Decrypts the specified encrypted value of a column encryption key. The encrypted value is expected to be encrypted using the column master key with the specified key path and using the specified algorithm.- Parameters:
- masterKeyPath- The column master key path.
- encryptionAlgorithm- the specific encryption algorithm.
- encryptedColumnEncryptionKey- the encrypted column encryption key
- Returns:
- the decrypted value of column encryption key.
- Throws:
- SQLServerException- when an error occurs while decrypting the CEK
 
 - 
encryptColumnEncryptionKeypublic abstract byte[] encryptColumnEncryptionKey(String masterKeyPath, String encryptionAlgorithm, byte[] columnEncryptionKey) throws SQLServerException Encrypts a column encryption key using the column master key with the specified key path and using the specified algorithm.- Parameters:
- masterKeyPath- The column master key path.
- encryptionAlgorithm- the specific encryption algorithm.
- columnEncryptionKey- column encryption key to be encrypted.
- Returns:
- the encrypted column encryption key.
- Throws:
- SQLServerException- when an error occurs while encrypting the CEK
 
 - 
verifyColumnMasterKeyMetadatapublic abstract boolean verifyColumnMasterKeyMetadata(String masterKeyPath, boolean allowEnclaveComputations, byte[] signature) throws SQLServerException Verify the signature is valid for the column master key- Parameters:
- masterKeyPath- column master key path
- allowEnclaveComputations- indicates whether the column master key supports enclave computations
- signature- signature of the column master key metadata
- Returns:
- whether the signature is valid for the column master key
- Throws:
- SQLServerException- when an error occurs while verifying the signature
 
 - 
getColumnEncryptionKeyCacheTtlpublic Duration getColumnEncryptionKeyCacheTtl() Returns the time-to-live for items in the cache of column encryption keys, as implemented in the key store provider.- Returns:
- the time-to-live for items in the cache.
 
 - 
setColumnEncryptionCacheTtlpublic void setColumnEncryptionCacheTtl(Duration duration) Sets the the time-to-live for items in the cache of column encryption keys in the key store provider.- Parameters:
- duration- value to be set for the time-to-live for items in the cache in the key store provider.
 
 
- 
 
-