Package com.hazelcast.config.replacer
Class AbstractPbeReplacer
java.lang.Object
com.hazelcast.config.replacer.AbstractPbeReplacer
- All Implemented Interfaces:
ConfigReplacer
- Direct Known Subclasses:
EncryptionReplacer
public abstract class AbstractPbeReplacer extends Object implements ConfigReplacer
The common parent for
ConfigReplacer
implementations which allow to mask values by encrypting the value. This parent
class contains shared methods responsible for encryption/decryption. The implementing classes have to provide
getPassword()
implementation - the password will be used to generate a secret key.-
Field Summary
Fields Modifier and Type Field Description static String
DEFAULT_CIPHER_ALGORITHM
Default value for "cipherAlgorithm" property.static String
DEFAULT_SECRET_KEY_FACTORY_ALGORITHM
Default value for "secretKeyFactoryAlgorithm" property.static String
PROPERTY_CIPHER_ALGORITHM
Replacer property name to configureCipher
algorithm name.static String
PROPERTY_KEY_LENGTH_BITS
Replacer property name to configure key length (in bits).static String
PROPERTY_SALT_LENGTH_BYTES
Replacer property name to configure salt length (in bytes).static String
PROPERTY_SECRET_KEY_ALGORITHM
Replacer property name to configureSecretKeySpec
algorithm name.static String
PROPERTY_SECRET_KEY_FACTORY_ALGORITHM
Replacer property name to configureSecretKeyFactory
algorithm name.static String
PROPERTY_SECURITY_PROVIDER
Replacer property name to configure Java Security provider name used forCipher
andSecretKeyFactory
selection. -
Constructor Summary
Constructors Constructor Description AbstractPbeReplacer()
-
Method Summary
Modifier and Type Method Description protected String
decrypt(String encryptedStr)
Decrypts given encrypted variable.protected String
encrypt(String secretStr, int iterations)
Encrypts given string with key generated fromgetPassword()
with given iteration count and return the masked value (to be used as the variable).protected abstract char[]
getPassword()
Provides password for a chosen SecretKeyFactory.String
getReplacement(String variable)
Provides String which should be used as a variable replacement for given masked value.void
init(Properties properties)
Initialization method called before first usage of the config replacer.
-
Field Details
-
PROPERTY_CIPHER_ALGORITHM
Replacer property name to configureCipher
algorithm name.- See Also:
- Constant Field Values
-
PROPERTY_SECRET_KEY_FACTORY_ALGORITHM
Replacer property name to configureSecretKeyFactory
algorithm name.- See Also:
- Constant Field Values
-
PROPERTY_SECRET_KEY_ALGORITHM
Replacer property name to configureSecretKeySpec
algorithm name.- See Also:
- Constant Field Values
-
PROPERTY_KEY_LENGTH_BITS
Replacer property name to configure key length (in bits).- See Also:
- Constant Field Values
-
PROPERTY_SALT_LENGTH_BYTES
Replacer property name to configure salt length (in bytes).- See Also:
- Constant Field Values
-
PROPERTY_SECURITY_PROVIDER
Replacer property name to configure Java Security provider name used forCipher
andSecretKeyFactory
selection.- See Also:
- Constant Field Values
-
DEFAULT_CIPHER_ALGORITHM
Default value for "cipherAlgorithm" property.- See Also:
- Constant Field Values
-
DEFAULT_SECRET_KEY_FACTORY_ALGORITHM
Default value for "secretKeyFactoryAlgorithm" property.- See Also:
- Constant Field Values
-
-
Constructor Details
-
AbstractPbeReplacer
public AbstractPbeReplacer()
-
-
Method Details
-
init
Description copied from interface:ConfigReplacer
Initialization method called before first usage of the config replacer.- Specified by:
init
in interfaceConfigReplacer
- Parameters:
properties
- properties configured (notnull
)
-
getPassword
protected abstract char[] getPassword()Provides password for a chosen SecretKeyFactory.- Returns:
- password must not be
null
or empty
-
getReplacement
Description copied from interface:ConfigReplacer
Provides String which should be used as a variable replacement for given masked value.- Specified by:
getReplacement
in interfaceConfigReplacer
- Parameters:
variable
- the masked value- Returns:
- either not
null
String to be used as a replacement for the variable; or null when this replacer is not able to handle the masked value.
-
encrypt
Encrypts given string with key generated fromgetPassword()
with given iteration count and return the masked value (to be used as the variable).- Parameters:
secretStr
- sensitive string to be protected by encryptioniterations
- iteration count- Returns:
- the encrypted value.
- Throws:
Exception
- in case of any exceptional case
-
decrypt
Decrypts given encrypted variable.- Parameters:
encryptedStr
- the encrypted value- Returns:
- the decrypted value
- Throws:
Exception
- in case of any exceptional case
-