Package com.google.gerrit.server.securestore

Class SecureStore

java.lang.Object
com.google.gerrit.server.securestore.SecureStore
Direct Known Subclasses:
DefaultSecureStore
public abstract class SecureStore extends Object
Abstract class for providing new SecureStore implementation for Gerrit.

SecureStore is responsible for storing sensitive data like passwords in a secure manner.

It is implementator's responsibility to encrypt and store values.

To deploy new SecureStore one needs to provide a jar file with explicitly one class that extends SecureStore and put it in Gerrit server. Then run:

`java -jar gerrit.war SwitchSecureStore -d $gerrit_site --new-secure-store-lib $path_to_new_secure_store.jar`

on stopped Gerrit instance.

  • Constructor Details

    • SecureStore

      public SecureStore()

  • Method Details

    • get

      public final String get(String section, String subsection, String name)
      Extract decrypted value of stored property from SecureStore or null when property was not found.
      Returns:
      decrypted String value or null if not found

    • getForPlugin

      public final String getForPlugin(String pluginName, String section, String subsection, String name)
      Extract decrypted value of stored plugin config property from SecureStore or null when property was not found.
      Returns:
      decrypted String value or null if not found

    • getListForPlugin

      public abstract String[] getListForPlugin(String pluginName, String section, String subsection, String name)
      Extract list of plugin config values from SecureStore and decrypt every value in that list, or null when property was not found.
      Returns:
      decrypted list of string values or null

    • getList

      public abstract String[] getList(String section, String subsection, String name)
      Extract list of values from SecureStore and decrypt every value in that list or null when property was not found.
      Returns:
      decrypted list of string values or null

    • set

      public final void set(String section, String subsection, String name, String value)
      Store single value in SecureStore.

      This method is responsible for encrypting value and storing it.

      Parameters:
      value - plain text value

    • setList

      public abstract void setList(String section, String subsection, String name, List<String> values)
      Store list of values in SecureStore.

      This method is responsible for encrypting all values in the list and storing them.

      Parameters:
      values - list of plain text values

    • unset

      public abstract void unset(String section, String subsection, String name)
      Remove value for given section, subsection and name from SecureStore.

    • list

      public abstract Iterable<SecureStore.EntryKey> list()
      Returns list of stored entries.

    • isOutdated

      public abstract boolean isOutdated()
      Returns true if currently loaded values are outdated

    • reload

      public abstract void reload()
      Reload the values