Module com.microsoft.sqlserver.jdbc
Package com.microsoft.sqlserver.jdbc
Class SQLServerColumnEncryptionKeyStoreProvider
java.lang.Object
com.microsoft.sqlserver.jdbc.SQLServerColumnEncryptionKeyStoreProvider
- Direct Known Subclasses:
SQLServerColumnEncryptionAzureKeyVaultProvider,SQLServerColumnEncryptionCertificateStoreProvider,SQLServerColumnEncryptionJavaKeyStoreProvider
public abstract class SQLServerColumnEncryptionKeyStoreProvider
extends java.lang.Object
Defines the abtract class for a SQL Server Column Encryption key store provider Extend this class to implement a
custom key store provider.
-
Constructor Summary
Constructors Constructor Description SQLServerColumnEncryptionKeyStoreProvider() -
Method Summary
Modifier and Type Method Description abstract byte[]decryptColumnEncryptionKey(java.lang.String masterKeyPath, java.lang.String encryptionAlgorithm, byte[] encryptedColumnEncryptionKey)Decrypts the specified encrypted value of a column encryption key.abstract byte[]encryptColumnEncryptionKey(java.lang.String masterKeyPath, java.lang.String encryptionAlgorithm, byte[] columnEncryptionKey)Encrypts a column encryption key using the column master key with the specified key path and using the specified algorithm.abstract java.lang.StringgetName()Returns the name of this key store provider.abstract voidsetName(java.lang.String name)Sets the name of this key store provider.abstract booleanverifyColumnMasterKeyMetadata(java.lang.String masterKeyPath, boolean allowEnclaveComputations, byte[] signature)Verify the signature is valid for the column master keyMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Constructor Details
-
SQLServerColumnEncryptionKeyStoreProvider
public SQLServerColumnEncryptionKeyStoreProvider()
-
-
Method Details
-
setName
public abstract void setName(java.lang.String name)Sets the name of this key store provider.- Parameters:
name- value to be set for the key store provider.
-
getName
public abstract java.lang.String getName()Returns the name of this key store provider.- Returns:
- the name of this key store provider.
-
decryptColumnEncryptionKey
public abstract byte[] decryptColumnEncryptionKey(java.lang.String masterKeyPath, java.lang.String encryptionAlgorithm, byte[] encryptedColumnEncryptionKey) throws SQLServerExceptionDecrypts the specified encrypted value of a column encryption key. The encrypted value is expected to be encrypted using the column master key with the specified key path and using the specified algorithm.- Parameters:
masterKeyPath- The column master key path.encryptionAlgorithm- the specific encryption algorithm.encryptedColumnEncryptionKey- the encrypted column encryption key- Returns:
- the decrypted value of column encryption key.
- Throws:
SQLServerException- when an error occurs while decrypting the CEK
-
encryptColumnEncryptionKey
public abstract byte[] encryptColumnEncryptionKey(java.lang.String masterKeyPath, java.lang.String encryptionAlgorithm, byte[] columnEncryptionKey) throws SQLServerExceptionEncrypts a column encryption key using the column master key with the specified key path and using the specified algorithm.- Parameters:
masterKeyPath- The column master key path.encryptionAlgorithm- the specific encryption algorithm.columnEncryptionKey- column encryption key to be encrypted.- Returns:
- the encrypted column encryption key.
- Throws:
SQLServerException- when an error occurs while encrypting the CEK
-
verifyColumnMasterKeyMetadata
public abstract boolean verifyColumnMasterKeyMetadata(java.lang.String masterKeyPath, boolean allowEnclaveComputations, byte[] signature) throws SQLServerExceptionVerify the signature is valid for the column master key- Parameters:
masterKeyPath- column master key pathallowEnclaveComputations- indicates whether the column master key supports enclave computationssignature- signature of the column master key metadata- Returns:
- whether the signature is valid for the column master key
- Throws:
SQLServerException- when an error occurs while verifying the signature
-