|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.apache.hadoop.hbase.io.crypto.KeyStoreKeyProvider
@InterfaceAudience.Public @InterfaceStability.Unstable public class KeyStoreKeyProvider
A basic KeyProvider that can resolve keys from a protected KeyStore file on the local filesystem. It is configured with a URI passed in as a String to init(). The URI should have the form:
scheme://path?option1=value1&option2=value2
scheme can be either "jks" or "jceks", specifying the file based providers shipped with every JRE. The latter is the certificate store for the SunJCE cryptography extension, or PKCS #12, and is capable of storing SecretKeys.
path is the location of the keystore in the filesystem namespace.
Options can be specified as query parameters.
If the store was created with a password, the password can be specified using the option 'password'.
For example:
jceks:///var/tmp/example.ks?password=foobar
It is assumed that all keys in the store are protected with the same password.
Alternatively, a properties file can be specified containing passwords for keys in the keystore.
jceks:///var/tmp/example.ks?passwordFile=/var/tmp/example.pw
Subclasses for supporting KeyStores that are not file based can extend the protected methods of this class to specify the appropriate LoadStoreParameters.
Field Summary | |
---|---|
protected char[] |
password
|
protected Properties |
passwordFile
|
protected KeyStore |
store
|
Fields inherited from interface org.apache.hadoop.hbase.io.crypto.KeyProvider |
---|
PASSWORD, PASSWORDFILE |
Constructor Summary | |
---|---|
KeyStoreKeyProvider()
|
Method Summary | |
---|---|
protected char[] |
getAliasPassword(String alias)
|
Key |
getKey(String alias)
Retrieve the key for a given key aliase |
Key[] |
getKeys(String[] aliases)
Retrieve keys for a given set of key aliases |
void |
init(String params)
Initialize the key provider |
protected void |
load(URI uri)
|
protected void |
processParameter(String name,
String value)
|
protected void |
processParameters(URI uri)
|
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
protected KeyStore store
protected char[] password
protected Properties passwordFile
Constructor Detail |
---|
public KeyStoreKeyProvider()
Method Detail |
---|
protected void processParameter(String name, String value) throws IOException
IOException
protected void processParameters(URI uri) throws IOException
IOException
protected void load(URI uri) throws IOException
IOException
public void init(String params)
KeyProvider
init
in interface KeyProvider
protected char[] getAliasPassword(String alias)
public Key getKey(String alias)
KeyProvider
getKey
in interface KeyProvider
public Key[] getKeys(String[] aliases)
KeyProvider
getKeys
in interface KeyProvider
aliases
- an array of aliases
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |