Class KeyStoreKeyProvider
- All Implemented Interfaces:
KeyProvider
scheme://path?option1=value1&option2=value2
scheme can be either "jks" or "jceks", specifying the file based providers shipped with every JRE. The latter is the certificate store for the SunJCE cryptography extension, or PKCS #12, and is capable of storing SecretKeys.
path is the location of the keystore in the filesystem namespace.
Options can be specified as query parameters.
If the store was created with a password, the password can be specified using the option 'password'.
For example:
jceks:///var/tmp/example.ks?password=foobar
It is assumed that all keys in the store are protected with the same password.
Alternatively, a properties file can be specified containing passwords for keys in the keystore.
jceks:///var/tmp/example.ks?passwordFile=/var/tmp/example.pw
Subclasses for supporting KeyStores that are not file based can extend the protected methods of this class to specify the appropriate LoadStoreParameters.
-
Field Summary
Fields inherited from interface org.apache.hadoop.hbase.io.crypto.KeyProvider
PASSWORD, PASSWORDFILE
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionprotected char[]
getAliasPassword
(String alias) Retrieve the key for a given key aliaseKey[]
Retrieve keys for a given set of key aliasesvoid
Initialize the key providerprotected void
protected void
processParameter
(String name, String value) protected void
processParameters
(URI uri)
-
Field Details
-
store
-
password
-
passwordFile
-
-
Constructor Details
-
KeyStoreKeyProvider
public KeyStoreKeyProvider()
-
-
Method Details
-
processParameter
- Throws:
IOException
-
processParameters
- Throws:
IOException
-
load
- Throws:
IOException
-
init
Description copied from interface:KeyProvider
Initialize the key provider- Specified by:
init
in interfaceKeyProvider
-
getAliasPassword
-
getKey
Description copied from interface:KeyProvider
Retrieve the key for a given key aliase- Specified by:
getKey
in interfaceKeyProvider
- Returns:
- the keys corresponding to the supplied alias, or null if a key is not found
-
getKeys
Description copied from interface:KeyProvider
Retrieve keys for a given set of key aliases- Specified by:
getKeys
in interfaceKeyProvider
- Parameters:
aliases
- an array of aliases- Returns:
- an array of keys corresponding to the supplied aliases, an entry will be null if a key is not found
-