Package com.microsoft.sqlserver.jdbc
Class SQLServerColumnEncryptionCertificateStoreProvider
java.lang.Object
com.microsoft.sqlserver.jdbc.SQLServerColumnEncryptionKeyStoreProvider
com.microsoft.sqlserver.jdbc.SQLServerColumnEncryptionCertificateStoreProvider
public final class SQLServerColumnEncryptionCertificateStoreProvider
extends SQLServerColumnEncryptionKeyStoreProvider
Provides the implementation of the key store provider for the Windows Certificate Store. This class enables using
keys stored in the Windows Certificate Store as column master keys.
-
Constructor Summary
ConstructorDescriptionConstructs a SQLServerColumnEncryptionCertificateStoreProvider. -
Method Summary
Modifier and TypeMethodDescriptionbyte[]
decryptColumnEncryptionKey
(String masterKeyPath, String encryptionAlgorithm, byte[] encryptedColumnEncryptionKey) Decrypts the specified encrypted value of a column encryption key.byte[]
encryptColumnEncryptionKey
(String masterKeyPath, String encryptionAlgorithm, byte[] plainTextColumnEncryptionKey) Encrypts a column encryption key using the column master key with the specified key path and using the specified algorithm.getName()
Returns the name of this key store provider.void
Sets the name of this key store provider.boolean
verifyColumnMasterKeyMetadata
(String masterKeyPath, boolean allowEnclaveComputations, byte[] signature) Verify the signature is valid for the column master keyMethods inherited from class com.microsoft.sqlserver.jdbc.SQLServerColumnEncryptionKeyStoreProvider
getColumnEncryptionKeyCacheTtl, setColumnEncryptionCacheTtl
-
Constructor Details
-
SQLServerColumnEncryptionCertificateStoreProvider
public SQLServerColumnEncryptionCertificateStoreProvider()Constructs a SQLServerColumnEncryptionCertificateStoreProvider.
-
-
Method Details
-
setName
Description copied from class:SQLServerColumnEncryptionKeyStoreProvider
Sets the name of this key store provider.- Specified by:
setName
in classSQLServerColumnEncryptionKeyStoreProvider
- Parameters:
name
- value to be set for the key store provider.
-
getName
Description copied from class:SQLServerColumnEncryptionKeyStoreProvider
Returns the name of this key store provider.- Specified by:
getName
in classSQLServerColumnEncryptionKeyStoreProvider
- Returns:
- the name of this key store provider.
-
encryptColumnEncryptionKey
public byte[] encryptColumnEncryptionKey(String masterKeyPath, String encryptionAlgorithm, byte[] plainTextColumnEncryptionKey) throws SQLServerException Description copied from class:SQLServerColumnEncryptionKeyStoreProvider
Encrypts a column encryption key using the column master key with the specified key path and using the specified algorithm.- Specified by:
encryptColumnEncryptionKey
in classSQLServerColumnEncryptionKeyStoreProvider
- Parameters:
masterKeyPath
- The column master key path.encryptionAlgorithm
- the specific encryption algorithm.plainTextColumnEncryptionKey
- column encryption key to be encrypted.- Returns:
- the encrypted column encryption key.
- Throws:
SQLServerException
- when an error occurs while encrypting the CEK
-
decryptColumnEncryptionKey
public byte[] decryptColumnEncryptionKey(String masterKeyPath, String encryptionAlgorithm, byte[] encryptedColumnEncryptionKey) throws SQLServerException Description copied from class:SQLServerColumnEncryptionKeyStoreProvider
Decrypts the specified encrypted value of a column encryption key. The encrypted value is expected to be encrypted using the column master key with the specified key path and using the specified algorithm.- Specified by:
decryptColumnEncryptionKey
in classSQLServerColumnEncryptionKeyStoreProvider
- Parameters:
masterKeyPath
- The column master key path.encryptionAlgorithm
- the specific encryption algorithm.encryptedColumnEncryptionKey
- the encrypted column encryption key- Returns:
- the decrypted value of column encryption key.
- Throws:
SQLServerException
- when an error occurs while decrypting the CEK
-
verifyColumnMasterKeyMetadata
public boolean verifyColumnMasterKeyMetadata(String masterKeyPath, boolean allowEnclaveComputations, byte[] signature) throws SQLServerException Description copied from class:SQLServerColumnEncryptionKeyStoreProvider
Verify the signature is valid for the column master key- Specified by:
verifyColumnMasterKeyMetadata
in classSQLServerColumnEncryptionKeyStoreProvider
- Parameters:
masterKeyPath
- column master key pathallowEnclaveComputations
- indicates whether the column master key supports enclave computationssignature
- signature of the column master key metadata- Returns:
- whether the signature is valid for the column master key
- Throws:
SQLServerException
- when an error occurs while verifying the signature
-