Package org.nuxeo.ecm.core.blob
Class AESBlobStoreConfiguration
java.lang.Object
org.nuxeo.ecm.core.blob.PropertyBasedConfiguration
org.nuxeo.ecm.core.blob.AESBlobStoreConfiguration
Configuration for the AES-encrypted storage of files.
- Since:
- 11.1
-
Field Summary
Modifier and TypeFieldDescriptionprotected static final String
protected static final String
protected static final String
final String
final String
final String
final String
final String
final String
protected static final int
protected static final int
protected static final String
static final String
static final String
static final String
static final String
static final String
static final String
static final String
Iftrue
, use the insecure AES/CBC/PKCS5Padding for encryption.static final String
final boolean
final boolean
Fields inherited from class org.nuxeo.ecm.core.blob.PropertyBasedConfiguration
properties, systemPropertyPrefix
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionprotected Key
generateSecretKey
(byte[] salt) Generates an AES key from the password using PBKDF2.protected Cipher
protected AlgorithmParameterSpec
getParameterSpec
(byte[] iv) protected Key
Gets the AES key from the keystore.protected void
Methods inherited from class org.nuxeo.ecm.core.blob.PropertyBasedConfiguration
getBooleanProperty, getIntProperty, getIntProperty, getLongProperty, getProperty, getProperty
-
Field Details
-
AES
- See Also:
-
PBKDF2_WITH_HMAC_SHA1
- See Also:
-
PBKDF2_ITERATIONS
protected static final int PBKDF2_ITERATIONS- See Also:
-
PBKDF2_KEY_LENGTH
protected static final int PBKDF2_KEY_LENGTH- See Also:
-
AES_CBC_PKCS5_PADDING
- See Also:
-
AES_GCM_NOPADDING
- See Also:
-
PROP_COMPAT_KEY
- See Also:
-
PROP_PASSWORD
- See Also:
-
PROP_KEY_STORE_TYPE
- See Also:
-
PROP_KEY_STORE_FILE
- See Also:
-
PROP_KEY_STORE_PASSWORD
- See Also:
-
PROP_KEY_ALIAS
- See Also:
-
PROP_KEY_PASSWORD
- See Also:
-
PROP_KEY_USE_INSECURE_CIPHER
Iftrue
, use the insecure AES/CBC/PKCS5Padding for encryption. The default isfalse
, to use AES/GCM/NoPadding.- See Also:
-
usePBKDF2
public final boolean usePBKDF2 -
password
-
keyStoreType
-
keyStoreFile
-
keyStorePassword
-
keyAlias
-
keyPassword
-
useInsecureCipher
public final boolean useInsecureCipher
-
-
Constructor Details
-
AESBlobStoreConfiguration
- Throws:
IOException
-
-
Method Details
-
parseCompat
protected void parseCompat() -
generateSecretKey
Generates an AES key from the password using PBKDF2.- Parameters:
salt
- the salt- Throws:
GeneralSecurityException
-
getSecretKey
Gets the AES key from the keystore.- Throws:
GeneralSecurityException
IOException
-
getCipher
- Throws:
GeneralSecurityException
-
getParameterSpec
-