Package io.axoniq.dataprotection.cryptoengine

Class JdbcCryptoEngine

  • All Implemented Interfaces:
    CryptoEngine
    public class JdbcCryptoEngine
extends DatabaseBackedCryptoEngine
    JDBC-based implementation of the CryptoEngine interface, included for users who wish to store keys in a relational database but do not wish to use JPA.

    • Constructor Detail

      • JdbcCryptoEngine

        public JdbcCryptoEngine​(DataSource dataSource,
                        String tableName,
                        String keyIdColumnName,
                        String keyDataColumnName)
        Constructs a new JdbcCryptoEngine.
        Parameters:
        dataSource - the DataSource
        tableName - the SQL name table in which keys will be stored
        keyIdColumnName - the SQL name of the column in which the key id will be stored
        keyDataColumnName - the SQL name of the column in which the key data will be stored

      • JdbcCryptoEngine

        public JdbcCryptoEngine​(DataSource dataSource,
                        String tableName)
        Constructs a new JdbcCryptoEngine, using "id" as the SQL name of the key id column, and "secret_key" as the SQL name of the key data column.
        Parameters:
        dataSource - the DataSource
        tableName - the SQL name table in which keys will be stored

      • JdbcCryptoEngine

        public JdbcCryptoEngine​(DataSource dataSource)
        Constructs a new JdbcCryptoEngine, using "id" as the SQL name of the key id column, "secret_key" as the SQL name of the key data column, and "data_protection_keys" as the SQL name of the table.
        Parameters:
        dataSource - the DataSource

    • Method Detail

      • getTableName

        protected String getTableName()
        Returns the SQL name of the table as configured during construction.
        Returns:
        the name

      • getKeyIdColumnName

        protected String getKeyIdColumnName()
        Returns the SQL name of the key id column as configured during construction.
        Returns:
        the name

      • getKeyDataColumnName

        protected String getKeyDataColumnName()
        Returns the SQL name of the key data column as configured during construction.
        Returns:
        the name

      • getCreateTableStatement

        public String getCreateTableStatement()
        Returns a DDL statement to create the table for key storage, using the SQL names that have been configured. This is never executed automatically by the module. It is purely here to facilitate developer who need to create the table automatically, e.g. for automatic tests.

        This statement uses VARCHAR(255) as the data type for the columns, since this will work universally across SQL databases. Please note that for MS SQL Server, you may wish to either use sendStringParametersAsUnicode=false, or change this to NVARCHAR, to avoid a performance hit on the primary key index.

        Returns:
        the CREATE TABLE statement
        See Also:
        SQL Server Customer Advisory Team

      • getSelectStatement

        protected String getSelectStatement()
        Generates the SELECT statement to retrieve the key data based on the key id:

        SELECT [key data column] FROM [key table] WHERE [key id column] = ?

        Returns:
        the SELECT statement

      • getInsertStatement

        protected String getInsertStatement()
        Generates the INSERT statement to store a key:

        INSERT INTO [key table]([key id column], [key data column]) VALUES (?, ?)

        Returns:
        the INSERT statement

      • getDeleteStatement

        protected String getDeleteStatement()
        Generates the DELETE statement to remove a key:

        DELETE FROM [key table] WHERE [key id column] = ?

        Returns:
        the DELETE statement

      • getKey

        public SecretKey getKey​(String id)
        Description copied from interface: CryptoEngine
        Retrieves the key for a given id.
        Parameters:
        id - the id of the SecretKey
        Returns:
        the existing SecretKey associated with the id, or null if no such key exists

      • deleteKey

        public void deleteKey​(String id)
        Description copied from interface: CryptoEngine
        Deletes the key for a given id. Does nothing if the key doesn't exist.
        Parameters:
        id - the id of the SecretKey