public class SYM_ENCRYPT extends EncryptBase
The secret key is identical for all cluster members and is injected into this protocol at startup, e.g. by reading it from a keystore. Messages are sent by encrypting them with the secret key and received by decrypting them with the secret key. Note that all cluster members must be shipped with the same keystore file
This protocol is typically placed under NAKACK2
, so that most important
headers are encrypted as well, to prevent replay attacks.
A possible configuration looks like this:
<SYM_ENCRYPT key_store_name="defaultStore.keystore" store_password="changeit" alias="myKey"/>
In order to use SYM_ENCRYPT layer in this manner, it is necessary to have the secret key already generated in a
keystore file. The directory containing the keystore file must be on the application's classpath. You cannot create a
secret key keystore file using the keytool application shipped with the JDK. A java file called KeyStoreGenerator is
included in the demo package that can be used from the command line (or IDE) to generate a suitable keystore.
EncryptBase.Decrypter
Modifier and Type | Field and Description |
---|---|
protected java.lang.String |
alias |
protected java.lang.String |
key_password |
protected java.lang.String |
keystore_name |
protected java.lang.String |
keystore_type |
protected java.lang.String |
store_password |
asym_algorithm, asym_keylength, cipher_pool_size, decoding_ciphers, DEFAULT_SYM_ALGO, encoding_ciphers, encrypt_entire_message, key_map, key_map_max_size, local_addr, provider, secret_key, sign_msgs, sym_algorithm, sym_keylength, sym_version, use_adler, view
after_creation_hook, down_prot, ergonomics, id, log, name, stack, stats, up_prot
Constructor and Description |
---|
SYM_ENCRYPT() |
Modifier and Type | Method and Description |
---|---|
java.lang.String |
alias() |
SYM_ENCRYPT |
alias(java.lang.String a) |
void |
init()
Called after instance has been created (null constructor) and before protocol is started.
|
java.lang.String |
keystoreName() |
SYM_ENCRYPT |
keystoreName(java.lang.String n) |
protected void |
readSecretKeyFromKeystore()
Initialisation if a supplied key is defined in the properties.
|
java.lang.String |
storePassword() |
SYM_ENCRYPT |
storePassword(java.lang.String pwd) |
_decrypt, adler, adler, asymAlgorithm, asymAlgorithm, asymKeylength, asymKeylength, code, computeChecksum, createChecksummer, createCipher, decryptChecksum, decryptMessage, down, encryptAndSend, encryptChecksum, encryptEntireMessage, encryptEntireMessage, getAlgorithm, handleEncryptedMessage, handleUnknownVersion, handleUpEvent, handleUpMessage, handleView, initSymCiphers, inView, localAddress, process, secretKey, secretKey, signMessages, signMessages, symAlgorithm, symAlgorithm, symKeylength, symKeylength, symVersion, symVersion, up, up, version
accept, afterCreationHook, destroy, dumpStats, enableStats, getConfigurableObjects, getDownProtocol, getDownServices, getId, getIdsAbove, getLevel, getLog, getName, getProtocolStack, getSocketFactory, getThreadFactory, getTransport, getUpProtocol, getUpServices, getValue, isErgonomics, level, parse, printStats, providedDownServices, providedUpServices, requiredDownServices, requiredUpServices, resetStatistics, resetStats, setDownProtocol, setErgonomics, setId, setLevel, setProtocolStack, setSocketFactory, setUpProtocol, setValue, setValues, start, statsEnabled, stop
protected java.lang.String keystore_name
protected java.lang.String keystore_type
protected java.lang.String store_password
protected java.lang.String key_password
protected java.lang.String alias
public java.lang.String keystoreName()
public SYM_ENCRYPT keystoreName(java.lang.String n)
public java.lang.String alias()
public SYM_ENCRYPT alias(java.lang.String a)
public java.lang.String storePassword()
public SYM_ENCRYPT storePassword(java.lang.String pwd)
public void init() throws java.lang.Exception
Protocol
init
in class EncryptBase
java.lang.Exception
- Thrown if protocol cannot be initialized successfully. This will cause the
ProtocolStack to fail, so the channel constructor will throw an exceptionprotected void readSecretKeyFromKeystore() throws java.lang.Exception
java.lang.Exception
Copyright © 1998-2020 Red Hat. All Rights Reserved.