Example 1 with JsonWebKeyEncryptionAlgorithm
use of com.microsoft.azure.keyvault.webkey.JsonWebKeyEncryptionAlgorithm in project mssql-jdbc by Microsoft.
the class SQLServerColumnEncryptionAzureKeyVaultProvider method AzureKeyVaultWrap.
/**
* Encrypt the text using specified Azure Key Vault key.
*
* @param masterKeyPath
* - Azure Key Vault key url.
* @param encryptionAlgorithm
* - Encryption Algorithm.
* @param columnEncryptionKey
* - Plain text Column Encryption Key.
* @return Returns an encrypted blob or throws an exception if there are any errors.
* @throws SQLServerException
*/
private byte[] AzureKeyVaultWrap(String masterKeyPath, String encryptionAlgorithm, byte[] columnEncryptionKey) throws SQLServerException {
if (null == columnEncryptionKey) {
throw new SQLServerException(SQLServerException.getErrString("R_CEKNull"), null);
}
JsonWebKeyEncryptionAlgorithm jsonEncryptionAlgorithm = new JsonWebKeyEncryptionAlgorithm(encryptionAlgorithm);
KeyOperationResult wrappedKey = keyVaultClient.wrapKey(masterKeyPath, jsonEncryptionAlgorithm, columnEncryptionKey);
return wrappedKey.result();
}
Also used :
KeyOperationResult(com.microsoft.azure.keyvault.models.KeyOperationResult)
JsonWebKeyEncryptionAlgorithm(com.microsoft.azure.keyvault.webkey.JsonWebKeyEncryptionAlgorithm)
Example 2 with JsonWebKeyEncryptionAlgorithm
use of com.microsoft.azure.keyvault.webkey.JsonWebKeyEncryptionAlgorithm in project ranger by apache.
the class RangerAzureKeyVaultKeyGenerator method decryptZoneKey.
@Override
public byte[] decryptZoneKey(byte[] encryptedByte) throws Exception {
JsonWebKeyEncryptionAlgorithm keyEncryptionAlgo = getZoneKeyEncryptionAlgo();
if (masterKeyBundle == null) {
masterKeyBundle = keyVaultClient.getKey(keyVaultURL, azureMasterKey);
}
KeyOperationResult decryptResult = null;
try {
decryptResult = keyVaultClient.decryptAsync(masterKeyBundle.key().kid(), keyEncryptionAlgo, encryptedByte, null).get();
} catch (Exception e) {
throw new Exception("Error while decrypting zone key." + e);
}
return decryptResult.result();
}
Also used :
KeyOperationResult(com.microsoft.azure.keyvault.models.KeyOperationResult)
JsonWebKeyEncryptionAlgorithm(com.microsoft.azure.keyvault.webkey.JsonWebKeyEncryptionAlgorithm)
Example 3 with JsonWebKeyEncryptionAlgorithm
use of com.microsoft.azure.keyvault.webkey.JsonWebKeyEncryptionAlgorithm in project mssql-jdbc by Microsoft.
the class SQLServerColumnEncryptionAzureKeyVaultProvider method AzureKeyVaultUnWrap.
/**
* Encrypt the text using specified Azure Key Vault key.
*
* @param masterKeyPath
* - Azure Key Vault key url.
* @param encryptionAlgorithm
* - Encrypted Column Encryption Key.
* @param encryptedColumnEncryptionKey
* - Encrypted Column Encryption Key.
* @return Returns the decrypted plaintext Column Encryption Key or throws an exception if there are any errors.
* @throws SQLServerException
*/
private byte[] AzureKeyVaultUnWrap(String masterKeyPath, String encryptionAlgorithm, byte[] encryptedColumnEncryptionKey) throws SQLServerException {
if (null == encryptedColumnEncryptionKey) {
throw new SQLServerException(SQLServerException.getErrString("R_EncryptedCEKNull"), null);
}
if (0 == encryptedColumnEncryptionKey.length) {
throw new SQLServerException(SQLServerException.getErrString("R_EmptyEncryptedCEK"), null);
}
JsonWebKeyEncryptionAlgorithm jsonEncryptionAlgorithm = new JsonWebKeyEncryptionAlgorithm(encryptionAlgorithm);
KeyOperationResult unwrappedKey = keyVaultClient.unwrapKey(masterKeyPath, jsonEncryptionAlgorithm, encryptedColumnEncryptionKey);
return unwrappedKey.result();
}
Also used :
KeyOperationResult(com.microsoft.azure.keyvault.models.KeyOperationResult)
JsonWebKeyEncryptionAlgorithm(com.microsoft.azure.keyvault.webkey.JsonWebKeyEncryptionAlgorithm)
Example 4 with JsonWebKeyEncryptionAlgorithm
use of com.microsoft.azure.keyvault.webkey.JsonWebKeyEncryptionAlgorithm in project ranger by apache.
the class RangerAzureKeyVaultKeyGenerator method encryptZoneKey.
@Override
public byte[] encryptZoneKey(Key zoneKey) throws Exception {
JsonWebKeyEncryptionAlgorithm keyEncryptionAlgo = getZoneKeyEncryptionAlgo();
KeyOperationResult encryptResult = null;
if (masterKeyBundle == null) {
masterKeyBundle = keyVaultClient.getKey(keyVaultURL, azureMasterKey);
}
try {
encryptResult = keyVaultClient.encryptAsync(masterKeyBundle.key().kid(), keyEncryptionAlgo, zoneKey.getEncoded(), null).get();
} catch (Exception e) {
throw new Exception("Error while encrypting zone key." + e);
}
return encryptResult.result();
}
Also used :
KeyOperationResult(com.microsoft.azure.keyvault.models.KeyOperationResult)
JsonWebKeyEncryptionAlgorithm(com.microsoft.azure.keyvault.webkey.JsonWebKeyEncryptionAlgorithm)
Aggregations
KeyOperationResult (com.microsoft.azure.keyvault.models.KeyOperationResult)4
JsonWebKeyEncryptionAlgorithm (com.microsoft.azure.keyvault.webkey.JsonWebKeyEncryptionAlgorithm)4
