public class JCAKeyManagement extends java.lang.Object implements KeyManagement
JKS is only for certificates/public key encryption.
Not intended for production use other than possibly for single node applications as it saves to a local file so won't be available for all other nodes in the cluster.
The Java Keystore API is blocking so it's important to use this from a dedicated dispatcher.
| Constructor and Description |
|---|
JCAKeyManagement(akka.actor.ExtendedActorSystem system,
GdprSettings gdprSettings,
JcaSettings jcaSettings) |
| Modifier and Type | Method and Description |
|---|---|
scala.concurrent.Future<scala.Option<javax.crypto.SecretKey>> |
getKey(java.lang.String dataSubjectId)
Retrieve the key identified by dataSubjectId, returning None if the key has been shredded.
|
scala.concurrent.Future<javax.crypto.SecretKey> |
getOrCreateKey(java.lang.String dataSubjectId)
Create a
SecretKey if it doesn't exist already. |
scala.concurrent.Future<akka.Done> |
shred(java.lang.String dataSubjectId)
Remove the key identified by dataSubjectId permanently.
|
public JCAKeyManagement(akka.actor.ExtendedActorSystem system,
GdprSettings gdprSettings,
JcaSettings jcaSettings)
public scala.concurrent.Future<scala.Option<javax.crypto.SecretKey>> getKey(java.lang.String dataSubjectId)
KeyManagementgetKey in interface KeyManagementdataSubjectId - (undocumented)public scala.concurrent.Future<javax.crypto.SecretKey> getOrCreateKey(java.lang.String dataSubjectId)
KeyManagementSecretKey if it doesn't exist already. Length of the key should be taken
from akka.persistence.gdpr.key-size
If using AbstractGdprEncryption this must be an AES key.
getOrCreateKey in interface KeyManagementdataSubjectId - (undocumented)public scala.concurrent.Future<akka.Done> shred(java.lang.String dataSubjectId)
KeyManagementshred in interface KeyManagementdataSubjectId - (undocumented)