Package org.alfresco.encryption

Class ReEncryptor

java.lang.Object
org.alfresco.encryption.ReEncryptor
All Implemented Interfaces:
org.springframework.beans.factory.Aware, org.springframework.context.ApplicationContextAware
public class ReEncryptor extends Object implements org.springframework.context.ApplicationContextAware
Re-encrypts encryptable repository properties using a new set of encryption keys. Decrypts the repository properties using the default encryptor, falling back to a backup decryptor (using the old encryption keys) if necessary, and then re-encrypts the properties. Can run in one of two ways:
  • during bootstrap.
  • by using JMX (available only to Enterprise). In this case, the system can stay running while the re-encryption takes place.
Since:
4.0

  • Constructor Details

    • ReEncryptor

      public ReEncryptor()

  • Method Details

    • setTransactionService

      public void setTransactionService(TransactionService transactionService)
      Set the transaction provider so that each execution can be performed within a transaction

    • setMetadataEncryptor

      public void setMetadataEncryptor(MetadataEncryptor metadataEncryptor)

    • getMetadataEncryptor

      public MetadataEncryptor getMetadataEncryptor()

    • setJobLockService

      public void setJobLockService(JobLockService jobLockService)

    • setNumThreads

      public void setNumThreads(int numThreads)

    • setChunkSize

      public void setChunkSize(int chunkSize)

    • setSplitTxns

      public void setSplitTxns(boolean splitTxns)

    • setNodeDAO

      public void setNodeDAO(NodeDAO nodeDAO)

    • setDictionaryDAO

      public void setDictionaryDAO(DictionaryDAO dictionaryDAO)

    • setQnameDAO

      public void setQnameDAO(QNameDAO qnameDAO)

    • reEncryptProperties

      protected void reEncryptProperties(List<NodePropertyEntity> properties, String lockToken)

    • bootstrapReEncrypt

      public int bootstrapReEncrypt() throws org.alfresco.encryption.MissingKeyException
      Re-encrypt using the configured backup keystore to decrypt and the main keystore to encrypt
      Throws:
      org.alfresco.encryption.MissingKeyException

    • reEncrypt

      public int reEncrypt() throws org.alfresco.encryption.MissingKeyException
      Re-encrypt by decrypting using the configured keystore and encrypting using a keystore configured using the provided new key store parameters. Called from e.g. JMX. Assumes that the main key store has been already been reloaded. Note: it is the responsibility of the end user to ensure that the underlying keystores have been set up appropriately i.e. the old key store is backed up to the location defined by the property '${dir.keystore}/backup-keystore' and the new key store replaces it. This can be done while the repository is running.
      Throws:
      org.alfresco.encryption.MissingKeyException

    • reEncryptImpl

      protected int reEncryptImpl()

    • setApplicationContext

      public void setApplicationContext(org.springframework.context.ApplicationContext applicationContext) throws org.springframework.beans.BeansException
      Specified by:
      setApplicationContext in interface org.springframework.context.ApplicationContextAware
      Throws:
      org.springframework.beans.BeansException