Package ch.admin.bit.jeap.crypto.api
Interface KeyIdCryptoService
- All Known Implementing Classes:
NoopKeyIdCryptoService
public interface KeyIdCryptoService
-
Method Summary
Modifier and TypeMethodDescriptionbooleancanDecrypt(byte[] ciphertext) byte[]decrypt(byte[] ciphertextCryptoContainer) Decrypts a jEAP crypto container back to the plaintext bytes.byte[]Encrypts plaintext to a jEAP crypto container, using the wrapping key identified by the given key id for the encryption of the data.default booleanDoes this key id crypto service know the given key id and can link it to a wrapping key to be used for encryption?
-
Method Details
-
encrypt
Encrypts plaintext to a jEAP crypto container, using the wrapping key identified by the given key id for the encryption of the data.- Parameters:
plaintext- Plaintext bytes to be encryptedkeyId- Identifier for the wrapping key to be used for the encryption- Returns:
- Encrypted data container, formatted according to a
JeapCryptoDataFormat - Throws:
CryptoException- If encryption fails for any reason (empty plaintext, bad configuration, unknown key id, unable to get data key, ...)
-
decrypt
byte[] decrypt(byte[] ciphertextCryptoContainer) Decrypts a jEAP crypto container back to the plaintext bytes.- Parameters:
ciphertextCryptoContainer- Encrypted data container, formatted according to aJeapCryptoDataFormat- Returns:
- Decrypted plaintext bytes
- Throws:
CryptoException- If decryption fails for any reason (bad configuration, unable to decrypt data key, ...)
-
knows
Does this key id crypto service know the given key id and can link it to a wrapping key to be used for encryption?- Parameters:
keyId- The key id- Returns:
trueif this service knows the given key id and can link it to a wrapping key to be used for encryption,falseotherwise.
-
configuredKeyIds
-
canDecrypt
boolean canDecrypt(byte[] ciphertext)
-