Package ch.admin.bit.jeap.crypto.api

Interface KeyReferenceCryptoService

All Known Implementing Classes:

AesGcmCryptoService, NoopKeyReferenceCryptoService

public interface KeyReferenceCryptoService

Method Summary

Modifier and Type	Method	Description
boolean	canDecrypt(byte[] ciphertext)
byte[]	decrypt(byte[] ciphertextCryptoContainer)	Decrypts a jEAP crypto container back to the plaintext bytes.
byte[]	encrypt(byte[] plaintext, KeyReference wrappingKeyReference)	Encrypts plaintext to a jEAP crypto container, using a data key for encryption of the data.

Method Details

encrypt

byte[] encrypt(byte[] plaintext,
 KeyReference wrappingKeyReference)

Encrypts plaintext to a jEAP crypto container, using a data key for encryption of the data.

Parameters:

plaintext - Plaintext bytes to be encrypted

wrappingKeyReference - Reference to a key managed by a KeyManagementService, which is used for generating data keys

Returns:

Encrypted data container, formatted according to a JeapCryptoDataFormat

Throws:

CryptoException - If encryption fails for any reason (empty plaintext, bad configuration, unable to get data key, ...)

decrypt

byte[] decrypt(byte[] ciphertextCryptoContainer)

Decrypts a jEAP crypto container back to the plaintext bytes. The crypto container must contain a reference to the data key's wrapping key, i.e. key name/location.

Parameters:

ciphertextCryptoContainer - Encrypted data container, formatted according to a JeapCryptoDataFormat

Returns:

Decrypted plaintext bytes

Throws:

CryptoException - If decryption fails for any reason (bad configuration, unable to decrypt data key, ...)

canDecrypt

boolean canDecrypt(byte[] ciphertext)