KeyReferenceCryptoService (ch.admin.bit.jeap:jeap-crypto-core 3.22.0 API)

All Known Implementing Classes:: AesGcmCryptoService, NoopKeyReferenceCryptoService

public interface KeyReferenceCryptoService

Method Summary

Modifier and Type

Method

Description

boolean

canDecrypt(byte[] ciphertext)

byte[]

decrypt(byte[] ciphertextCryptoContainer)

Decrypts a jEAP crypto container back to the plaintext bytes.

byte[]

encrypt(byte[] plaintext, KeyReference wrappingKeyReference)

Encrypts plaintext to a jEAP crypto container, using a data key for encryption of the data.

Method Details
- encrypt
  
  byte[] encrypt(byte[] plaintext, KeyReference wrappingKeyReference)
  
  Encrypts plaintext to a jEAP crypto container, using a data key for encryption of the data.
  
  Parameters:
  
  plaintext - Plaintext bytes to be encrypted
  
  wrappingKeyReference - Reference to a key managed by a KeyManagementService, which is used for generating data keys
  
  Returns:
  
  Encrypted data container, formatted according to a JeapCryptoDataFormat
  
  Throws:
  
  CryptoException - If encryption fails for any reason (empty plaintext, bad configuration, unable to get data key, ...)
- decrypt
  
  byte[] decrypt(byte[] ciphertextCryptoContainer)
  
  Decrypts a jEAP crypto container back to the plaintext bytes. The crypto container must contain a reference to the data key's wrapping key, i.e. key name/location.
  
  Parameters:
  
  ciphertextCryptoContainer - Encrypted data container, formatted according to a JeapCryptoDataFormat
  
  Returns:
  
  Decrypted plaintext bytes
  
  Throws:
  
  CryptoException - If decryption fails for any reason (bad configuration, unable to decrypt data key, ...)
- canDecrypt
  
  boolean canDecrypt(byte[] ciphertext)