Class CryptoServiceImpl

Object

CryptoServiceImpl

All Implemented Interfaces:

CryptoService

public final class CryptoServiceImpl
extends Object
implements CryptoService

Thread-safe concrete implementation of CryptoService.

Nested Class Summary

Nested classes/interfaces inherited from interface CryptoService

CryptoService.DecryptBytesHolder

Constructor Summary

Constructors

Constructor	Description
CryptoServiceImpl(AnkaSecureOpenApiClient api)

Method Summary

Modifier and Type	Method	Description
CryptoService.DecryptBytesHolder	decryptBytes(String jweToken)	Decrypt a Compact JWE that is already in RAM.
DecryptFileResult	decryptFile(Path input, Path output)
DecryptFileResult	decryptFileStream(Path input, Path output)
EncryptFileResult	encryptBytes(String kid, byte[] plaintext)	Encrypt raw bytes with a server-side **public** key.
EncryptFileResult	encryptFile(String kid, Path input, Path output)
EncryptFileResult	encryptFileStream(String kid, Path input, Path output)
ReencryptFileResult	reencryptBytes(String newKid, String jweToken)	Re-encrypt a JWE in memory so it becomes protected by newKid.
ReencryptFileResult	reencryptFile(String newKid, Path input, Path output)
ReencryptFileResult	reencryptFileStream(String newKid, Path input, Path output)

Methods inherited from class Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

CryptoServiceImpl

public CryptoServiceImpl(AnkaSecureOpenApiClient api)

Method Details

encryptFile

public EncryptFileResult encryptFile(String kid,
 Path input,
 Path output)

Specified by:

encryptFile in interface CryptoService

decryptFile

public DecryptFileResult decryptFile(Path input,
 Path output)

Specified by:

decryptFile in interface CryptoService

reencryptFile

public ReencryptFileResult reencryptFile(String newKid,
 Path input,
 Path output)

Specified by:

reencryptFile in interface CryptoService

encryptFileStream

public EncryptFileResult encryptFileStream(String kid,
 Path input,
 Path output)

Specified by:

encryptFileStream in interface CryptoService

decryptFileStream

public DecryptFileResult decryptFileStream(Path input,
 Path output)

Specified by:

decryptFileStream in interface CryptoService

reencryptFileStream

public ReencryptFileResult reencryptFileStream(String newKid,
 Path input,
 Path output)

Specified by:

reencryptFileStream in interface CryptoService

encryptBytes

public EncryptFileResult encryptBytes(String kid,
 byte[] plaintext)

Encrypt raw bytes with a server-side **public** key.

Specified by:

encryptBytes in interface CryptoService

Parameters:

kid - key ID in the platform (must not be null)

plaintext - data to protect (must not be null)

Returns:

EncryptFileResult exposing the Compact JWE token and metadata

decryptBytes

public CryptoService.DecryptBytesHolder decryptBytes(String jweToken)

Decrypt a Compact JWE that is already in RAM.

Specified by:

decryptBytes in interface CryptoService

Parameters:

jweToken - textual Compact JWE (UTF-8, not Base64 wrapped)

Returns:

CryptoService.DecryptBytesHolder containing plaintext and metadata

reencryptBytes

public ReencryptFileResult reencryptBytes(String newKid,
 String jweToken)

Re-encrypt a JWE in memory so it becomes protected by newKid.

Specified by:

reencryptBytes in interface CryptoService

Parameters:

newKid - key that must protect the data after rotation

jweToken - current Compact JWE (text form)

Returns:

metadata for old/new keys plus the refreshed JWE token