Interface IKey
-
- All Superinterfaces:
AutoCloseable
,Closeable
public interface IKey extends Closeable
Interface for representing cryptographic keys with the Microsoft Azure Key Vault libraries.
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description com.google.common.util.concurrent.ListenableFuture<byte[]>
decryptAsync(byte[] ciphertext, byte[] iv, byte[] authenticationData, byte[] authenticationTag, String algorithm)
Decrypts the specified cipher text.com.google.common.util.concurrent.ListenableFuture<org.apache.commons.lang3.tuple.Triple<byte[],byte[],String>>
encryptAsync(byte[] plaintext, byte[] iv, byte[] authenticationData, String algorithm)
Encrypts the specified plain text.String
getDefaultEncryptionAlgorithm()
The default encryption algorithm for this key, using the representations from Json Web Key Algorithms, RFC7513.String
getDefaultKeyWrapAlgorithm()
The default key wrap algorithm for this key, using the representations from Json Web Key Algorithms, RFC7513.String
getDefaultSignatureAlgorithm()
The default signature algorithm for this key, using the representations from Json Web Key Algorithms, RFC7513.String
getKid()
The unique key identifier for this key.com.google.common.util.concurrent.ListenableFuture<org.apache.commons.lang3.tuple.Pair<byte[],String>>
signAsync(byte[] digest, String algorithm)
Signs the specified digest using the specified algorithm, or the keys DefaultSignatureAlgorithm if no algorithm is specified.com.google.common.util.concurrent.ListenableFuture<byte[]>
unwrapKeyAsync(byte[] encryptedKey, String algorithm)
Unwraps (decrypts) the specified encryped key material.com.google.common.util.concurrent.ListenableFuture<Boolean>
verifyAsync(byte[] digest, byte[] signature, String algorithm)
Verifies the supplied signature value using the supplied digest and algorithm.com.google.common.util.concurrent.ListenableFuture<org.apache.commons.lang3.tuple.Pair<byte[],String>>
wrapKeyAsync(byte[] key, String algorithm)
Wraps (encrypts) the specified symmetric key material using the specified algorithm, or the keys DefaultKeyWrapAlgorithm if none is specified.
-
-
-
Method Detail
-
getDefaultEncryptionAlgorithm
String getDefaultEncryptionAlgorithm()
The default encryption algorithm for this key, using the representations from Json Web Key Algorithms, RFC7513.- Returns:
- The default encryption algorithm for this key.
-
getDefaultKeyWrapAlgorithm
String getDefaultKeyWrapAlgorithm()
The default key wrap algorithm for this key, using the representations from Json Web Key Algorithms, RFC7513.- Returns:
- The default key wrap algorithm for this key.
-
getDefaultSignatureAlgorithm
String getDefaultSignatureAlgorithm()
The default signature algorithm for this key, using the representations from Json Web Key Algorithms, RFC7513.- Returns:
- The default signature algorithm for this key.
-
getKid
String getKid()
The unique key identifier for this key.- Returns:
- The key identifier
-
decryptAsync
com.google.common.util.concurrent.ListenableFuture<byte[]> decryptAsync(byte[] ciphertext, byte[] iv, byte[] authenticationData, byte[] authenticationTag, String algorithm) throws NoSuchAlgorithmException
Decrypts the specified cipher text. Note that not all algorithms require, or support, all parameters.- Parameters:
ciphertext
- The cipher text to decryptiv
- The initialization vector (optional with some algorithms)authenticationData
- Additional authentication data (optional with some algorithms)authenticationTag
- The authentication tag from the encrypt operation (optional with some algorithms)algorithm
- The encryption algorithm to use, must be supplied- Returns:
- A ListenableFuture containing the plain text
- Throws:
NoSuchAlgorithmException
- the algorithm is not valid
-
encryptAsync
com.google.common.util.concurrent.ListenableFuture<org.apache.commons.lang3.tuple.Triple<byte[],byte[],String>> encryptAsync(byte[] plaintext, byte[] iv, byte[] authenticationData, String algorithm) throws NoSuchAlgorithmException
Encrypts the specified plain text. Note that not all algorithms require, or support, all parameters.- Parameters:
plaintext
- The plain text to encryptiv
- The initialization vector (optional with some algorithms)authenticationData
- Additional authentication data (optional with some algorithms)algorithm
- The encryption algorithm to use, defaults to the keys DefaultEncryptionAlgorithm- Returns:
- A ListenableFuture containing the cipher text, the authentication tag and the algorithm that was used
- Throws:
NoSuchAlgorithmException
- the algorithm is not valid
-
wrapKeyAsync
com.google.common.util.concurrent.ListenableFuture<org.apache.commons.lang3.tuple.Pair<byte[],String>> wrapKeyAsync(byte[] key, String algorithm) throws NoSuchAlgorithmException
Wraps (encrypts) the specified symmetric key material using the specified algorithm, or the keys DefaultKeyWrapAlgorithm if none is specified.- Parameters:
key
- The symmetric key to wrapalgorithm
- The wrapping algorithm to use, defaults to the keys DefaultKeyWrapAlgorithm- Returns:
- ListenableFuture containing the encrypted key and the algorithm that was used
- Throws:
NoSuchAlgorithmException
- the algorithm is not valid
-
unwrapKeyAsync
com.google.common.util.concurrent.ListenableFuture<byte[]> unwrapKeyAsync(byte[] encryptedKey, String algorithm) throws NoSuchAlgorithmException
Unwraps (decrypts) the specified encryped key material.- Parameters:
encryptedKey
- The encrypted key to decryptalgorithm
- The algorithm to use, must be supplied- Returns:
- A ListenableFuture containing the unwrapped key
- Throws:
NoSuchAlgorithmException
- the algorithm is not valid
-
signAsync
com.google.common.util.concurrent.ListenableFuture<org.apache.commons.lang3.tuple.Pair<byte[],String>> signAsync(byte[] digest, String algorithm) throws NoSuchAlgorithmException
Signs the specified digest using the specified algorithm, or the keys DefaultSignatureAlgorithm if no algorithm is specified.- Parameters:
digest
- The digest to signalgorithm
- The signature algorithm to use- Returns:
- A ListenableFuture containing the signature and the algorithm used.
- Throws:
NoSuchAlgorithmException
- the algorithm is not valid
-
verifyAsync
com.google.common.util.concurrent.ListenableFuture<Boolean> verifyAsync(byte[] digest, byte[] signature, String algorithm) throws NoSuchAlgorithmException
Verifies the supplied signature value using the supplied digest and algorithm.- Parameters:
digest
- The digest inputsignature
- The signature to verifyalgorithm
- The algorithm to use, must be provided- Returns:
- A ListenableFuture containing the signature and the algorithm used.
- Throws:
NoSuchAlgorithmException
- the algorithm is not valid
-
-