Package org.forgerock.secrets.gcpkms
Class GoogleKmsAesCipher
- java.lang.Object
-
- javax.crypto.CipherSpi
-
- org.forgerock.secrets.gcpkms.GoogleKmsAesCipher
-
public final class GoogleKmsAesCipher extends CipherSpi
A Cipher implementation using Google KMS symmetric encryption/decryption. This is a variant of AES-GCM, but uses a proprietary Google-specific padding scheme so is not directly compatible with standard AES/GCM/NoPadding. This cipher implementation is therefore advertised using the nameAES/GCM/GoogleKmsPaddingand cannot be used for JWT encryption or other standard modes. It is mainly useful for encrypting and decrypting data locally.
-
-
Constructor Summary
Constructors Constructor Description GoogleKmsAesCipher()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected byte[]engineDoFinal(byte[] input, int inputOffset, int inputLen)protected intengineDoFinal(byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset)protected intengineGetBlockSize()protected byte[]engineGetIV()protected intengineGetKeySize(Key key)protected intengineGetOutputSize(int inputLen)protected AlgorithmParametersengineGetParameters()protected voidengineInit(int opmode, Key key, AlgorithmParameters params, SecureRandom random)protected voidengineInit(int opmode, Key key, SecureRandom random)protected voidengineInit(int opmode, Key key, AlgorithmParameterSpec params, SecureRandom random)protected voidengineSetMode(String mode)protected voidengineSetPadding(String padding)protected KeyengineUnwrap(byte[] wrappedKey, String wrappedKeyAlgorithm, int wrappedKeyType)protected byte[]engineUpdate(byte[] input, int inputOffset, int inputLen)protected intengineUpdate(byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset)protected voidengineUpdateAAD(byte[] src, int offset, int len)protected voidengineUpdateAAD(ByteBuffer src)protected byte[]engineWrap(Key keyToWrap)-
Methods inherited from class javax.crypto.CipherSpi
engineDoFinal, engineUpdate
-
-
-
-
Method Detail
-
engineWrap
protected byte[] engineWrap(Key keyToWrap) throws InvalidKeyException
- Overrides:
engineWrapin classCipherSpi- Throws:
InvalidKeyException
-
engineUnwrap
protected Key engineUnwrap(byte[] wrappedKey, String wrappedKeyAlgorithm, int wrappedKeyType) throws InvalidKeyException, NoSuchAlgorithmException
- Overrides:
engineUnwrapin classCipherSpi- Throws:
InvalidKeyExceptionNoSuchAlgorithmException
-
engineGetKeySize
protected int engineGetKeySize(Key key) throws InvalidKeyException
- Overrides:
engineGetKeySizein classCipherSpi- Throws:
InvalidKeyException
-
engineSetMode
protected void engineSetMode(String mode) throws NoSuchAlgorithmException
- Specified by:
engineSetModein classCipherSpi- Throws:
NoSuchAlgorithmException
-
engineSetPadding
protected void engineSetPadding(String padding) throws NoSuchPaddingException
- Specified by:
engineSetPaddingin classCipherSpi- Throws:
NoSuchPaddingException
-
engineGetBlockSize
protected int engineGetBlockSize()
- Specified by:
engineGetBlockSizein classCipherSpi
-
engineGetOutputSize
protected int engineGetOutputSize(int inputLen)
- Specified by:
engineGetOutputSizein classCipherSpi
-
engineGetIV
protected byte[] engineGetIV()
- Specified by:
engineGetIVin classCipherSpi
-
engineGetParameters
protected AlgorithmParameters engineGetParameters()
- Specified by:
engineGetParametersin classCipherSpi
-
engineInit
protected void engineInit(int opmode, Key key, SecureRandom random) throws InvalidKeyException- Specified by:
engineInitin classCipherSpi- Throws:
InvalidKeyException
-
engineInit
protected void engineInit(int opmode, Key key, AlgorithmParameterSpec params, SecureRandom random) throws InvalidKeyException, InvalidAlgorithmParameterException- Specified by:
engineInitin classCipherSpi- Throws:
InvalidKeyExceptionInvalidAlgorithmParameterException
-
engineInit
protected void engineInit(int opmode, Key key, AlgorithmParameters params, SecureRandom random) throws InvalidKeyException, InvalidAlgorithmParameterException- Specified by:
engineInitin classCipherSpi- Throws:
InvalidKeyExceptionInvalidAlgorithmParameterException
-
engineUpdate
protected byte[] engineUpdate(byte[] input, int inputOffset, int inputLen)- Specified by:
engineUpdatein classCipherSpi
-
engineUpdate
protected int engineUpdate(byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset)- Specified by:
engineUpdatein classCipherSpi
-
engineUpdateAAD
protected void engineUpdateAAD(byte[] src, int offset, int len)- Overrides:
engineUpdateAADin classCipherSpi
-
engineUpdateAAD
protected void engineUpdateAAD(ByteBuffer src)
- Overrides:
engineUpdateAADin classCipherSpi
-
engineDoFinal
protected byte[] engineDoFinal(byte[] input, int inputOffset, int inputLen)- Specified by:
engineDoFinalin classCipherSpi
-
engineDoFinal
protected int engineDoFinal(byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset) throws ShortBufferException- Specified by:
engineDoFinalin classCipherSpi- Throws:
ShortBufferException
-
-