Package org.forgerock.secrets.gcpkms
Class GoogleKmsSecretKey
- java.lang.Object
-
- org.forgerock.secrets.gcpkms.GoogleKmsKey
-
- org.forgerock.secrets.gcpkms.GoogleKmsSecretKey
-
- All Implemented Interfaces:
Serializable,Key,SecretKey,Destroyable
public class GoogleKmsSecretKey extends GoogleKmsKey implements SecretKey
A symmetric secret key stored in Google KMS.- See Also:
- Serialized Form
-
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description byte[]encrypt(byte[] plaintext)Encrypts the given plaintext with this key.byte[]encryptWithAssociatedData(byte[] plaintext, byte[] associatedData)Encrypts the given plaintext with this key.-
Methods inherited from class org.forgerock.secrets.gcpkms.GoogleKmsKey
decrypt, decryptWithAssociatedData, getAlgorithm, getEncoded, getFormat
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface javax.security.auth.Destroyable
destroy, isDestroyed
-
Methods inherited from interface java.security.Key
getAlgorithm, getEncoded, getFormat
-
-
-
-
Method Detail
-
encrypt
public byte[] encrypt(byte[] plaintext)
Encrypts the given plaintext with this key.- Parameters:
plaintext- the plaintext to encrypt.- Returns:
- the encrypted data.
- Throws:
com.google.api.gax.rpc.ApiException- if an error occurs.
-
encryptWithAssociatedData
public byte[] encryptWithAssociatedData(byte[] plaintext, byte[] associatedData)Encrypts the given plaintext with this key. The associated data will be included in the authentication tag calculation but not encrypted and not included in the resulting ciphertext. The same associated data must be provided- Parameters:
plaintext- the plaintext to encrypt.associatedData- the associated data to include in the authentication tag (may be null).- Returns:
- the encrypted data.
- Throws:
com.google.api.gax.rpc.ApiException- if an error occurs.
-
-