Package org.forgerock.secrets.gcpkms

Class GoogleKmsKey

java.lang.Object
org.forgerock.secrets.gcpkms.GoogleKmsKey
All Implemented Interfaces:
Serializable, Key
Direct Known Subclasses:
GoogleKmsPrivateKey, GoogleKmsSecretKey
public abstract class GoogleKmsKey extends Object implements Key
Abstract base class for keys stored in Google KMS.
See Also:

  • Method Details

    • getFormat

      public String getFormat()
      The format is set to null to match the result for a non-extractable PKCS#11 key.
      Specified by:
      getFormat in interface Key
      Returns:
      null.

    • decrypt

      public byte[] decrypt(byte[] ciphertext)
      Decrypts the given ciphertext using this key.
      Parameters:
      ciphertext - the ciphertext to decrypt.
      Returns:
      the decrypted plaintext.
      Throws:
      UnsupportedOperationException - if this key is not a decryption key.

    • decryptWithAssociatedData

      public byte[] decryptWithAssociatedData(byte[] ciphertext, byte[] associatedData)
      Decrypts the given ciphertext using this key. The given associated data will be included in the authentication tag calculation. This must be identical to the associated data that was provided in the encryption operation. Associated data is only supported for symmetric decryption.
      Parameters:
      ciphertext - the ciphertext to decrypt.
      associatedData - the associated data to include in the authentication tag.
      Returns:
      the decrypted plaintext.
      Throws:
      UnsupportedOperationException - if this key is not a decryption key.

    • getEncoded

      public byte[] getEncoded()
      Not supported.
      Specified by:
      getEncoded in interface Key
      Throws:
      UnsupportedOperationException - as this is not supported for KMS keys.

    • getAlgorithm

      public String getAlgorithm()
      Specified by:
      getAlgorithm in interface Key