GoogleKmsSecretKey (OpenAM Server Only 7.5.0 Documentation)

java.lang.Object

org.forgerock.secrets.gcpkms.GoogleKmsKey

org.forgerock.secrets.gcpkms.GoogleKmsSecretKey

All Implemented Interfaces:: Serializable, Key, SecretKey, Destroyable

public class GoogleKmsSecretKey extends GoogleKmsKey implements SecretKey

A symmetric secret key stored in Google KMS.

See Also:

Serialized Form

Method Summary

Modifier and Type

Method

Description

byte[]

encrypt(byte[] plaintext)

Encrypts the given plaintext with this key.

byte[]

encryptWithAssociatedData(byte[] plaintext, byte[] associatedData)

Encrypts the given plaintext with this key.

Methods inherited from class org.forgerock.secrets.gcpkms.GoogleKmsKey
decrypt, decryptWithAssociatedData, getAlgorithm, getEncoded, getFormat

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface javax.security.auth.Destroyable
destroy, isDestroyed

Methods inherited from interface java.security.Key
getAlgorithm, getEncoded, getFormat

Method Details
- encrypt
  
  public byte[] encrypt(byte[] plaintext)
  
  Encrypts the given plaintext with this key.
  
  Parameters:
  
  plaintext - the plaintext to encrypt.
  
  Returns:
  
  the encrypted data.
  
  Throws:
  
  com.google.api.gax.rpc.ApiException - if an error occurs.
- encryptWithAssociatedData
  
  public byte[] encryptWithAssociatedData(byte[] plaintext, byte[] associatedData)
  
  Encrypts the given plaintext with this key. The associated data will be included in the authentication tag calculation but not encrypted and not included in the resulting ciphertext. The same associated data must be provided
  
  Parameters:
  
  plaintext - the plaintext to encrypt.
  
  associatedData - the associated data to include in the authentication tag (may be null).
  
  Returns:
  
  the encrypted data.
  
  Throws:
  
  com.google.api.gax.rpc.ApiException - if an error occurs.