Package org.forgerock.opendj.security

Interface ExternalKeyWrappingStrategy

public interface ExternalKeyWrappingStrategy

A service provider interface for externalizing the strategy used for wrapping individual private/secret keys. Applications can configure an LDAP keystore to delegate key wrapping responsibilities by setting the KeyStoreParameters.EXTERNAL_KEY_WRAPPING_STRATEGY option.

Method Summary

Modifier and Type	Method	Description
ByteString	unwrapKey(ByteString wrappedKey)	Unwraps the provided wrapped key.
ByteString	wrapKey(ByteString unwrappedKey)	Wraps the provided encoded key.

Method Details

wrapKey

ByteString wrapKey(ByteString unwrappedKey)

Wraps the provided encoded key.

Parameters:

unwrappedKey - The non-null key to be wrapped. The format of the unwrapped key is unspecified.

Returns:

The non-null protected key. The format of the returned wrapped key is implementation defined.

unwrapKey

ByteString unwrapKey(ByteString wrappedKey)

Unwraps the provided wrapped key.

Parameters:

wrappedKey - The non-null key to be unwrapped. The format of the wrapped key is implementation defined and must have been produced via a call to wrapKey(ByteString).

Returns:

The non-null unwrapped key which must contain exactly the same content passed to wrapKey(ByteString).