| Modifier and Type | Method and Description |
|---|---|
int |
Ffi.createDecryptionCache(byte[] userDecryptionKeyBytes)
Create a decryption cache that can be used with
Ffi.decryptHeaderUsingCache(int, byte[]) Use of the cache
speeds up the decryption of the header. |
int |
Ffi.createDecryptionCache(PrivateKey userDecryptionKey)
Create an decryption cache that can be used with
Ffi.decryptHeaderUsingCache(int, byte[]) Use of the cache
speeds up decryption of the header WARN: the cache MUST be destroyed after use with
Ffi.destroyDecryptionCache(int) |
int |
Ffi.createEncryptionCache(Policy policy,
byte[] publicKeyBytes)
Create an encryption cache that can be used with
Ffi.encryptHeaderUsingCache(int, Attr[]) Use of the cache
speeds up the encryption of the header. |
int |
Ffi.createEncryptionCache(PublicKey publicKey)
Create an encryption cache that can be used with
Ffi.encryptHeaderUsingCache(int, Attr[]) se of the cache
speeds up the encryption of the header. |
DecryptedHeader |
Ffi.decryptHeader(PrivateKey userDecryptionKey,
byte[] encryptedHeaderBytes)
Decrypt a hybrid header, recovering the symmetric key
|
DecryptedHeader |
Ffi.decryptHeader(PrivateKey userDecryptionKey,
byte[] encryptedHeaderBytes,
int uidLen,
int additionalDataLen)
Decrypt a hybrid header, recovering the symmetric key, and optionally, the resource UID and additional data
|
DecryptedHeader |
Ffi.decryptHeaderUsingCache(int cacheHandle,
byte[] encryptedHeaderBytes)
Decrypt a hybrid header using a cache, recovering the symmetric key
|
void |
Ffi.destroyDecryptionCache(int cacheHandle)
Destroy the cache created with
Ffi.createDecryptionCache(byte[]) |
void |
Ffi.destroyEncryptionCache(int cacheHandle)
Destroy the cache created with
Ffi.createEncryptionCache(Policy, byte[]) |
EncryptedHeader |
Ffi.encryptHeader(PublicKey publicKey,
Attr[] attributes)
Generate an hybrid encryption header.
|
EncryptedHeader |
Ffi.encryptHeader(PublicKey publicKey,
Attr[] attributes,
Optional<byte[]> uid,
Optional<byte[]> additionalData)
Generate an hybrid encryption header.
|
EncryptedHeader |
Ffi.encryptHeaderUsingCache(int cacheHandle,
Attr[] attributes)
Generate an hybrid encryption header using a pre-cached Public Key and Policy.
|
EncryptedHeader |
Ffi.encryptHeaderUsingCache(int cacheHandle,
Attr[] attributes,
Optional<byte[]> uid,
Optional<byte[]> additionalData)
Generate an hybrid encryption header using a pre-cached Public Key and Policy.
|
| Modifier and Type | Method and Description |
|---|---|
static void |
Ffi.compact(int numberOfReindexingPhasesBeforeFullSet,
MasterKeys masterKeys,
byte[] label,
FfiWrapper.FetchEntryCallback fetchEntry,
FfiWrapper.FetchChainCallback fetchChain,
FfiWrapper.FetchAllEntryCallback fetchAllEntry,
FfiWrapper.UpdateLinesCallback updateLines,
FfiWrapper.ListRemovedLocationsCallback listRemovedLocations) |
static MasterKeys |
MasterKeys.fromJson(String json) |
Location |
IndexedValue.getLocation() |
Word |
IndexedValue.getWord() |
static void |
Ffi.graph_upsert(MasterKeys masterKeys,
byte[] label,
HashMap<IndexedValue,Word[]> indexedValuesAndWords,
FfiWrapper.FetchEntryCallback fetchEntry,
FfiWrapper.UpsertEntryCallback upsertEntry,
FfiWrapper.UpsertChainCallback upsertChain) |
static List<byte[]> |
Ffi.search(byte[] keyK,
byte[] label,
Word[] words,
int loopIterationLimit,
int maxDepth,
FfiWrapper.ProgressCallback progress,
FfiWrapper.FetchEntryCallback fetchEntry,
FfiWrapper.FetchChainCallback fetchChain) |
String |
MasterKeys.toJson()
This method is mostly used for local tests and serialization.
|
static void |
Ffi.upsert(MasterKeys masterKeys,
byte[] label,
HashMap<IndexedValue,Word[]> indexedValuesAndWords,
FfiWrapper.FetchEntryCallback fetchEntry,
FfiWrapper.UpsertEntryCallback upsertEntry,
FfiWrapper.UpsertChainCallback upsertChain) |
| Constructor and Description |
|---|
IndexedValue(byte[] bytes) |
IndexedValue(Location location) |
IndexedValue(Word word) |
| Modifier and Type | Method and Description |
|---|---|
static byte[] |
Cosmian.hex_decode(String hex_encoded_string)
Decode an hex encoded String to bytes
|
| Modifier and Type | Method and Description |
|---|---|
String[] |
Abe.createMasterKeyPair(Policy policy)
Generate inside the KMS, a master private and public key pair for the
Policy |
String |
Abe.createUserDecryptionKey(AccessPolicy accessPolicy,
String privateMasterKeyUniqueIdentifier)
Create a User Decryption Key for the given
AccessPolicy in the KMS |
String |
Abe.destroy(String uniqueIdentifier)
Destroy a key in the KMS which makes it unavailable to use in the KMS to perform
Abe.kmsEncrypt(String, byte[], Attr[]) or Abe.kmsDecrypt(String, byte[]) operations. |
String |
Abe.importPrivateMasterKey(String uniqueIdentifier,
PrivateKey privateMasterKey,
boolean replaceExisting)
Import a Private Master Key in the KMS
|
String |
Abe.importPublicMasterKey(String uniqueIdentifier,
PublicKey publicMasterKey,
boolean replaceExisting)
Import a Public Master Key in the KMS
|
String |
Abe.importUserDecryptionKey(String uniqueIdentifier,
PrivateKey userDecryptionKey,
boolean replaceExisting)
Import a User Decryption Key in the KMS
|
byte[] |
Abe.kmsDecrypt(String userDecryptionKeyUniqueIdentifier,
byte[] encryptedData)
Decrypt the data in the KMS using the given User Decryption Key The encryptedData should be made of 3 parts: -
the length of the encrypted header as a u32 in big endian format (4 bytes) - the header - the AES GCM encrypted
content
|
byte[] |
Abe.kmsDecrypt(String userDecryptionKeyUniqueIdentifier,
byte[] encryptedData,
Optional<byte[]> uid)
Decrypt the data in the KMS using the given User Decryption Key The encryptedData should be made of 3 parts: -
the length of the encrypted header as a u32 in big endian format (4 bytes) - the header - the AES GCM encrypted
content
|
byte[] |
Abe.kmsEncrypt(String publicMasterKeyUniqueIdentifier,
byte[] data,
Attr[] attributes)
Encrypt data in the KMS using the given Policy Attributes (@see
Attr) and Public Master Key. |
byte[] |
Abe.kmsEncrypt(String publicMasterKeyUniqueIdentifier,
byte[] data,
Attr[] attributes,
Optional<byte[]> uid)
Encrypt data in the KMS using the given Policy Attributes (@see
Attr) and Public Master Key. |
PrivateKey |
Abe.retrievePrivateMasterKey(String privateMasterKeyUniqueIdentifier)
Retrieve the Master Private Key from the KMS
|
PublicKey |
Abe.retrievePublicMasterKey(String publicMasterKeyUniqueIdentifier)
Retrieve the Master Public Key from the KMS
|
PrivateKey |
Abe.retrieveUserDecryptionKey(String userDecryptionKeyUniqueIdentifier)
Retrieve a User Decryption Key from the KMS
|
String |
Abe.revokeAttributes(String privateMasterKeyUniqueIdentifier,
Attr[] policyAttributes)
Revoke the given policy attributes.
|
String |
Abe.revokeKey(String keyUniqueIdentifier)
Revoke a key in the KMS which makes it unavailable to use in the KMS to perform
Abe.kmsEncrypt(String, byte[], Attr[]) or Abe.kmsDecrypt(String, byte[]) operations. |
| Modifier and Type | Method and Description |
|---|---|
Attr |
Attr.axis(String axis) |
static Attr |
Attr.fromString(String attrString) |
Attr |
Attr.name(String name) |
void |
Attr.setAxis(String axis) |
void |
Attr.setName(String name) |
static VendorAttribute |
Attr.toVendorAttribute(Attr[] policyAttributes,
String vendor_attribute_abe) |
VendorAttribute |
AccessPolicy.toVendorAttribute(String abeImplementation) |
| Constructor and Description |
|---|
Attr(String axis,
String name) |
| Modifier and Type | Method and Description |
|---|---|
Policy |
Policy.addAxis(String name,
String[] attributes,
boolean hierarchical)
Add the given Axis to this policy and return the policy
|
static PolicyAttributeUid |
PolicyAttributeUid.fromString(String s) |
static Policy |
Policy.fromVendorAttributes(Attributes attributes,
String abeImplementation) |
VendorAttribute |
Policy.toVendorAttribute(String abeImplementation)
Convert the policy to a KMIP Vendor attribute that can be set on a KMIP Object
|
| Modifier and Type | Method and Description |
|---|---|
static byte[] |
KmipUtils.bytesFromKeyBlock(KeyBlock keyBlock)
Extract the key bytes from a
KeyBlock for those made of byte arrays |
CreateResponse |
Kmip.create(Create request)
This operation requests the server to generate a new symmetric key or generate Secret Data as a Managed
Cryptographic Object.
|
CreateKeyPairResponse |
Kmip.createKeyPair(CreateKeyPair request)
This operation requests the server to generate a new public/private key pair and register the two corresponding
new Managed Cryptographic Objects.
|
DecryptResponse |
Kmip.decrypt(Decrypt request)
This operation requests the server to perform a decryption operation on the provided data using a Managed
Cryptographic Object as the key for the decryption operation.
|
DestroyResponse |
Kmip.destroy(Destroy request)
This operation is used to indicate to the server that the key material for the specified Managed Object SHALL be
destroyed or rendered inaccessible.
|
EncryptResponse |
Kmip.encrypt(Encrypt request)
This operation requests the server to perform an encryption operation on the provided data using a Managed
Cryptographic Object as the key for the encryption operation.
|
GetResponse |
Kmip.get(Get request)
This operation requests that the server returns the Managed Object specified by its Unique Identifier.
|
ImportResponse |
Kmip.importObject(Import request)
This operation requests the server to Import a Managed Object specified by its Unique Identifier.
|
LocateResponse |
Kmip.locate(Locate request)
This operation requests that the server search for one or more Managed Objects, depending on the attributes
specified in the request.
|
static byte[] |
KmipUtils.nonceFromKeyWrappingData(KeyWrappingData keyWrappingData)
Extract the nonce/iv/counter bytes from a
KeyWrappingData for those made of byte arrays |
ReKeyKeyPairResponse |
Kmip.reKeyKeyPair(ReKeyKeyPair request)
This request is used to generate a replacement key pair for an existing public/private key pair.
|
RevokeResponse |
Kmip.revoke(Revoke request)
This operation requests the server to revoke a Managed Cryptographic Object or an Opaque Object.
|
| Modifier and Type | Method and Description |
|---|---|
byte[] |
PrivateKey.bytes()
The low level cryptographic content of the Private Key
|
byte[] |
PublicKey.bytes()
The low level cryptographic content of the Public Key
|
static PGPKey |
PGPKey.fromJson(String json)
Deserialize an instance from its Json representation obtained using toJson()
|
static PrivateKey |
PrivateKey.fromJson(String json)
Deserialize an instance from its Json representation obtained using toJson()
|
static SecretData |
SecretData.fromJson(String json)
Deserialize an instance from its Json representation obtained using toJson()
|
static CertificateRequest |
CertificateRequest.fromJson(String json)
Deserialize an instance from its Json representation obtained using toJson()
|
static Certificate |
Certificate.fromJson(String json)
Deserialize an instance from its Json representation obtained using toJson()
|
static SplitKey |
SplitKey.fromJson(String json)
Deserialize an instance from its Json representation obtained using toJson()
|
static OpaqueObject |
OpaqueObject.fromJson(String json)
Deserialize an instance from its Json representation obtained using toJson()
|
static PublicKey |
PublicKey.fromJson(String json)
Deserialize an instance from its Json representation obtained using oJson()
|
static SymmetricKey |
SymmetricKey.fromJson(String json)
Deserialize an instance from its Json representation obtained using toJson()
|
protected static <T extends KmipObject> |
KmipObject.fromJson(String json,
Class<T> clazz) |
String |
KmipObject.toJson()
This method is mostly used for local tests and serialization.
|
| Modifier and Type | Method and Description |
|---|---|
static MetaData |
MetaData.fromBytes(byte[] bytes)
Parse meta data from bytes
|
byte[] |
MetaData.toBytes()
Converts the meta data to a byte array which can parsed back using the
MetaData.fromBytes(byte[]) method The
first 4 bytes is the u32 size of the uid in big endian format. |
Copyright © 2022. All rights reserved.