Modifier and Type | Method and Description |
---|---|
static SecretKey |
decryptCEK(SecretKey kek,
byte[] iv,
AuthenticatedCipherText authEncrCEK,
int keyLength,
Provider provider)
Decrypts the specified encrypted Content Encryption Key (CEK).
|
static AuthenticatedCipherText |
encryptCEK(SecretKey cek,
Container<byte[]> iv,
SecretKey kek,
Provider provider)
Encrypts the specified Content Encryption Key (CEK).
|
public static AuthenticatedCipherText encryptCEK(SecretKey cek, Container<byte[]> iv, SecretKey kek, Provider provider) throws JOSEException
cek
- The Content Encryption Key (CEK) to encrypt. Must
not be null
.iv
- The initialisation vector (IV). Must not be
null
. The contained IV must not be
null
either.kek
- The AES Key Encryption Key (KEK). Must not be
null
.provider
- The specific JCA provider to use, null
implies the default system one.JOSEException
- If encryption failed.public static SecretKey decryptCEK(SecretKey kek, byte[] iv, AuthenticatedCipherText authEncrCEK, int keyLength, Provider provider) throws JOSEException
kek
- The AES Key Encription Key. Must not be
null
.iv
- The initialisation vector (IV). Must not be
null
.authEncrCEK
- The encrypted Content Encryption Key (CEK) to
decrypt and authentication tag. Must not be
null
.provider
- The JCA provider, or null
to use the
default one.JOSEException
- If decryption failed.Copyright © 2020 Connect2id Ltd.. All rights reserved.