Package com.nimbusds.jose.crypto.impl
Class AESGCMKW
- java.lang.Object
-
- com.nimbusds.jose.crypto.impl.AESGCMKW
-
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static SecretKeydecryptCEK(SecretKey kek, byte[] iv, AuthenticatedCipherText authEncrCEK, int keyLength, Provider provider)Decrypts the specified encrypted Content Encryption Key (CEK).static AuthenticatedCipherTextencryptCEK(SecretKey cek, Container<byte[]> iv, SecretKey kek, Provider provider)Encrypts the specified Content Encryption Key (CEK).
-
-
-
Method Detail
-
encryptCEK
public static AuthenticatedCipherText encryptCEK(SecretKey cek, Container<byte[]> iv, SecretKey kek, Provider provider) throws JOSEException
Encrypts the specified Content Encryption Key (CEK).- Parameters:
cek- The Content Encryption Key (CEK) to encrypt. Must not benull.iv- The initialisation vector (IV). Must not benull. The contained IV must not benulleither.kek- The AES Key Encryption Key (KEK). Must not benull.provider- The specific JCA provider to use,nullimplies the default system one.- Returns:
- The encrypted Content Encryption Key (CEK).
- Throws:
JOSEException- If encryption failed.
-
decryptCEK
public static SecretKey decryptCEK(SecretKey kek, byte[] iv, AuthenticatedCipherText authEncrCEK, int keyLength, Provider provider) throws JOSEException
Decrypts the specified encrypted Content Encryption Key (CEK).- Parameters:
kek- The AES Key Encription Key. Must not benull.iv- The initialisation vector (IV). Must not benull.authEncrCEK- The encrypted Content Encryption Key (CEK) to decrypt and authentication tag. Must not benull.provider- The JCA provider, ornullto use the default one.- Returns:
- The decrypted Content Encryption Key (CEK).
- Throws:
JOSEException- If decryption failed.
-
-