getSecretKey() {
* portion of the key is used for encryption. This operation requires the keys/encrypt permission.
*
* The {@link EncryptionAlgorithm encryption algorithm} indicates the type of algorithm to use for encrypting the
- * specified {@code plaintext}. Possible values for assymetric keys include:
+ * specified {@code plaintext}. Possible values for asymmetric keys include:
* {@link EncryptionAlgorithm#RSA1_5 RSA1_5}, {@link EncryptionAlgorithm#RSA_OAEP RSA_OAEP} and
* {@link EncryptionAlgorithm#RSA_OAEP_256 RSA_OAEP_256}.
*
@@ -233,7 +233,7 @@ public Mono encrypt(EncryptionAlgorithm algorithm, byte[] plainte
* portion of the key is used for encryption. This operation requires the keys/encrypt permission.
*
* The {@link EncryptionAlgorithm encryption algorithm} indicates the type of algorithm to use for encrypting the
- * specified {@code plaintext}. Possible values for assymetric keys include:
+ * specified {@code plaintext}. Possible values for asymmetric keys include:
* {@link EncryptionAlgorithm#RSA1_5 RSA1_5}, {@link EncryptionAlgorithm#RSA_OAEP RSA_OAEP} and
* {@link EncryptionAlgorithm#RSA_OAEP_256 RSA_OAEP_256}.
*
@@ -248,7 +248,7 @@ public Mono encrypt(EncryptionAlgorithm algorithm, byte[] plainte
* Code Samples
* Encrypts the content. Subscribes to the call asynchronously and prints out the encrypted content details when
* a response has been received.
- * {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.encrypt#EncryptionAlgorithm-byte-CryptographyOptions}
+ * {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.encrypt#EncryptionAlgorithm-byte-EncryptOptions}
*
* @param algorithm The algorithm to be used for encryption.
* @param plaintext The content to be encrypted.
@@ -260,7 +260,7 @@ public Mono encrypt(EncryptionAlgorithm algorithm, byte[] plainte
* @throws NullPointerException If {@code algorithm} or {@code plainText} are {@code null}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
- public Mono encrypt(EncryptionAlgorithm algorithm, byte[] plaintext, CryptographyOptions options) {
+ public Mono encrypt(EncryptionAlgorithm algorithm, byte[] plaintext, EncryptOptions options) {
try {
return withContext(context -> encrypt(algorithm, plaintext, options, context));
} catch (RuntimeException ex) {
@@ -269,7 +269,7 @@ public Mono encrypt(EncryptionAlgorithm algorithm, byte[] plainte
}
- Mono encrypt(EncryptionAlgorithm algorithm, byte[] plaintext, CryptographyOptions options,
+ Mono encrypt(EncryptionAlgorithm algorithm, byte[] plaintext, EncryptOptions options,
Context context) {
Objects.requireNonNull(algorithm, "Encryption algorithm cannot be null.");
Objects.requireNonNull(plaintext, "Plain text content to be encrypted cannot be null.");
@@ -295,7 +295,7 @@ Mono encrypt(EncryptionAlgorithm algorithm, byte[] plaintext, Cry
* keys/decrypt permission.
*
* The {@link EncryptionAlgorithm encryption algorithm} indicates the type of algorithm to use for decrypting the
- * specified encrypted content. Possible values for assymetric keys include:
+ * specified encrypted content. Possible values for asymmetric keys include:
* {@link EncryptionAlgorithm#RSA1_5 RSA1_5}, {@link EncryptionAlgorithm#RSA_OAEP RSA_OAEP} and {@link
* EncryptionAlgorithm#RSA_OAEP_256 RSA_OAEP_256}.
*
@@ -331,7 +331,7 @@ public Mono decrypt(EncryptionAlgorithm algorithm, byte[] cipherT
* keys/decrypt permission.
*
* The {@link EncryptionAlgorithm encryption algorithm} indicates the type of algorithm to use for decrypting the
- * specified encrypted content. Possible values for assymetric keys include:
+ * specified encrypted content. Possible values for asymmetric keys include:
* {@link EncryptionAlgorithm#RSA1_5 RSA1_5}, {@link EncryptionAlgorithm#RSA_OAEP RSA_OAEP} and {@link
* EncryptionAlgorithm#RSA_OAEP_256 RSA_OAEP_256}.
*
@@ -346,7 +346,7 @@ public Mono decrypt(EncryptionAlgorithm algorithm, byte[] cipherT
* Code Samples
* Decrypts the encrypted content. Subscribes to the call asynchronously and prints out the decrypted content
* details when a response has been received.
- * {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.decrypt#EncryptionAlgorithm-byte-CryptographyOptions}
+ * {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.decrypt#EncryptionAlgorithm-byte-DecryptOptions}
*
* @param algorithm The algorithm to be used for decryption.
* @param cipherText The content to be decrypted.
@@ -357,7 +357,7 @@ public Mono decrypt(EncryptionAlgorithm algorithm, byte[] cipherT
* @throws NullPointerException If {@code algorithm} or {@code cipherText} are {@code null}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
- public Mono decrypt(EncryptionAlgorithm algorithm, byte[] cipherText, CryptographyOptions options) {
+ public Mono decrypt(EncryptionAlgorithm algorithm, byte[] cipherText, DecryptOptions options) {
try {
return withContext(context -> decrypt(algorithm, cipherText, options, context));
} catch (RuntimeException ex) {
@@ -365,7 +365,7 @@ public Mono decrypt(EncryptionAlgorithm algorithm, byte[] cipherT
}
}
- Mono decrypt(EncryptionAlgorithm algorithm, byte[] cipherText, CryptographyOptions options,
+ Mono decrypt(EncryptionAlgorithm algorithm, byte[] cipherText, DecryptOptions options,
Context context) {
Objects.requireNonNull(algorithm, "Encryption algorithm cannot be null.");
Objects.requireNonNull(cipherText, "Cipher text content to be decrypted cannot be null.");
@@ -513,51 +513,20 @@ Mono verify(SignatureAlgorithm algorithm, byte[] digest, byte[] si
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public Mono wrapKey(KeyWrapAlgorithm algorithm, byte[] key) {
- return wrapKey(algorithm, key, null);
- }
-
- /**
- * Wraps a symmetric key using the configured key. The wrap operation supports wrapping a symmetric key with both
- * symmetric and asymmetric keys. This operation requires the keys/wrapKey permission.
- *
- * The {@link KeyWrapAlgorithm wrap algorithm} indicates the type of algorithm to use for wrapping the specified
- * key content. Possible values include:
- * {@link KeyWrapAlgorithm#RSA1_5 RSA1_5}, {@link KeyWrapAlgorithm#RSA_OAEP RSA_OAEP} and {@link
- * KeyWrapAlgorithm#RSA_OAEP_256 RSA_OAEP_256}.
- *
- * Possible values for symmetric keys include: {@link EncryptionAlgorithm#A128KW A128KW},
- * {@link EncryptionAlgorithm#A192KW A192KW} and {@link EncryptionAlgorithm#A256KW A256KW}.
- *
- * Code Samples
- * Wraps the key content. Subscribes to the call asynchronously and prints out the wrapped key details when a
- * response has been received.
- * {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.wrapKey#KeyWrapAlgorithm-byte-CryptographyOptions}
- *
- * @param algorithm The encryption algorithm to use for wrapping the key.
- * @param key The key content to be wrapped.
- * @param options Optional parameters for the wrap operation.
- * @return A {@link Mono} containing a {@link WrapResult} whose {@link WrapResult#getEncryptedKey() encrypted key}
- * contains the wrapped key result.
- * @throws ResourceNotFoundException If the key cannot be found for wrap operation.
- * @throws UnsupportedOperationException If the wrap operation is not supported or configured on the key.
- * @throws NullPointerException If {@code algorithm} or {@code key} are {@code null}.
- */
- @ServiceMethod(returns = ReturnType.SINGLE)
- public Mono wrapKey(KeyWrapAlgorithm algorithm, byte[] key, CryptographyOptions options) {
try {
- return withContext(context -> wrapKey(algorithm, key, options, context));
+ return withContext(context -> wrapKey(algorithm, key, context));
} catch (RuntimeException ex) {
return monoError(logger, ex);
}
}
- Mono wrapKey(KeyWrapAlgorithm algorithm, byte[] key, CryptographyOptions options, Context context) {
+ Mono wrapKey(KeyWrapAlgorithm algorithm, byte[] key, Context context) {
Objects.requireNonNull(algorithm, "Key Wrap algorithm cannot be null.");
Objects.requireNonNull(key, "Key content to be wrapped cannot be null.");
return ensureValidKeyAvailable().flatMap(available -> {
if (!available) {
- return cryptographyServiceClient.wrapKey(algorithm, key, options, context);
+ return cryptographyServiceClient.wrapKey(algorithm, key, context);
}
if (!checkKeyPermissions(this.key.getKeyOps(), KeyOperation.WRAP_KEY)) {
@@ -565,7 +534,7 @@ Mono wrapKey(KeyWrapAlgorithm algorithm, byte[] key, CryptographyOpt
"Wrap Key Operation is not allowed for key with id %s", this.key.getId()))));
}
- return localKeyCryptographyClient.wrapKeyAsync(algorithm, key, options, context, this.key);
+ return localKeyCryptographyClient.wrapKeyAsync(algorithm, key, context, this.key);
});
}
@@ -596,52 +565,20 @@ Mono wrapKey(KeyWrapAlgorithm algorithm, byte[] key, CryptographyOpt
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public Mono unwrapKey(KeyWrapAlgorithm algorithm, byte[] encryptedKey) {
- return unwrapKey(algorithm, encryptedKey, null);
- }
-
- /**
- * Unwraps a symmetric key using the configured key that was initially used for wrapping that key. This operation is
- * the reverse of the wrap operation. The unwrap operation supports asymmetric and symmetric keys to unwrap. This
- * operation requires the keys/unwrapKey permission.
- *
- * The {@link KeyWrapAlgorithm wrap algorithm} indicates the type of algorithm to use for unwrapping the
- * specified encrypted key content. Possible values for asymmetric keys include:
- * {@link KeyWrapAlgorithm#RSA1_5 RSA1_5}, {@link KeyWrapAlgorithm#RSA_OAEP RSA_OAEP} and {@link
- * KeyWrapAlgorithm#RSA_OAEP_256 RSA_OAEP_256}.
- *
- * Possible values for symmetric keys include: {@link KeyWrapAlgorithm#A128KW A128KW},
- * {@link KeyWrapAlgorithm#A192KW A192KW} and {@link KeyWrapAlgorithm#A256KW A256KW}.
- *
- * Code Samples
- * Unwraps the key content. Subscribes to the call asynchronously and prints out the unwrapped key details when a
- * response has been received.
- * {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.unwrapKey#KeyWrapAlgorithm-byte-CryptographyOptions}
- *
- * @param algorithm The encryption algorithm to use for wrapping the key.
- * @param encryptedKey The encrypted key content to unwrap.
- * @param options Optional parameters for the unwrap operation.
- * @return A {@link Mono} containing a the unwrapped key content.
- * @throws ResourceNotFoundException If the key cannot be found for wrap operation.
- * @throws UnsupportedOperationException If the unwrap operation is not supported or configured on the key.
- * @throws NullPointerException If {@code algorithm} or {@code encryptedKey} are {@code null}.
- */
- @ServiceMethod(returns = ReturnType.SINGLE)
- public Mono unwrapKey(KeyWrapAlgorithm algorithm, byte[] encryptedKey, CryptographyOptions options) {
try {
- return withContext(context -> unwrapKey(algorithm, encryptedKey, options, context));
+ return withContext(context -> unwrapKey(algorithm, encryptedKey, context));
} catch (RuntimeException ex) {
return monoError(logger, ex);
}
}
- Mono unwrapKey(KeyWrapAlgorithm algorithm, byte[] encryptedKey, CryptographyOptions options,
- Context context) {
+ Mono unwrapKey(KeyWrapAlgorithm algorithm, byte[] encryptedKey, Context context) {
Objects.requireNonNull(algorithm, "Key Wrap algorithm cannot be null.");
Objects.requireNonNull(encryptedKey, "Encrypted key content to be unwrapped cannot be null.");
return ensureValidKeyAvailable().flatMap(available -> {
if (!available) {
- return cryptographyServiceClient.unwrapKey(algorithm, encryptedKey, options, context);
+ return cryptographyServiceClient.unwrapKey(algorithm, encryptedKey, context);
}
if (!checkKeyPermissions(this.key.getKeyOps(), KeyOperation.UNWRAP_KEY)) {
@@ -649,7 +586,7 @@ Mono unwrapKey(KeyWrapAlgorithm algorithm, byte[] encryptedKey, Cr
"Unwrap Key Operation is not allowed for key with id %s", this.key.getId()))));
}
- return localKeyCryptographyClient.unwrapKeyAsync(algorithm, encryptedKey, options, context, key);
+ return localKeyCryptographyClient.unwrapKeyAsync(algorithm, encryptedKey, context, key);
});
}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyClient.java
index cd384f7021d40..b971a9fcf73a8 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyClient.java
@@ -172,7 +172,7 @@ public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plaintext) {
* Code Samples
* Encrypts the content. Subscribes to the call asynchronously and prints out the encrypted content details when
* a response has been received.
- * {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyClient.encrypt#EncryptionAlgorithm-byte-CryptographyOptions-Context}
+ * {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyClient.encrypt#EncryptionAlgorithm-byte-EncryptOptions-Context}
*
* @param algorithm The algorithm to be used for encryption.
* @param plaintext The content to be encrypted.
@@ -184,7 +184,7 @@ public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plaintext) {
* @throws UnsupportedOperationException If the encrypt operation is not supported or configured on the key.
* @throws NullPointerException If {@code algorithm} or {@code plainText} are {@code null}.
*/
- public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plaintext, CryptographyOptions options,
+ public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plaintext, EncryptOptions options,
Context context) {
return client.encrypt(algorithm, plaintext, options, context).block();
}
@@ -282,7 +282,7 @@ public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] cipherText) {
* Code Samples
* Decrypts the encrypted content. Subscribes to the call asynchronously and prints out the decrypted content
* details when a response has been received.
- * {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyClient.decrypt#EncryptionAlgorithm-byte-CryptographyOptions-Context}
+ * {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyClient.decrypt#EncryptionAlgorithm-byte-DecryptOptions-Context}
*
* @param algorithm The algorithm to be used for decryption.
* @param cipherText The content to be decrypted.
@@ -293,7 +293,7 @@ public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] cipherText) {
* @throws UnsupportedOperationException If the decrypt operation is not supported or configured on the key.
* @throws NullPointerException If {@code algorithm} or {@code cipherText} are {@code null}.
*/
- public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] cipherText, CryptographyOptions options,
+ public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] cipherText, DecryptOptions options,
Context context) {
return client.decrypt(algorithm, cipherText, options, context).block();
}
@@ -474,38 +474,7 @@ public WrapResult wrapKey(KeyWrapAlgorithm algorithm, byte[] key) {
* @throws NullPointerException If {@code algorithm} or {@code key} are {@code null}.
*/
public WrapResult wrapKey(KeyWrapAlgorithm algorithm, byte[] key, Context context) {
- return wrapKey(algorithm, key, null, context);
- }
-
- /**
- * Wraps a symmetric key using the configured key. The wrap operation supports wrapping a symmetric key with both
- * symmetric and asymmetric keys. This operation requires the keys/wrapKey permission.
- *
- * The {@link KeyWrapAlgorithm wrap algorithm} indicates the type of algorithm to use for wrapping the specified
- * key content. Possible values for asymmetric keys include:
- * {@link EncryptionAlgorithm#RSA1_5 RSA1_5}, {@link EncryptionAlgorithm#RSA_OAEP RSA_OAEP} and
- * {@link EncryptionAlgorithm#RSA_OAEP_256 RSA_OAEP_256}.
- *
- * Possible values for symmetric keys include: {@link EncryptionAlgorithm#A128KW A128KW},
- * {@link EncryptionAlgorithm#A192KW A192KW} and {@link EncryptionAlgorithm#A256KW A256KW}.
- *
- * Code Samples
- * Wraps the key content. Subscribes to the call asynchronously and prints out the wrapped key details when a
- * response has been received.
- * {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyClient.wrapKey#KeyWrapAlgorithm-byte-CryptographyOptions-Context}
- *
- * @param algorithm The encryption algorithm to use for wrapping the key.
- * @param key The key content to be wrapped.
- * @param options Optional parameters for the wrap operation.
- * @param context Additional context that is passed through the Http pipeline during the service call.
- * @return The {@link WrapResult} whose {@link WrapResult#getEncryptedKey() encrypted key} contains the wrapped
- * key result.
- * @throws ResourceNotFoundException If the key cannot be found for encryption.
- * @throws UnsupportedOperationException If the wrap operation is not supported or configured on the key.
- * @throws NullPointerException If {@code algorithm} or {@code key} are {@code null}.
- */
- public WrapResult wrapKey(KeyWrapAlgorithm algorithm, byte[] key, CryptographyOptions options, Context context) {
- return client.wrapKey(algorithm, key, options, context).block();
+ return client.wrapKey(algorithm, key, context).block();
}
/**
@@ -564,39 +533,7 @@ public UnwrapResult unwrapKey(KeyWrapAlgorithm algorithm, byte[] encryptedKey) {
* @throws NullPointerException If {@code algorithm} or {@code encryptedKey} are {@code null}.
*/
public UnwrapResult unwrapKey(KeyWrapAlgorithm algorithm, byte[] encryptedKey, Context context) {
- return unwrapKey(algorithm, encryptedKey, null, context);
- }
-
- /**
- * Unwraps a symmetric key using the configured key that was initially used for wrapping that key. This operation is
- * the reverse of the wrap operation. The unwrap operation supports asymmetric and symmetric keys to unwrap. This
- * operation requires the keys/unwrapKey permission.
- *
- * The {@link KeyWrapAlgorithm wrap algorithm} indicates the type of algorithm to use for wrapping the specified
- * key content. Possible values for asymmetric keys include:
- * {@link EncryptionAlgorithm#RSA1_5 RSA1_5}, {@link EncryptionAlgorithm#RSA_OAEP RSA_OAEP} and
- * {@link EncryptionAlgorithm#RSA_OAEP_256 RSA_OAEP_256}.
- *
- * Possible values for symmetric keys include: {@link EncryptionAlgorithm#A128KW A128KW},
- * {@link EncryptionAlgorithm#A192KW A192KW} and {@link EncryptionAlgorithm#A256KW A256KW}.
- *
- * Code Samples
- * Unwraps the key content. Subscribes to the call asynchronously and prints out the unwrapped key details when a
- * response has been received.
- * {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyClient.unwrapKey#KeyWrapAlgorithm-byte-CryptographyOptions-Context}
- *
- * @param algorithm The encryption algorithm to use for wrapping the key.
- * @param encryptedKey The encrypted key content to unwrap.
- * @param options Optional parameters for the unwrap operation.
- * @param context Additional context that is passed through the Http pipeline during the service call.
- * @return The unwrapped key content.
- * @throws ResourceNotFoundException If the key cannot be found for wrap operation.
- * @throws UnsupportedOperationException If the unwrap operation is not supported or configured on the key.
- * @throws NullPointerException If {@code algorithm} or {@code encryptedKey} are {@code null}.
- */
- public UnwrapResult unwrapKey(KeyWrapAlgorithm algorithm, byte[] encryptedKey, CryptographyOptions options,
- Context context) {
- return client.unwrapKey(algorithm, encryptedKey, options, context).block();
+ return client.unwrapKey(algorithm, encryptedKey, context).block();
}
/**
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyOptions.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyOptions.java
deleted file mode 100644
index ac01cae50a7dd..0000000000000
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyOptions.java
+++ /dev/null
@@ -1,77 +0,0 @@
-// Copyright (c) Microsoft Corporation. All rights reserved.
-// Licensed under the MIT License.
-
-package com.azure.security.keyvault.keys.cryptography;
-
-import com.azure.core.annotation.Fluent;
-import com.fasterxml.jackson.annotation.JsonProperty;
-
-/**
- * Represents optional parameters for cryptographic operations.
- */
-@Fluent
-public class CryptographyOptions {
- /**
- * Initialization vector for symmetric algorithms.
- */
- @JsonProperty(value = "iv")
- private final byte[] initializationVector;
-
- /**
- * Additional data to authenticate but not encrypt/decrypt when using authenticated crypto algorithms.
- */
- @JsonProperty(value = "aad")
- private final byte[] additionalAuthenticatedData;
-
- /**
- * The tag to authenticate when performing decryption with an authenticated algorithm.
- */
- @JsonProperty(value = "tag")
- private final byte[] tag;
-
- /**
- * Creates an instance of {@link CryptographyOptions} with the given parameters.
- *
- * @param initializationVector Initialization vector for symmetric algorithms.
- * @param additionalAuthenticatedData Additional data to authenticate but not encrypt/decrypt when using
- * authenticated crypto algorithms.
- * @param tag The tag to authenticate when performing decryption with an authenticated algorithm.
- */
- public CryptographyOptions(byte[] initializationVector, byte[] additionalAuthenticatedData, byte[] tag) {
- this.initializationVector = new byte[initializationVector.length];
- this.additionalAuthenticatedData = new byte[additionalAuthenticatedData.length];
- this.tag = new byte[tag.length];
-
- System.arraycopy(initializationVector, 0, this.initializationVector, 0, initializationVector.length);
- System.arraycopy(additionalAuthenticatedData, 0, this.additionalAuthenticatedData, 0,
- additionalAuthenticatedData.length);
- System.arraycopy(tag, 0, this.tag, 0, tag.length);
- }
-
- /**
- * Get the initialization vector to be used in the cryptographic operation using a symmetric algorithm.
- *
- * @return The initialization vector.
- */
- public byte[] getInitializationVector() {
- return initializationVector.clone();
- }
-
- /**
- * Get additional data to authenticate but not encrypt/decrypt when using authenticated crypto algorithms.
- *
- * @return The additional authenticated data.
- */
- public byte[] getAdditionalAuthenticatedData() {
- return additionalAuthenticatedData.clone();
- }
-
- /**
- * Get the tag to authenticate when performing decryption with an authenticated algorithm.
- *
- * @return The tag.
- */
- public byte[] getTag() {
- return tag.clone();
- }
-}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyServiceClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyServiceClient.java
index aaf2c8ab3213c..2fe89007c5c59 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyServiceClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyServiceClient.java
@@ -125,20 +125,20 @@ JsonWebKey transformSecretKey(SecretKey secretKey) throws JsonProcessingExceptio
return mapper.readValue(jsonString, JsonWebKey.class);
}
- Mono encrypt(EncryptionAlgorithm algorithm, byte[] plaintext, CryptographyOptions options,
+ Mono encrypt(EncryptionAlgorithm algorithm, byte[] plaintext, EncryptOptions options,
Context context) {
- byte[] initializationVector = null;
+ byte[] iv = null;
byte[] authenticatedData = null;
if (options != null) {
- initializationVector = options.getInitializationVector();
+ iv = options.getIv();
authenticatedData = options.getAdditionalAuthenticatedData();
}
KeyOperationParameters parameters = new KeyOperationParameters()
.setAlgorithm(algorithm)
.setValue(plaintext)
- .setInitializationVector(initializationVector)
+ .setIv(iv)
.setAdditionalAuthenticatedData(authenticatedData);
context = context == null ? Context.NONE : context;
@@ -153,24 +153,24 @@ Mono encrypt(EncryptionAlgorithm algorithm, byte[] plaintext, Cry
Mono.just(new EncryptResult(keyOperationResultResponse.getValue().getResult(), algorithm, keyId)));
}
- Mono decrypt(EncryptionAlgorithm algorithm, byte[] cipherText, CryptographyOptions options,
+ Mono decrypt(EncryptionAlgorithm algorithm, byte[] cipherText, DecryptOptions options,
Context context) {
- byte[] initializationVector = null;
- byte[] authenticatedData = null;
- byte[] tag = null;
+ byte[] iv = null;
+ byte[] additionalAuthenticatedData = null;
+ byte[] authenticationTag = null;
if (options != null) {
- initializationVector = options.getInitializationVector();
- authenticatedData = options.getAdditionalAuthenticatedData();
- tag = options.getTag();
+ iv = options.getIv();
+ additionalAuthenticatedData = options.getAdditionalAuthenticatedData();
+ authenticationTag = options.getAuthenticationTag();
}
KeyOperationParameters parameters = new KeyOperationParameters()
.setAlgorithm(algorithm)
.setValue(cipherText)
- .setInitializationVector(initializationVector)
- .setAdditionalAuthenticatedData(authenticatedData)
- .setTag(tag);
+ .setIv(iv)
+ .setAdditionalAuthenticatedData(additionalAuthenticatedData)
+ .setAuthenticationTag(authenticationTag);
context = context == null ? Context.NONE : context;
return service.decrypt(vaultUrl, keyName, version, apiVersion, ACCEPT_LANGUAGE, parameters,
@@ -212,20 +212,10 @@ Mono verify(SignatureAlgorithm algorithm, byte[] digest, byte[] si
Mono.just(new VerifyResult(response.getValue().getValue(), algorithm, keyId)));
}
- Mono wrapKey(KeyWrapAlgorithm algorithm, byte[] key, CryptographyOptions options, Context context) {
- byte[] initializationVector = null;
- byte[] authenticatedData = null;
-
- if (options != null) {
- initializationVector = options.getInitializationVector();
- authenticatedData = options.getAdditionalAuthenticatedData();
- }
-
+ Mono wrapKey(KeyWrapAlgorithm algorithm, byte[] key, Context context) {
KeyWrapUnwrapRequest parameters = new KeyWrapUnwrapRequest()
.setAlgorithm(algorithm)
- .setValue(key)
- .setInitializationVector(initializationVector)
- .setAdditionalAuthenticatedData(authenticatedData);
+ .setValue(key);
context = context == null ? Context.NONE : context;
return service.wrapKey(vaultUrl, keyName, version, apiVersion, ACCEPT_LANGUAGE, parameters,
@@ -239,21 +229,11 @@ Mono wrapKey(KeyWrapAlgorithm algorithm, byte[] key, CryptographyOpt
Mono.just(new WrapResult(keyOperationResultResponse.getValue().getResult(), algorithm, keyId)));
}
- Mono unwrapKey(KeyWrapAlgorithm algorithm, byte[] encryptedKey, CryptographyOptions options,
- Context context) {
- byte[] initializationVector = null;
- byte[] authenticatedData = null;
-
- if (options != null) {
- initializationVector = options.getInitializationVector();
- authenticatedData = options.getAdditionalAuthenticatedData();
- }
+ Mono unwrapKey(KeyWrapAlgorithm algorithm, byte[] encryptedKey, Context context) {
KeyWrapUnwrapRequest parameters = new KeyWrapUnwrapRequest()
.setAlgorithm(algorithm)
- .setValue(encryptedKey)
- .setInitializationVector(initializationVector)
- .setAdditionalAuthenticatedData(authenticatedData);
+ .setValue(encryptedKey);
context = context == null ? Context.NONE : context;
return service.unwrapKey(vaultUrl, keyName, version, apiVersion, ACCEPT_LANGUAGE, parameters,
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/DecryptOptions.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/DecryptOptions.java
new file mode 100644
index 0000000000000..216c3d37269f0
--- /dev/null
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/DecryptOptions.java
@@ -0,0 +1,100 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+package com.azure.security.keyvault.keys.cryptography;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+
+/**
+ * A class containing various configuration parameters that can be applied when performing decryption operations.
+ */
+public class DecryptOptions {
+ /**
+ * Initialization vector to be used in the decryption operation using a symmetric algorithm.
+ */
+ @JsonProperty(value = "iv")
+ private final byte[] iv;
+
+ /**
+ * Get additional data to authenticate when performing decryption with an authenticated algorithm.
+ */
+ @JsonProperty(value = "aad")
+ private final byte[] additionalAuthenticatedData;
+
+ /**
+ * The tag to authenticate when performing decryption with an authenticated algorithm.
+ */
+ @JsonProperty(value = "tag")
+ private final byte[] authenticationTag;
+
+ /**
+ * Creates an instance of {@link DecryptOptions} with the given parameters.
+ *
+ * @param iv Initialization vector for symmetric algorithms.
+ * @param additionalAuthenticatedData Additional data to authenticate but not encrypt/decrypt when using
+ * authenticated crypto algorithms.
+ * @param authenticationTag The tag to authenticate when performing decryption with an authenticated algorithm.
+ */
+ public DecryptOptions(byte[] iv, byte[] additionalAuthenticatedData, byte[] authenticationTag) {
+ if (iv == null) {
+ this.iv = null;
+ } else {
+ this.iv = new byte[iv.length];
+ System.arraycopy(iv, 0, this.iv, 0, iv.length);
+ }
+
+ if (additionalAuthenticatedData == null) {
+ this.additionalAuthenticatedData = null;
+ } else {
+ this.additionalAuthenticatedData = new byte[additionalAuthenticatedData.length];
+ System.arraycopy(additionalAuthenticatedData, 0, this.additionalAuthenticatedData, 0,
+ additionalAuthenticatedData.length);
+ }
+
+ if (authenticationTag == null) {
+ this.authenticationTag = null;
+ } else {
+ this.authenticationTag = new byte[authenticationTag.length];
+ System.arraycopy(authenticationTag, 0, this.authenticationTag, 0, authenticationTag.length);
+ }
+ }
+
+ /**
+ * Get the initialization vector to be used in the decryption operation using a symmetric algorithm.
+ *
+ * @return The initialization vector.
+ */
+ public byte[] getIv() {
+ if (iv == null) {
+ return null;
+ } else {
+ return iv.clone();
+ }
+ }
+
+ /**
+ * Get additional data to authenticate when performing decryption with an authenticated algorithm.
+ *
+ * @return The additional authenticated data.
+ */
+ public byte[] getAdditionalAuthenticatedData() {
+ if (additionalAuthenticatedData == null) {
+ return null;
+ } else {
+ return additionalAuthenticatedData.clone();
+ }
+ }
+
+ /**
+ * Get the tag to authenticate when performing decryption with an authenticated algorithm.
+ *
+ * @return The authentication tag.
+ */
+ public byte[] getAuthenticationTag() {
+ if (authenticationTag == null) {
+ return null;
+ } else {
+ return authenticationTag.clone();
+ }
+ }
+}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EcKeyCryptographyClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EcKeyCryptographyClient.java
index db54c1ec93dda..161792f7cabc4 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EcKeyCryptographyClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EcKeyCryptographyClient.java
@@ -56,14 +56,14 @@ private KeyPair getKeyPair(JsonWebKey key) {
}
@Override
- Mono encryptAsync(EncryptionAlgorithm algorithm, byte[] plaintext, CryptographyOptions options,
+ Mono encryptAsync(EncryptionAlgorithm algorithm, byte[] plaintext, EncryptOptions options,
Context context, JsonWebKey key) {
throw logger.logExceptionAsError(new UnsupportedOperationException(
"Encrypt operation is not supported for EC key"));
}
@Override
- Mono decryptAsync(EncryptionAlgorithm algorithm, byte[] cipherText, CryptographyOptions options,
+ Mono decryptAsync(EncryptionAlgorithm algorithm, byte[] cipherText, DecryptOptions options,
Context context, JsonWebKey key) {
throw logger.logExceptionAsError(new UnsupportedOperationException(
"Decrypt operation is not supported for EC key"));
@@ -152,14 +152,13 @@ Mono verifyAsync(SignatureAlgorithm algorithm, byte[] digest, byte
}
@Override
- Mono wrapKeyAsync(KeyWrapAlgorithm algorithm, byte[] key, CryptographyOptions options, Context context,
- JsonWebKey webKey) {
+ Mono wrapKeyAsync(KeyWrapAlgorithm algorithm, byte[] key, Context context, JsonWebKey webKey) {
return Mono.error(new UnsupportedOperationException("Wrap key operation is not supported for EC key"));
}
@Override
- Mono unwrapKeyAsync(KeyWrapAlgorithm algorithm, byte[] encryptedKey, CryptographyOptions options,
- Context context, JsonWebKey key) {
+ Mono unwrapKeyAsync(KeyWrapAlgorithm algorithm, byte[] encryptedKey, Context context,
+ JsonWebKey key) {
throw logger.logExceptionAsError(new UnsupportedOperationException(
"Unwrap key operation is not supported for Ec key"));
}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EncryptOptions.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EncryptOptions.java
new file mode 100644
index 0000000000000..b9e53bb4c77c1
--- /dev/null
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EncryptOptions.java
@@ -0,0 +1,73 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+package com.azure.security.keyvault.keys.cryptography;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+
+/**
+ * A class containing various configuration parameters that can be applied when performing encryption operations.
+ */
+public class EncryptOptions {
+ /**
+ * Initialization vector to be used in the encryption operation using a symmetric algorithm.
+ */
+ @JsonProperty(value = "iv")
+ private final byte[] iv;
+
+ /**
+ * Get additional data to authenticate when performing encryption with an authenticated algorithm.
+ */
+ @JsonProperty(value = "aad")
+ private final byte[] additionalAuthenticatedData;
+
+ /**
+ * Creates an instance of {@link EncryptOptions} with the given parameters.
+ *
+ * @param iv Initialization vector for symmetric algorithms.
+ * @param additionalAuthenticatedData Additional data to authenticate but not encrypt/decrypt when using
+ * authenticated crypto algorithms.
+ */
+ public EncryptOptions(byte[] iv, byte[] additionalAuthenticatedData) {
+ if (iv == null) {
+ this.iv = null;
+ } else {
+ this.iv = new byte[iv.length];
+ System.arraycopy(iv, 0, this.iv, 0, iv.length);
+ }
+
+ if (additionalAuthenticatedData == null) {
+ this.additionalAuthenticatedData = null;
+ } else {
+ this.additionalAuthenticatedData = new byte[additionalAuthenticatedData.length];
+ System.arraycopy(additionalAuthenticatedData, 0, this.additionalAuthenticatedData, 0,
+ additionalAuthenticatedData.length);
+ }
+ }
+
+ /**
+ * Get the initialization vector to be used in the decryption operation using a symmetric algorithm.
+ *
+ * @return The initialization vector.
+ */
+ public byte[] getIv() {
+ if (iv == null) {
+ return null;
+ } else {
+ return iv.clone();
+ }
+ }
+
+ /**
+ * Get additional data to authenticate when performing decryption with an authenticated algorithm.
+ *
+ * @return The additional authenticated data.
+ */
+ public byte[] getAdditionalAuthenticatedData() {
+ if (additionalAuthenticatedData == null) {
+ return null;
+ } else {
+ return additionalAuthenticatedData.clone();
+ }
+ }
+}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/KeyOperationParameters.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/KeyOperationParameters.java
index bf4ae912ccb79..ddc794985cd1f 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/KeyOperationParameters.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/KeyOperationParameters.java
@@ -28,7 +28,7 @@ class KeyOperationParameters {
* Initialization vector for symmetric algorithms.
*/
@JsonProperty(value = "iv")
- private byte[] initializationVector;
+ private byte[] iv;
/**
* Additional data to authenticate but not encrypt/decrypt when using authenticated crypto algorithms.
@@ -40,7 +40,7 @@ class KeyOperationParameters {
* The tag to authenticate when performing decryption with an authenticated algorithm.
*/
@JsonProperty(value = "tag")
- private byte[] tag;
+ private byte[] authenticationTag;
/**
* Get the algorithm value.
@@ -94,18 +94,18 @@ public KeyOperationParameters setValue(byte[] value) {
*
* @return The initialization vector.
*/
- public byte[] getInitializationVector() {
- return initializationVector;
+ public byte[] getIv() {
+ return iv;
}
/**
* Set the initialization vector to be used in the cryptographic operation using a symmetric algorithm.
*
- * @param initializationVector The initialization vector to set.
+ * @param iv The initialization vector to set.
* @return The updated {@link KeyOperationParameters} object.
*/
- public KeyOperationParameters setInitializationVector(byte[] initializationVector) {
- this.initializationVector = initializationVector;
+ public KeyOperationParameters setIv(byte[] iv) {
+ this.iv = iv;
return this;
}
@@ -132,20 +132,20 @@ public KeyOperationParameters setAdditionalAuthenticatedData(byte[] additionalAu
/**
* Get the tag to authenticate when performing decryption with an authenticated algorithm.
*
- * @return The tag.
+ * @return The authentication tag.
*/
- public byte[] getTag() {
- return tag;
+ public byte[] getAuthenticationTag() {
+ return authenticationTag;
}
/**
* Set the tag to authenticate when performing decryption with an authenticated algorithm.
*
- * @param tag The tag to set.
+ * @param authenticationTag The tag to set.
* @return The updated {@link KeyOperationParameters} object.
*/
- public KeyOperationParameters setTag(byte[] tag) {
- this.tag = tag;
+ public KeyOperationParameters setAuthenticationTag(byte[] authenticationTag) {
+ this.authenticationTag = authenticationTag;
return this;
}
}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/KeyWrapUnwrapRequest.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/KeyWrapUnwrapRequest.java
index 54ddc13ef86a2..d1045cfdf3a4a 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/KeyWrapUnwrapRequest.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/KeyWrapUnwrapRequest.java
@@ -24,24 +24,6 @@ class KeyWrapUnwrapRequest {
@JsonProperty(value = "value", required = true)
private Base64Url value;
- /**
- * Initialization vector for symmetric algorithms.
- */
- @JsonProperty(value = "iv")
- private byte[] initializationVector;
-
- /**
- * Additional data to authenticate but not encrypt/decrypt when using authenticated crypto algorithms.
- */
- @JsonProperty(value = "aad")
- private byte[] additionalAuthenticatedData;
-
- /**
- * The tag to authenticate when performing decryption with an authenticated algorithm.
- */
- @JsonProperty(value = "tag")
- private byte[] tag;
-
/**
* Get the algorithm value.
*
@@ -88,64 +70,4 @@ public KeyWrapUnwrapRequest setValue(byte[] value) {
}
return this;
}
-
- /**
- * Get the initialization vector to be used in the cryptographic operation using a symmetric algorithm.
- *
- * @return The initialization vector.
- */
- public byte[] getInitializationVector() {
- return initializationVector;
- }
-
- /**
- * Set the initialization vector to be used in the cryptographic operation using a symmetric algorithm.
- *
- * @param initializationVector The initialization vector to set.
- * @return The updated {@link KeyWrapUnwrapRequest} object.
- */
- public KeyWrapUnwrapRequest setInitializationVector(byte[] initializationVector) {
- this.initializationVector = initializationVector;
- return this;
- }
-
- /**
- * Get additional data to authenticate but not encrypt/decrypt when using authenticated crypto algorithms.
- *
- * @return The additional authenticated data.
- */
- public byte[] getAdditionalAuthenticatedData() {
- return additionalAuthenticatedData;
- }
-
- /**
- * Set additional data to authenticate but not encrypt/decrypt when using authenticated crypto algorithms.
- *
- * @param additionalAuthenticatedData The additional authenticated data.
- * @return The updated {@link KeyWrapUnwrapRequest} object.
- */
- public KeyWrapUnwrapRequest setAdditionalAuthenticatedData(byte[] additionalAuthenticatedData) {
- this.additionalAuthenticatedData = additionalAuthenticatedData;
- return this;
- }
-
- /**
- * Get the tag to authenticate when performing decryption with an authenticated algorithm.
- *
- * @return The tag.
- */
- public byte[] getTag() {
- return tag;
- }
-
- /**
- * Set the tag to authenticate when performing decryption with an authenticated algorithm.
- *
- * @param tag The tag to set.
- * @return The updated {@link KeyWrapUnwrapRequest} object.
- */
- public KeyWrapUnwrapRequest setTag(byte[] tag) {
- this.tag = tag;
- return this;
- }
}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClient.java
index eed5f8cf74da5..cafa9442e33b6 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClient.java
@@ -48,8 +48,17 @@ Mono getKeyId() {
* portion of the key is used for encryption. This operation requires the keys/encrypt permission.
*
* The {@link EncryptionAlgorithm encryption algorithm} indicates the type of algorithm to use for encrypting the
- * specified {@code plaintext}. Possible values for assymetric keys include:
- * {@link EncryptionAlgorithm#RSA1_5 RSA1_5} and {@link EncryptionAlgorithm#RSA_OAEP RSA_OAEP}.
+ * specified {@code plaintext}. Possible values for asymmetric keys include:
+ * {@link EncryptionAlgorithm#RSA1_5 RSA1_5}, {@link EncryptionAlgorithm#RSA_OAEP RSA_OAEP} and
+ * {@link EncryptionAlgorithm#RSA_OAEP_256 RSA_OAEP_256}.
+ *
+ * Possible values for symmetric keys include: {@link EncryptionAlgorithm#A128CBC A128CBC},
+ * {@link EncryptionAlgorithm#A128CBCPAD A128CBCPAD}, {@link EncryptionAlgorithm#A128CBC_HS256 A128CBC-HS256},
+ * {@link EncryptionAlgorithm#A128GCM A128GCM}, {@link EncryptionAlgorithm#A192CBC A192CBC},
+ * {@link EncryptionAlgorithm#A192CBCPAD A192CBCPAD}, {@link EncryptionAlgorithm#A192CBC_HS384 A192CBC-HS384},
+ * {@link EncryptionAlgorithm#A192GCM A192GCM}, {@link EncryptionAlgorithm#A256CBC A256CBC},
+ * {@link EncryptionAlgorithm#A256CBCPAD A256CBPAD}, {@link EncryptionAlgorithm#A256CBC_HS512 A256CBC-HS512} and
+ * {@link EncryptionAlgorithm#A256GCM A256GCM}.
*
* Code Samples
* Encrypts the content. Subscribes to the call asynchronously and prints out the encrypted content details when
@@ -67,6 +76,41 @@ public Mono encrypt(EncryptionAlgorithm algorithm, byte[] plainte
return cryptographyAsyncClient.encrypt(algorithm, plaintext);
}
+ /**
+ * Encrypts an arbitrary sequence of bytes using the configured key. Note that the encrypt operation only supports a
+ * single block of data, the size of which is dependent on the target key and the encryption algorithm to be used.
+ * The encrypt operation is supported for both symmetric keys and asymmetric keys. In case of asymmetric keys public
+ * portion of the key is used for encryption. This operation requires the keys/encrypt permission.
+ *
+ * The {@link EncryptionAlgorithm encryption algorithm} indicates the type of algorithm to use for encrypting the
+ * specified {@code plaintext}. Possible values for asymmetric keys include:
+ * {@link EncryptionAlgorithm#RSA1_5 RSA1_5}, {@link EncryptionAlgorithm#RSA_OAEP RSA_OAEP} and
+ * {@link EncryptionAlgorithm#RSA_OAEP_256 RSA_OAEP_256}.
+ *
+ * Possible values for symmetric keys include: {@link EncryptionAlgorithm#A128CBC A128CBC},
+ * {@link EncryptionAlgorithm#A128CBCPAD A128CBCPAD}, {@link EncryptionAlgorithm#A128CBC_HS256 A128CBC-HS256},
+ * {@link EncryptionAlgorithm#A128GCM A128GCM}, {@link EncryptionAlgorithm#A192CBC A192CBC},
+ * {@link EncryptionAlgorithm#A192CBCPAD A192CBCPAD}, {@link EncryptionAlgorithm#A192CBC_HS384 A192CBC-HS384},
+ * {@link EncryptionAlgorithm#A192GCM A192GCM}, {@link EncryptionAlgorithm#A256CBC A256CBC},
+ * {@link EncryptionAlgorithm#A256CBCPAD A256CBPAD}, {@link EncryptionAlgorithm#A256CBC_HS512 A256CBC-HS512} and
+ * {@link EncryptionAlgorithm#A256GCM A256GCM}.
+ *
+ * Code Samples
+ * Encrypts the content. Subscribes to the call asynchronously and prints out the encrypted content details when
+ * a response has been received.
+ * {@codesnippet com.azure.security.keyvault.keys.cryptography.LocalCryptographyAsyncClient.encrypt#EncryptionAlgorithm-byte-EncryptOptions}
+ *
+ * @param algorithm The algorithm to be used for encryption.
+ * @param options Optional parameters for the encryption operation.
+ * @param plaintext The content to be encrypted.
+ * @return A {@link Mono} containing a {@link EncryptResult} whose {@link EncryptResult#getCipherText() cipher text}
+ * contains the encrypted content.
+ * @throws UnsupportedOperationException if the encrypt operation is not supported or configured on the key.
+ * @throws NullPointerException if {@code algorithm} or {@code plainText} is null.
+ */
+ public Mono encrypt(EncryptionAlgorithm algorithm, byte[] plaintext, EncryptOptions options) {
+ return cryptographyAsyncClient.encrypt(algorithm, plaintext, options);
+ }
/**
* Decrypts a single block of encrypted data using the configured key and specified algorithm. Note that only a
@@ -75,8 +119,17 @@ public Mono encrypt(EncryptionAlgorithm algorithm, byte[] plainte
* keys/decrypt permission.
*
* The {@link EncryptionAlgorithm encryption algorithm} indicates the type of algorithm to use for decrypting the
- * specified encrypted content. Possible values for assymetric keys include:
- * {@link EncryptionAlgorithm#RSA1_5 RSA1_5} and {@link EncryptionAlgorithm#RSA_OAEP RSA_OAEP}.
+ * specified encrypted content. Possible values for asymmetric keys include:
+ * {@link EncryptionAlgorithm#RSA1_5 RSA1_5}, {@link EncryptionAlgorithm#RSA_OAEP RSA_OAEP} and {@link
+ * EncryptionAlgorithm#RSA_OAEP_256 RSA_OAEP_256}.
+ *
+ * Possible values for symmetric keys include: {@link EncryptionAlgorithm#A128CBC A128CBC},
+ * {@link EncryptionAlgorithm#A128CBCPAD A128CBCPAD}, {@link EncryptionAlgorithm#A128CBC_HS256 A128CBC-HS256},
+ * {@link EncryptionAlgorithm#A128GCM A128GCM}, {@link EncryptionAlgorithm#A192CBC A192CBC},
+ * {@link EncryptionAlgorithm#A192CBCPAD A192CBCPAD}, {@link EncryptionAlgorithm#A192CBC_HS384 A192CBC-HS384},
+ * {@link EncryptionAlgorithm#A192GCM A192GCM}, {@link EncryptionAlgorithm#A256CBC A256CBC},
+ * {@link EncryptionAlgorithm#A256CBCPAD A256CBPAD}, {@link EncryptionAlgorithm#A256CBC_HS512 A256CBC-HS512} and
+ * {@link EncryptionAlgorithm#A256GCM A256GCM}.
*
* Code Samples
* Decrypts the encrypted content. Subscribes to the call asynchronously and prints out the decrypted content
@@ -93,6 +146,41 @@ public Mono decrypt(EncryptionAlgorithm algorithm, byte[] cipherT
return cryptographyAsyncClient.decrypt(algorithm, cipherText);
}
+ /**
+ * Decrypts a single block of encrypted data using the configured key and specified algorithm. Note that only a
+ * single block of data may be decrypted, the size of this block is dependent on the target key and the algorithm to
+ * be used. The decrypt operation is supported for both asymmetric and symmetric keys. This operation requires the
+ * keys/decrypt permission.
+ *
+ * The {@link EncryptionAlgorithm encryption algorithm} indicates the type of algorithm to use for decrypting the
+ * specified encrypted content. Possible values for asymmetric keys include:
+ * {@link EncryptionAlgorithm#RSA1_5 RSA1_5}, {@link EncryptionAlgorithm#RSA_OAEP RSA_OAEP} and {@link
+ * EncryptionAlgorithm#RSA_OAEP_256 RSA_OAEP_256}.
+ *
+ * Possible values for symmetric keys include: {@link EncryptionAlgorithm#A128CBC A128CBC},
+ * {@link EncryptionAlgorithm#A128CBCPAD A128CBCPAD}, {@link EncryptionAlgorithm#A128CBC_HS256 A128CBC-HS256},
+ * {@link EncryptionAlgorithm#A128GCM A128GCM}, {@link EncryptionAlgorithm#A192CBC A192CBC},
+ * {@link EncryptionAlgorithm#A192CBCPAD A192CBCPAD}, {@link EncryptionAlgorithm#A192CBC_HS384 A192CBC-HS384},
+ * {@link EncryptionAlgorithm#A192GCM A192GCM}, {@link EncryptionAlgorithm#A256CBC A256CBC},
+ * {@link EncryptionAlgorithm#A256CBCPAD A256CBPAD}, {@link EncryptionAlgorithm#A256CBC_HS512 A256CBC-HS512} and
+ * {@link EncryptionAlgorithm#A256GCM A256GCM}.
+ *
+ * Code Samples
+ * Decrypts the encrypted content. Subscribes to the call asynchronously and prints out the decrypted content
+ * details when a response has been received.
+ * {@codesnippet com.azure.security.keyvault.keys.cryptography.LocalCryptographyAsyncClient.decrypt#EncryptionAlgorithm-byte-DecryptOptions}
+ *
+ * @param algorithm The algorithm to be used for decryption.
+ * @param options Optional parameters for the decryption operation.
+ * @param cipherText The content to be decrypted.
+ * @return A {@link Mono} containing the decrypted blob.
+ * @throws UnsupportedOperationException if the decrypt operation is not supported or configured on the key.
+ * @throws NullPointerException if {@code algorithm} or {@code cipherText} is null.
+ */
+ public Mono decrypt(EncryptionAlgorithm algorithm, byte[] cipherText, DecryptOptions options) {
+ return cryptographyAsyncClient.decrypt(algorithm, cipherText, options);
+ }
+
/**
* Creates a signature from a digest using the configured key. The sign operation supports both asymmetric and
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClient.java
index 3a94bf613899b..9f4d4466e51dc 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClient.java
@@ -44,9 +44,17 @@ public class LocalCryptographyClient {
* portion of the key is used for encryption. This operation requires the keys/encrypt permission.
*
* The {@link EncryptionAlgorithm encryption algorithm} indicates the type of algorithm to use for decrypting the
- * specified encrypted content. Possible values
- * for assymetric keys include: {@link EncryptionAlgorithm#RSA1_5 RSA1_5}, {@link EncryptionAlgorithm#RSA_OAEP
- * RSA_OAEP}.
+ * specified encrypted content. Possible values for asymmetric keys include:
+ * {@link EncryptionAlgorithm#RSA1_5 RSA1_5}, {@link EncryptionAlgorithm#RSA_OAEP RSA_OAEP} and
+ * {@link EncryptionAlgorithm#RSA_OAEP_256 RSA_OAEP_256}.
+ *
+ * Possible values for symmetric keys include: {@link EncryptionAlgorithm#A128CBC A128CBC},
+ * {@link EncryptionAlgorithm#A128CBCPAD A128CBCPAD}, {@link EncryptionAlgorithm#A128CBC_HS256 A128CBC-HS256},
+ * {@link EncryptionAlgorithm#A128GCM A128GCM}, {@link EncryptionAlgorithm#A192CBC A192CBC},
+ * {@link EncryptionAlgorithm#A192CBCPAD A192CBCPAD}, {@link EncryptionAlgorithm#A192CBC_HS384 A192CBC-HS384},
+ * {@link EncryptionAlgorithm#A192GCM A192GCM}, {@link EncryptionAlgorithm#A256CBC A256CBC},
+ * {@link EncryptionAlgorithm#A256CBCPAD A256CBPAD}, {@link EncryptionAlgorithm#A256CBC_HS512 A256CBC-HS512} and
+ * {@link EncryptionAlgorithm#A256GCM A256GCM}.
*
* Code Samples
* Encrypts the content. Subscribes to the call asynchronously and prints out the encrypted content details when
@@ -64,6 +72,42 @@ public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plaintext) {
return client.encrypt(algorithm, plaintext).block();
}
+ /**
+ * Encrypts an arbitrary sequence of bytes using the configured key. Note that the encrypt operation only supports a
+ * single block of data, the size of which is dependent on the target key and the encryption algorithm to be used.
+ * The encrypt operation is supported for both symmetric keys and asymmetric keys. In case of asymmetric keys public
+ * portion of the key is used for encryption. This operation requires the keys/encrypt permission.
+ *
+ *
The {@link EncryptionAlgorithm encryption algorithm} indicates the type of algorithm to use for decrypting the
+ * specified encrypted content. Possible values for asymmetric keys include:
+ * {@link EncryptionAlgorithm#RSA1_5 RSA1_5}, {@link EncryptionAlgorithm#RSA_OAEP RSA_OAEP} and
+ * {@link EncryptionAlgorithm#RSA_OAEP_256 RSA_OAEP_256}.
+ *
+ * Possible values for symmetric keys include: {@link EncryptionAlgorithm#A128CBC A128CBC},
+ * {@link EncryptionAlgorithm#A128CBCPAD A128CBCPAD}, {@link EncryptionAlgorithm#A128CBC_HS256 A128CBC-HS256},
+ * {@link EncryptionAlgorithm#A128GCM A128GCM}, {@link EncryptionAlgorithm#A192CBC A192CBC},
+ * {@link EncryptionAlgorithm#A192CBCPAD A192CBCPAD}, {@link EncryptionAlgorithm#A192CBC_HS384 A192CBC-HS384},
+ * {@link EncryptionAlgorithm#A192GCM A192GCM}, {@link EncryptionAlgorithm#A256CBC A256CBC},
+ * {@link EncryptionAlgorithm#A256CBCPAD A256CBPAD}, {@link EncryptionAlgorithm#A256CBC_HS512 A256CBC-HS512} and
+ * {@link EncryptionAlgorithm#A256GCM A256GCM}.
+ *
+ * Code Samples
+ * Encrypts the content. Subscribes to the call asynchronously and prints out the encrypted content details when
+ * a response has been received.
+ * {@codesnippet com.azure.security.keyvault.keys.cryptography.LocalCryptographyClient.encrypt#EncryptionAlgorithm-byte-EncryptOptions}
+ *
+ * @param algorithm The algorithm to be used for encryption.
+ * @param options Optional parameters for the encryption operation.
+ * @param plaintext The content to be encrypted.
+ * @return The {@link EncryptResult} whose {@link EncryptResult#getCipherText() cipher text} contains the encrypted
+ * content.
+ * @throws UnsupportedOperationException if the encrypt operation is not supported or configured on the key.
+ * @throws NullPointerException if {@code algorithm} or {@code plainText} is null.
+ */
+ public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plaintext, EncryptOptions options) {
+ return client.encrypt(algorithm, plaintext, options).block();
+ }
+
/**
* Decrypts a single block of encrypted data using the configured key and specified algorithm. Note that only a
* single block of data may be decrypted, the size of this block is dependent on the target key and the algorithm to
@@ -71,9 +115,17 @@ public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plaintext) {
* keys/decrypt permission.
*
* The {@link EncryptionAlgorithm encryption algorithm} indicates the type of algorithm to use for decrypting the
- * specified encrypted content. Possible values
- * for assymetric keys include: {@link EncryptionAlgorithm#RSA1_5 RSA1_5}, {@link EncryptionAlgorithm#RSA_OAEP
- * RSA_OAEP}.
+ * specified encrypted content. Possible values for asymmetric keys include:
+ * {@link EncryptionAlgorithm#RSA1_5 RSA1_5}, {@link EncryptionAlgorithm#RSA_OAEP RSA_OAEP} and {@link
+ * EncryptionAlgorithm#RSA_OAEP_256 RSA_OAEP_256}.
+ *
+ * Possible values for symmetric keys include: {@link EncryptionAlgorithm#A128CBC A128CBC},
+ * {@link EncryptionAlgorithm#A128CBCPAD A128CBCPAD}, {@link EncryptionAlgorithm#A128CBC_HS256 A128CBC-HS256},
+ * {@link EncryptionAlgorithm#A128GCM A128GCM}, {@link EncryptionAlgorithm#A192CBC A192CBC},
+ * {@link EncryptionAlgorithm#A192CBCPAD A192CBCPAD}, {@link EncryptionAlgorithm#A192CBC_HS384 A192CBC-HS384},
+ * {@link EncryptionAlgorithm#A192GCM A192GCM}, {@link EncryptionAlgorithm#A256CBC A256CBC},
+ * {@link EncryptionAlgorithm#A256CBCPAD A256CBPAD}, {@link EncryptionAlgorithm#A256CBC_HS512 A256CBC-HS512} and
+ * {@link EncryptionAlgorithm#A256GCM A256GCM}.
*
* Code Samples
* Decrypts the encrypted content. Subscribes to the call asynchronously and prints out the decrypted content
@@ -90,6 +142,41 @@ public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] cipherText) {
return client.decrypt(algorithm, cipherText).block();
}
+ /**
+ * Decrypts a single block of encrypted data using the configured key and specified algorithm. Note that only a
+ * single block of data may be decrypted, the size of this block is dependent on the target key and the algorithm to
+ * be used. The decrypt operation is supported for both asymmetric and symmetric keys. This operation requires the
+ * keys/decrypt permission.
+ *
+ *
The {@link EncryptionAlgorithm encryption algorithm} indicates the type of algorithm to use for decrypting the
+ * specified encrypted content. Possible values for asymmetric keys include:
+ * {@link EncryptionAlgorithm#RSA1_5 RSA1_5}, {@link EncryptionAlgorithm#RSA_OAEP RSA_OAEP} and {@link
+ * EncryptionAlgorithm#RSA_OAEP_256 RSA_OAEP_256}.
+ *
+ * Possible values for symmetric keys include: {@link EncryptionAlgorithm#A128CBC A128CBC},
+ * {@link EncryptionAlgorithm#A128CBCPAD A128CBCPAD}, {@link EncryptionAlgorithm#A128CBC_HS256 A128CBC-HS256},
+ * {@link EncryptionAlgorithm#A128GCM A128GCM}, {@link EncryptionAlgorithm#A192CBC A192CBC},
+ * {@link EncryptionAlgorithm#A192CBCPAD A192CBCPAD}, {@link EncryptionAlgorithm#A192CBC_HS384 A192CBC-HS384},
+ * {@link EncryptionAlgorithm#A192GCM A192GCM}, {@link EncryptionAlgorithm#A256CBC A256CBC},
+ * {@link EncryptionAlgorithm#A256CBCPAD A256CBPAD}, {@link EncryptionAlgorithm#A256CBC_HS512 A256CBC-HS512} and
+ * {@link EncryptionAlgorithm#A256GCM A256GCM}.
+ *
+ * Code Samples
+ * Decrypts the encrypted content. Subscribes to the call asynchronously and prints out the decrypted content
+ * details when a response has been received.
+ * {@codesnippet com.azure.security.keyvault.keys.cryptography.LocalCryptographyClient.decrypt#EncryptionAlgorithm-byte-DecryptOptions}
+ *
+ * @param algorithm The algorithm to be used for decryption.
+ * @param options Optional parameters for the decryption operation.
+ * @param cipherText The content to be decrypted.
+ * @return The decrypted blob.
+ * @throws UnsupportedOperationException if the decrypt operation is not supported or configured on the key.
+ * @throws NullPointerException if {@code algorithm} or {@code cipherText} is null.
+ */
+ public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] cipherText, DecryptOptions options) {
+ return client.decrypt(algorithm, cipherText, options).block();
+ }
+
/**
* Creates a signature from a digest using the configured key. The sign operation supports both asymmetric and
* symmetric keys. This operation requires the keys/sign permission.
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalKeyCryptographyClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalKeyCryptographyClient.java
index 90c1d5cc67992..4728c90a9a4df 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalKeyCryptographyClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalKeyCryptographyClient.java
@@ -28,21 +28,21 @@ abstract class LocalKeyCryptographyClient {
}
abstract Mono encryptAsync(EncryptionAlgorithm algorithm, byte[] plaintext,
- CryptographyOptions options, Context context, JsonWebKey jsonWebKey);
+ EncryptOptions options, Context context, JsonWebKey jsonWebKey);
abstract Mono decryptAsync(EncryptionAlgorithm algorithm, byte[] cipherText,
- CryptographyOptions options, Context context, JsonWebKey jsonWebKey);
+ DecryptOptions options, Context context, JsonWebKey jsonWebKey);
abstract Mono signAsync(SignatureAlgorithm algorithm, byte[] digest, Context context, JsonWebKey key);
abstract Mono verifyAsync(SignatureAlgorithm algorithm, byte[] digest, byte[] signature,
Context context, JsonWebKey key);
- abstract Mono wrapKeyAsync(KeyWrapAlgorithm algorithm, byte[] key, CryptographyOptions options,
- Context context, JsonWebKey jsonWebKey);
+ abstract Mono wrapKeyAsync(KeyWrapAlgorithm algorithm, byte[] key, Context context,
+ JsonWebKey jsonWebKey);
- abstract Mono unwrapKeyAsync(KeyWrapAlgorithm algorithm, byte[] encryptedKey,
- CryptographyOptions options, Context context, JsonWebKey jsonWebKey);
+ abstract Mono unwrapKeyAsync(KeyWrapAlgorithm algorithm, byte[] encryptedKey, Context context,
+ JsonWebKey jsonWebKey);
abstract Mono signDataAsync(SignatureAlgorithm algorithm, byte[] data, Context context, JsonWebKey key);
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/RsaKeyCryptographyClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/RsaKeyCryptographyClient.java
index 8829f3ba6846e..3cd4a3ef0c504 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/RsaKeyCryptographyClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/RsaKeyCryptographyClient.java
@@ -52,7 +52,7 @@ private KeyPair getKeyPair(JsonWebKey key) {
}
@Override
- Mono encryptAsync(EncryptionAlgorithm algorithm, byte[] plaintext, CryptographyOptions options,
+ Mono encryptAsync(EncryptionAlgorithm algorithm, byte[] plaintext, EncryptOptions options,
Context context, JsonWebKey jsonWebKey) {
keyPair = getKeyPair(jsonWebKey);
@@ -93,7 +93,7 @@ Mono encryptAsync(EncryptionAlgorithm algorithm, byte[] plaintext
}
@Override
- Mono decryptAsync(EncryptionAlgorithm algorithm, byte[] cipherText, CryptographyOptions options,
+ Mono decryptAsync(EncryptionAlgorithm algorithm, byte[] cipherText, DecryptOptions options,
Context context, JsonWebKey jsonWebKey) {
keyPair = getKeyPair(jsonWebKey);
@@ -154,15 +154,14 @@ Mono verifyAsync(SignatureAlgorithm algorithm, byte[] digest, byte
}
@Override
- Mono wrapKeyAsync(KeyWrapAlgorithm algorithm, byte[] key, CryptographyOptions options, Context context,
- JsonWebKey jsonWebKey) {
+ Mono wrapKeyAsync(KeyWrapAlgorithm algorithm, byte[] key, Context context, JsonWebKey jsonWebKey) {
keyPair = getKeyPair(jsonWebKey);
Algorithm baseAlgorithm = AlgorithmResolver.Default.get(algorithm.toString());
if (baseAlgorithm == null) {
if (serviceCryptoAvailable()) {
- return serviceClient.wrapKey(algorithm, key, options, context);
+ return serviceClient.wrapKey(algorithm, key, context);
}
return Mono.error(new NoSuchAlgorithmException(algorithm.toString()));
} else if (!(baseAlgorithm instanceof AsymmetricEncryptionAlgorithm)) {
@@ -171,7 +170,7 @@ Mono wrapKeyAsync(KeyWrapAlgorithm algorithm, byte[] key, Cryptograp
if (keyPair.getPublic() == null) {
if (serviceCryptoAvailable()) {
- return serviceClient.wrapKey(algorithm, key, options, context);
+ return serviceClient.wrapKey(algorithm, key, context);
}
return Mono.error(new IllegalArgumentException(
"Public portion of the key not available to perform wrap key operation"));
@@ -194,8 +193,8 @@ Mono wrapKeyAsync(KeyWrapAlgorithm algorithm, byte[] key, Cryptograp
}
@Override
- Mono unwrapKeyAsync(KeyWrapAlgorithm algorithm, byte[] encryptedKey, CryptographyOptions options,
- Context context, JsonWebKey jsonWebKey) {
+ Mono unwrapKeyAsync(KeyWrapAlgorithm algorithm, byte[] encryptedKey, Context context,
+ JsonWebKey jsonWebKey) {
keyPair = getKeyPair(jsonWebKey);
// Interpret the requested algorithm
@@ -203,7 +202,7 @@ Mono unwrapKeyAsync(KeyWrapAlgorithm algorithm, byte[] encryptedKe
if (baseAlgorithm == null) {
if (serviceCryptoAvailable()) {
- return serviceClient.unwrapKey(algorithm, encryptedKey, options, context);
+ return serviceClient.unwrapKey(algorithm, encryptedKey, context);
}
return Mono.error(new NoSuchAlgorithmException(algorithm.toString()));
} else if (!(baseAlgorithm instanceof AsymmetricEncryptionAlgorithm)) {
@@ -212,7 +211,7 @@ Mono unwrapKeyAsync(KeyWrapAlgorithm algorithm, byte[] encryptedKe
if (keyPair.getPrivate() == null) {
if (serviceCryptoAvailable()) {
- return serviceClient.unwrapKey(algorithm, encryptedKey, options, context);
+ return serviceClient.unwrapKey(algorithm, encryptedKey, context);
}
return Mono.error(new IllegalArgumentException(
"Private portion of the key not available to perform unwrap operation"));
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/SymmetricKeyCryptographyClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/SymmetricKeyCryptographyClient.java
index adb887f5a90e0..e4454ac6280ae 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/SymmetricKeyCryptographyClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/SymmetricKeyCryptographyClient.java
@@ -18,6 +18,7 @@
import reactor.core.publisher.Mono;
import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
class SymmetricKeyCryptographyClient extends LocalKeyCryptographyClient {
private final ClientLogger logger = new ClientLogger(SymmetricKeyCryptographyClient.class);
@@ -46,7 +47,7 @@ private byte[] getKey(JsonWebKey key) {
}
@Override
- Mono encryptAsync(EncryptionAlgorithm algorithm, byte[] plaintext, CryptographyOptions options,
+ Mono encryptAsync(EncryptionAlgorithm algorithm, byte[] plaintext, EncryptOptions options,
Context context, JsonWebKey jsonWebKey) {
this.key = getKey(jsonWebKey);
@@ -66,15 +67,28 @@ Mono encryptAsync(EncryptionAlgorithm algorithm, byte[] plaintext
ICryptoTransform transform;
byte[] iv = null;
- byte[] authData = null;
+ byte[] additionalAuthenticatedData = null;
if (options != null) {
- iv = options.getInitializationVector();
- authData = options.getAdditionalAuthenticatedData();
+ iv = options.getIv();
+ additionalAuthenticatedData = options.getAdditionalAuthenticatedData();
+ }
+
+ if (iv == null) {
+ if (algorithm == EncryptionAlgorithm.A128GCM || algorithm == EncryptionAlgorithm.A192GCM
+ || algorithm == EncryptionAlgorithm.A256GCM) {
+
+ iv = generateRandomIvForGcm();
+ } else if (algorithm == EncryptionAlgorithm.A128CBC || algorithm == EncryptionAlgorithm.A192CBC
+ || algorithm == EncryptionAlgorithm.A256CBC || algorithm == EncryptionAlgorithm.A128CBCPAD
+ || algorithm == EncryptionAlgorithm.A192CBCPAD || algorithm == EncryptionAlgorithm.A256CBCPAD) {
+
+ iv = generateRandomIvForCbc();
+ }
}
try {
- transform = symmetricEncryptionAlgorithm.createEncryptor(this.key, iv, authData, null);
+ transform = symmetricEncryptionAlgorithm.createEncryptor(this.key, iv, additionalAuthenticatedData, null);
} catch (Exception e) {
return Mono.error(e);
}
@@ -91,7 +105,7 @@ Mono encryptAsync(EncryptionAlgorithm algorithm, byte[] plaintext
}
@Override
- Mono decryptAsync(EncryptionAlgorithm algorithm, byte[] cipherText, CryptographyOptions options,
+ Mono decryptAsync(EncryptionAlgorithm algorithm, byte[] cipherText, DecryptOptions options,
Context context, JsonWebKey jsonWebKey) {
this.key = getKey(jsonWebKey);
@@ -111,17 +125,30 @@ Mono decryptAsync(EncryptionAlgorithm algorithm, byte[] cipherTex
ICryptoTransform transform;
byte[] iv = null;
- byte[] authData = null;
- byte[] tag = null;
+ byte[] additionalAuthenticatedData = null;
+ byte[] authenticationTag = null;
if (options != null) {
- iv = options.getInitializationVector();
- authData = options.getAdditionalAuthenticatedData();
- tag = options.getTag();
+ iv = options.getIv();
+ additionalAuthenticatedData = options.getAdditionalAuthenticatedData();
+ authenticationTag = options.getAuthenticationTag();
+ }
+
+ if (iv == null) {
+ if (algorithm == EncryptionAlgorithm.A128GCM || algorithm == EncryptionAlgorithm.A192GCM
+ || algorithm == EncryptionAlgorithm.A256GCM) {
+
+ iv = generateRandomIvForGcm();
+ } else if (algorithm == EncryptionAlgorithm.A128CBC || algorithm == EncryptionAlgorithm.A192CBC
+ || algorithm == EncryptionAlgorithm.A256CBC || algorithm == EncryptionAlgorithm.A128CBCPAD
+ || algorithm == EncryptionAlgorithm.A192CBCPAD || algorithm == EncryptionAlgorithm.A256CBCPAD) {
+
+ iv = generateRandomIvForCbc();
+ }
}
try {
- transform = symmetricEncryptionAlgorithm.createDecryptor(this.key, iv, authData, tag);
+ transform = symmetricEncryptionAlgorithm.createDecryptor(this.key, iv, additionalAuthenticatedData, authenticationTag);
} catch (Exception e) {
return Mono.error(e);
}
@@ -149,8 +176,7 @@ Mono verifyAsync(SignatureAlgorithm algorithm, byte[] digest, byte
}
@Override
- Mono wrapKeyAsync(KeyWrapAlgorithm algorithm, byte[] key, CryptographyOptions options, Context context,
- JsonWebKey jsonWebKey) {
+ Mono wrapKeyAsync(KeyWrapAlgorithm algorithm, byte[] key, Context context, JsonWebKey jsonWebKey) {
this.key = getKey(jsonWebKey);
if (key == null || key.length == 0) {
@@ -168,10 +194,8 @@ Mono wrapKeyAsync(KeyWrapAlgorithm algorithm, byte[] key, Cryptograp
ICryptoTransform transform;
- byte[] iv = options == null ? null : options.getInitializationVector();
-
try {
- transform = localKeyWrapAlgorithm.createEncryptor(this.key, iv, null);
+ transform = localKeyWrapAlgorithm.createEncryptor(this.key, null, null);
} catch (Exception e) {
return Mono.error(e);
}
@@ -188,8 +212,7 @@ Mono wrapKeyAsync(KeyWrapAlgorithm algorithm, byte[] key, Cryptograp
}
@Override
- Mono unwrapKeyAsync(KeyWrapAlgorithm algorithm, byte[] encryptedKey, CryptographyOptions options,
- Context context, JsonWebKey jsonWebKey) {
+ Mono unwrapKeyAsync(KeyWrapAlgorithm algorithm, byte[] encryptedKey, Context context, JsonWebKey jsonWebKey) {
this.key = getKey(jsonWebKey);
Algorithm baseAlgorithm = AlgorithmResolver.Default.get(algorithm.toString());
@@ -202,10 +225,8 @@ Mono unwrapKeyAsync(KeyWrapAlgorithm algorithm, byte[] encryptedKe
ICryptoTransform transform;
- byte[] iv = options == null ? null : options.getInitializationVector();
-
try {
- transform = localKeyWrapAlgorithm.createDecryptor(this.key, iv, null);
+ transform = localKeyWrapAlgorithm.createDecryptor(this.key, null, null);
} catch (Exception e) {
return Mono.error(e);
}
@@ -231,4 +252,27 @@ Mono verifyDataAsync(SignatureAlgorithm algorithm, byte[] data, by
JsonWebKey key) {
return verifyAsync(algorithm, data, signature, context, key);
}
+
+ private byte[] generateRandomIvForCbc() {
+ return generateRandomIv(16);
+ }
+
+ private byte[] generateRandomIvForGcm() {
+ return generateRandomIv(12);
+ }
+
+ private byte[] generateRandomIv(int ivSize) {
+ byte[] iv = new byte[0];
+ SecureRandom randomSecureRandom;
+
+ try {
+ randomSecureRandom = SecureRandom.getInstance("SHA1PRNG");
+ iv = new byte[ivSize];
+ randomSecureRandom.nextBytes(iv);
+ } catch (NoSuchAlgorithmException e) {
+ logger.logThrowableAsError(e);
+ }
+
+ return iv;
+ }
}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/CryptographyAsyncClientJavaDocCodeSnippets.java b/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/CryptographyAsyncClientJavaDocCodeSnippets.java
index f00a6c3942625..42a5a692e8692 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/CryptographyAsyncClientJavaDocCodeSnippets.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/CryptographyAsyncClientJavaDocCodeSnippets.java
@@ -107,7 +107,7 @@ public void getKeySnippets() {
/**
* Generates code samples for using {@link CryptographyAsyncClient#encrypt(EncryptionAlgorithm, byte[])} and
- * {@link CryptographyAsyncClient#encrypt(EncryptionAlgorithm, byte[], CryptographyOptions)}.
+ * {@link CryptographyAsyncClient#encrypt(EncryptionAlgorithm, byte[], EncryptOptions)}.
*/
public void encrypt() {
CryptographyAsyncClient cryptographyAsyncClient = createAsyncClient();
@@ -123,36 +123,29 @@ public void encrypt() {
encryptResult.getCipherText().length, encryptResult.getAlgorithm().toString()));
// END: com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.encrypt#EncryptionAlgorithm-byte
- // BEGIN: com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.encrypt#EncryptionAlgorithm-byte-CryptographyOptions
+ // BEGIN: com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.encrypt#EncryptionAlgorithm-byte-EncryptOptions
byte[] plainTextBytes = new byte[100];
new Random(0x1234567L).nextBytes(plainTextBytes);
byte[] iv = {
(byte) 0x1a, (byte) 0xf3, (byte) 0x8c, (byte) 0x2d, (byte) 0xc2, (byte) 0xb9, (byte) 0x6f, (byte) 0xfd,
- (byte) 0xd8, (byte) 0x66, (byte) 0x94, (byte) 0x09, (byte) 0x23, (byte) 0x41, (byte) 0xbc, (byte) 0x04};
- byte[] authData = {
- (byte) 0x54, (byte) 0x68, (byte) 0x65, (byte) 0x20, (byte) 0x73, (byte) 0x65, (byte) 0x63, (byte) 0x6f,
- (byte) 0x6e, (byte) 0x64, (byte) 0x20, (byte) 0x70, (byte) 0x72, (byte) 0x69, (byte) 0x6e, (byte) 0x63,
- (byte) 0x69, (byte) 0x70, (byte) 0x6c, (byte) 0x65, (byte) 0x20, (byte) 0x6f, (byte) 0x66, (byte) 0x20,
- (byte) 0x41, (byte) 0x75, (byte) 0x67, (byte) 0x75, (byte) 0x73, (byte) 0x74, (byte) 0x65, (byte) 0x20,
- (byte) 0x4b, (byte) 0x65, (byte) 0x72, (byte) 0x63, (byte) 0x6b, (byte) 0x68, (byte) 0x6f, (byte) 0x66,
- (byte) 0x66, (byte) 0x73
+ (byte) 0xd8, (byte) 0x66, (byte) 0x94, (byte) 0x09, (byte) 0x23, (byte) 0x41, (byte) 0xbc, (byte) 0x04
};
- CryptographyOptions cryptographyOptions = new CryptographyOptions(iv, authData, null);
+ EncryptOptions encryptOptions = new AesCbcEncryptOptions(iv);
- cryptographyAsyncClient.encrypt(EncryptionAlgorithm.RSA_OAEP, plainTextBytes, cryptographyOptions)
+ cryptographyAsyncClient.encrypt(EncryptionAlgorithm.A128CBC, plainTextBytes, encryptOptions)
.subscriberContext(reactor.util.context.Context.of(key1, value1, key2, value2))
.subscribe(encryptResult ->
System.out.printf("Received encrypted content of length %d with algorithm %s \n",
encryptResult.getCipherText().length, encryptResult.getAlgorithm().toString()));
- // END: com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.encrypt#EncryptionAlgorithm-byte-CryptographyOptions
+ // END: com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.encrypt#EncryptionAlgorithm-byte-EncryptOptions
}
/**
* Generates code samples for using {@link CryptographyAsyncClient#decrypt(EncryptionAlgorithm, byte[])} and
- * {@link CryptographyAsyncClient#decrypt(EncryptionAlgorithm, byte[], CryptographyOptions)}.
+ * {@link CryptographyAsyncClient#decrypt(EncryptionAlgorithm, byte[], DecryptOptions)}.
*/
public void decrypt() {
CryptographyAsyncClient cryptographyAsyncClient = createAsyncClient();
@@ -168,31 +161,23 @@ public void decrypt() {
System.out.printf("Received decrypted content of length %d\n", decryptResult.getPlainText().length));
// END: com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.decrypt#EncryptionAlgorithm-byte
- // BEGIN: com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.decrypt#EncryptionAlgorithm-byte-CryptographyOptions
+ // BEGIN: com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.decrypt#EncryptionAlgorithm-byte-DecryptOptions
byte[] cipherTextBytes = new byte[100];
new Random(0x1234567L).nextBytes(cipherTextBytes);
byte[] iv = {
(byte) 0x1a, (byte) 0xf3, (byte) 0x8c, (byte) 0x2d, (byte) 0xc2, (byte) 0xb9, (byte) 0x6f, (byte) 0xfd,
- (byte) 0xd8, (byte) 0x66, (byte) 0x94, (byte) 0x09, (byte) 0x23, (byte) 0x41, (byte) 0xbc, (byte) 0x04};
- byte[] authData = {
- (byte) 0x54, (byte) 0x68, (byte) 0x65, (byte) 0x20, (byte) 0x73, (byte) 0x65, (byte) 0x63, (byte) 0x6f,
- (byte) 0x6e, (byte) 0x64, (byte) 0x20, (byte) 0x70, (byte) 0x72, (byte) 0x69, (byte) 0x6e, (byte) 0x63,
- (byte) 0x69, (byte) 0x70, (byte) 0x6c, (byte) 0x65, (byte) 0x20, (byte) 0x6f, (byte) 0x66, (byte) 0x20,
- (byte) 0x41, (byte) 0x75, (byte) 0x67, (byte) 0x75, (byte) 0x73, (byte) 0x74, (byte) 0x65, (byte) 0x20,
- (byte) 0x4b, (byte) 0x65, (byte) 0x72, (byte) 0x63, (byte) 0x6b, (byte) 0x68, (byte) 0x6f, (byte) 0x66,
- (byte) 0x66, (byte) 0x73
+ (byte) 0xd8, (byte) 0x66, (byte) 0x94, (byte) 0x09, (byte) 0x23, (byte) 0x41, (byte) 0xbc, (byte) 0x04
};
- byte[] tag = "This is my authentication tag".getBytes();
- CryptographyOptions cryptographyOptions = new CryptographyOptions(iv, authData, tag);
+ DecryptOptions decryptOptions = new AesCbcDecryptOptions(iv);
- cryptographyAsyncClient.decrypt(EncryptionAlgorithm.RSA_OAEP, cipherTextBytes, cryptographyOptions)
+ cryptographyAsyncClient.decrypt(EncryptionAlgorithm.A128CBC, cipherTextBytes, decryptOptions)
.subscriberContext(reactor.util.context.Context.of(key1, value1, key2, value2))
.subscribe(decryptResult ->
System.out.printf("Received decrypted content of length %d\n", decryptResult.getPlainText().length));
- // END: com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.decrypt#EncryptionAlgorithm-byte-CryptographyOptions
+ // END: com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.decrypt#EncryptionAlgorithm-byte-DecryptOptions
}
/**
@@ -253,10 +238,8 @@ public void signDataVerifyData() throws NoSuchAlgorithmException {
}
/**
- * Generates a code sample for using {@link CryptographyAsyncClient#wrapKey(KeyWrapAlgorithm, byte[])},
- * {@link CryptographyAsyncClient#wrapKey(KeyWrapAlgorithm, byte[], CryptographyOptions)},
- * {@link CryptographyAsyncClient#unwrapKey(KeyWrapAlgorithm, byte[])} and
- * {@link CryptographyAsyncClient#unwrapKey(KeyWrapAlgorithm, byte[], CryptographyOptions)}
+ * Generates a code sample for using {@link CryptographyAsyncClient#wrapKey(KeyWrapAlgorithm, byte[])} and
+ * {@link CryptographyAsyncClient#unwrapKey(KeyWrapAlgorithm, byte[])}.
*/
public void wrapKeyUnwrapKey() {
CryptographyAsyncClient cryptographyAsyncClient = createAsyncClient();
@@ -271,32 +254,6 @@ public void wrapKeyUnwrapKey() {
keyWrapResult.getEncryptedKey().length, keyWrapResult.getAlgorithm().toString()));
// END: com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.wrapKey#KeyWrapAlgorithm-byte
- // BEGIN: com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.wrapKey#KeyWrapAlgorithm-byte-CryptographyOptions
- byte[] keyToWrap = new byte[100];
-
- new Random(0x1234567L).nextBytes(key);
-
- byte[] iv = {
- (byte) 0x1a, (byte) 0xf3, (byte) 0x8c, (byte) 0x2d, (byte) 0xc2, (byte) 0xb9, (byte) 0x6f, (byte) 0xfd,
- (byte) 0xd8, (byte) 0x66, (byte) 0x94, (byte) 0x09, (byte) 0x23, (byte) 0x41, (byte) 0xbc, (byte) 0x04};
- byte[] authData = {
- (byte) 0x54, (byte) 0x68, (byte) 0x65, (byte) 0x20, (byte) 0x73, (byte) 0x65, (byte) 0x63, (byte) 0x6f,
- (byte) 0x6e, (byte) 0x64, (byte) 0x20, (byte) 0x70, (byte) 0x72, (byte) 0x69, (byte) 0x6e, (byte) 0x63,
- (byte) 0x69, (byte) 0x70, (byte) 0x6c, (byte) 0x65, (byte) 0x20, (byte) 0x6f, (byte) 0x66, (byte) 0x20,
- (byte) 0x41, (byte) 0x75, (byte) 0x67, (byte) 0x75, (byte) 0x73, (byte) 0x74, (byte) 0x65, (byte) 0x20,
- (byte) 0x4b, (byte) 0x65, (byte) 0x72, (byte) 0x63, (byte) 0x6b, (byte) 0x68, (byte) 0x6f, (byte) 0x66,
- (byte) 0x66, (byte) 0x73
- };
-
- CryptographyOptions cryptographyOptions = new CryptographyOptions(iv, authData, null);
-
- cryptographyAsyncClient.wrapKey(KeyWrapAlgorithm.RSA_OAEP, keyToWrap, cryptographyOptions)
- .subscriberContext(reactor.util.context.Context.of(key1, value1, key2, value2))
- .subscribe(keyWrapResult ->
- System.out.printf("Received encypted key of length %d with algorithm %s",
- keyWrapResult.getEncryptedKey().length, keyWrapResult.getAlgorithm().toString()));
- // END: com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.wrapKey#KeyWrapAlgorithm-byte-CryptographyOptions
-
// BEGIN: com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.unwrapKey#KeyWrapAlgorithm-byte
byte[] wrappedKey = new byte[100];
new Random(0x1234567L).nextBytes(key);
@@ -306,31 +263,6 @@ public void wrapKeyUnwrapKey() {
.subscribe(keyUnwrapResult ->
System.out.printf("Received key of length %d", keyUnwrapResult.getKey().length));
// END: com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.unwrapKey#KeyWrapAlgorithm-byte
-
- // BEGIN: com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.unwrapKey#KeyWrapAlgorithm-byte-CryptographyOptions
- byte[] keyToUnwrap = new byte[100];
-
- new Random(0x1234567L).nextBytes(key);
-
- byte[] initializationVector = {
- (byte) 0x1a, (byte) 0xf3, (byte) 0x8c, (byte) 0x2d, (byte) 0xc2, (byte) 0xb9, (byte) 0x6f, (byte) 0xfd,
- (byte) 0xd8, (byte) 0x66, (byte) 0x94, (byte) 0x09, (byte) 0x23, (byte) 0x41, (byte) 0xbc, (byte) 0x04};
- byte[] authenticationData = {
- (byte) 0x54, (byte) 0x68, (byte) 0x65, (byte) 0x20, (byte) 0x73, (byte) 0x65, (byte) 0x63, (byte) 0x6f,
- (byte) 0x6e, (byte) 0x64, (byte) 0x20, (byte) 0x70, (byte) 0x72, (byte) 0x69, (byte) 0x6e, (byte) 0x63,
- (byte) 0x69, (byte) 0x70, (byte) 0x6c, (byte) 0x65, (byte) 0x20, (byte) 0x6f, (byte) 0x66, (byte) 0x20,
- (byte) 0x41, (byte) 0x75, (byte) 0x67, (byte) 0x75, (byte) 0x73, (byte) 0x74, (byte) 0x65, (byte) 0x20,
- (byte) 0x4b, (byte) 0x65, (byte) 0x72, (byte) 0x63, (byte) 0x6b, (byte) 0x68, (byte) 0x6f, (byte) 0x66,
- (byte) 0x66, (byte) 0x73
- };
-
- CryptographyOptions options = new CryptographyOptions(initializationVector, authenticationData, null);
-
- cryptographyAsyncClient.unwrapKey(KeyWrapAlgorithm.RSA_OAEP, keyToUnwrap, options)
- .subscriberContext(reactor.util.context.Context.of(key1, value1, key2, value2))
- .subscribe(keyUnwrapResult ->
- System.out.printf("Received key of length %d", keyUnwrapResult.getKey().length));
- // END: com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.unwrapKey#KeyWrapAlgorithm-byte-CryptographyOptions
}
/**
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/CryptographyClientJavaDocCodeSnippets.java b/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/CryptographyClientJavaDocCodeSnippets.java
index ec8e3870901fc..0f3c99d25a4a9 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/CryptographyClientJavaDocCodeSnippets.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/CryptographyClientJavaDocCodeSnippets.java
@@ -71,7 +71,7 @@ public void getKeySnippets() {
/**
* Generates a code sample for using {@link CryptographyClient#encrypt(EncryptionAlgorithm, byte[])},
* {@link CryptographyClient#encrypt(EncryptionAlgorithm, byte[], Context)} and
- * {@link CryptographyClient#encrypt(EncryptionAlgorithm, byte[], CryptographyOptions, Context)}.
+ * {@link CryptographyClient#encrypt(EncryptionAlgorithm, byte[], EncryptOptions, Context)}.
*/
public void encrypt() {
CryptographyClient cryptographyClient = createClient();
@@ -99,37 +99,30 @@ public void encrypt() {
encryptionResult.getCipherText().length, encryptionResult.getAlgorithm().toString());
// END: com.azure.security.keyvault.keys.cryptography.CryptographyClient.encrypt#EncryptionAlgorithm-byte-Context
- // BEGIN: com.azure.security.keyvault.keys.cryptography.CryptographyClient.encrypt#EncryptionAlgorithm-byte-CryptographyOptions-Context
+ // BEGIN: com.azure.security.keyvault.keys.cryptography.CryptographyClient.encrypt#EncryptionAlgorithm-byte-EncryptOptions-Context
byte[] myPlainText = new byte[100];
new Random(0x1234567L).nextBytes(myPlainText);
byte[] iv = {
(byte) 0x1a, (byte) 0xf3, (byte) 0x8c, (byte) 0x2d, (byte) 0xc2, (byte) 0xb9, (byte) 0x6f, (byte) 0xfd,
- (byte) 0xd8, (byte) 0x66, (byte) 0x94, (byte) 0x09, (byte) 0x23, (byte) 0x41, (byte) 0xbc, (byte) 0x04};
- byte[] authData = {
- (byte) 0x54, (byte) 0x68, (byte) 0x65, (byte) 0x20, (byte) 0x73, (byte) 0x65, (byte) 0x63, (byte) 0x6f,
- (byte) 0x6e, (byte) 0x64, (byte) 0x20, (byte) 0x70, (byte) 0x72, (byte) 0x69, (byte) 0x6e, (byte) 0x63,
- (byte) 0x69, (byte) 0x70, (byte) 0x6c, (byte) 0x65, (byte) 0x20, (byte) 0x6f, (byte) 0x66, (byte) 0x20,
- (byte) 0x41, (byte) 0x75, (byte) 0x67, (byte) 0x75, (byte) 0x73, (byte) 0x74, (byte) 0x65, (byte) 0x20,
- (byte) 0x4b, (byte) 0x65, (byte) 0x72, (byte) 0x63, (byte) 0x6b, (byte) 0x68, (byte) 0x6f, (byte) 0x66,
- (byte) 0x66, (byte) 0x73
+ (byte) 0xd8, (byte) 0x66, (byte) 0x94, (byte) 0x09, (byte) 0x23, (byte) 0x41, (byte) 0xbc, (byte) 0x04
};
- CryptographyOptions cryptographyOptions = new CryptographyOptions(iv, authData, null);
+ EncryptOptions encryptOptions = new AesCbcEncryptOptions(iv);
- EncryptResult encryptedResult = cryptographyClient.encrypt(EncryptionAlgorithm.RSA_OAEP, myPlainText,
- cryptographyOptions, new Context(key1, value1));
+ EncryptResult encryptedResult = cryptographyClient.encrypt(EncryptionAlgorithm.A128CBC, myPlainText,
+ encryptOptions, new Context(key1, value1));
System.out.printf("Received encrypted content of length %d with algorithm %s \n",
encryptedResult.getCipherText().length, encryptedResult.getAlgorithm().toString());
- // END: com.azure.security.keyvault.keys.cryptography.CryptographyClient.encrypt#EncryptionAlgorithm-byte-CryptographyOptions-Context
+ // END: com.azure.security.keyvault.keys.cryptography.CryptographyClient.encrypt#EncryptionAlgorithm-byte-EncryptOptions-Context
}
/**
* Generates a code sample for using {@link CryptographyClient#decrypt(EncryptionAlgorithm, byte[])},
* {@link CryptographyClient#decrypt(EncryptionAlgorithm, byte[], Context)} and
- * {@link CryptographyClient#decrypt(EncryptionAlgorithm, byte[], CryptographyOptions, Context)}.
+ * {@link CryptographyClient#decrypt(EncryptionAlgorithm, byte[], DecryptOptions, Context)}.
*/
public void decrypt() {
CryptographyClient cryptographyClient = createClient();
@@ -155,31 +148,23 @@ public void decrypt() {
System.out.printf("Received decrypted content of length %d\n", decryptionResult.getPlainText().length);
// END: com.azure.security.keyvault.keys.cryptography.CryptographyClient.decrypt#EncryptionAlgorithm-byte-Context
- // BEGIN: com.azure.security.keyvault.keys.cryptography.CryptographyClient.decrypt#EncryptionAlgorithm-byte-CryptographyOptions-Context
+ // BEGIN: com.azure.security.keyvault.keys.cryptography.CryptographyClient.decrypt#EncryptionAlgorithm-byte-DecryptOptions-Context
byte[] myCipherText = new byte[100];
new Random(0x1234567L).nextBytes(myCipherText);
byte[] iv = {
(byte) 0x1a, (byte) 0xf3, (byte) 0x8c, (byte) 0x2d, (byte) 0xc2, (byte) 0xb9, (byte) 0x6f, (byte) 0xfd,
- (byte) 0xd8, (byte) 0x66, (byte) 0x94, (byte) 0x09, (byte) 0x23, (byte) 0x41, (byte) 0xbc, (byte) 0x04};
- byte[] authData = {
- (byte) 0x54, (byte) 0x68, (byte) 0x65, (byte) 0x20, (byte) 0x73, (byte) 0x65, (byte) 0x63, (byte) 0x6f,
- (byte) 0x6e, (byte) 0x64, (byte) 0x20, (byte) 0x70, (byte) 0x72, (byte) 0x69, (byte) 0x6e, (byte) 0x63,
- (byte) 0x69, (byte) 0x70, (byte) 0x6c, (byte) 0x65, (byte) 0x20, (byte) 0x6f, (byte) 0x66, (byte) 0x20,
- (byte) 0x41, (byte) 0x75, (byte) 0x67, (byte) 0x75, (byte) 0x73, (byte) 0x74, (byte) 0x65, (byte) 0x20,
- (byte) 0x4b, (byte) 0x65, (byte) 0x72, (byte) 0x63, (byte) 0x6b, (byte) 0x68, (byte) 0x6f, (byte) 0x66,
- (byte) 0x66, (byte) 0x73
+ (byte) 0xd8, (byte) 0x66, (byte) 0x94, (byte) 0x09, (byte) 0x23, (byte) 0x41, (byte) 0xbc, (byte) 0x04
};
- byte[] tag = "This is my authentication tag".getBytes();
- CryptographyOptions cryptographyOptions = new CryptographyOptions(iv, authData, tag);
+ DecryptOptions decryptOptions = new AesCbcDecryptOptions(iv);
- DecryptResult decryptedResult = cryptographyClient.decrypt(EncryptionAlgorithm.RSA_OAEP, myCipherText,
- cryptographyOptions, new Context(key1, value1));
+ DecryptResult decryptedResult = cryptographyClient.decrypt(EncryptionAlgorithm.A128CBC, myCipherText,
+ decryptOptions, new Context(key1, value1));
System.out.printf("Received decrypted content of length %d\n", decryptedResult.getPlainText().length);
- // END: com.azure.security.keyvault.keys.cryptography.CryptographyClient.decrypt#EncryptionAlgorithm-byte-CryptographyOptions-Context
+ // END: com.azure.security.keyvault.keys.cryptography.CryptographyClient.decrypt#EncryptionAlgorithm-byte-DecryptOptions-Context
}
/**
@@ -263,10 +248,8 @@ public void signDataVerifyData() throws NoSuchAlgorithmException {
/**
* Generates a code sample for using {@link CryptographyClient#wrapKey(KeyWrapAlgorithm, byte[])},
* {@link CryptographyClient#wrapKey(KeyWrapAlgorithm, byte[], Context)},
- * {@link CryptographyClient#wrapKey(KeyWrapAlgorithm, byte[], CryptographyOptions, Context)},
- * {@link CryptographyClient#unwrapKey(KeyWrapAlgorithm, byte[])},
- * {@link CryptographyClient#unwrapKey(KeyWrapAlgorithm, byte[], Context)} and
- * {@link CryptographyClient#unwrapKey(KeyWrapAlgorithm, byte[], CryptographyOptions, Context)}.
+ * {@link CryptographyClient#unwrapKey(KeyWrapAlgorithm, byte[])} and
+ * {@link CryptographyClient#unwrapKey(KeyWrapAlgorithm, byte[], Context)}.
*/
public void wrapKeyUnwrapKey() {
CryptographyClient cryptographyClient = createClient();
@@ -294,32 +277,6 @@ public void wrapKeyUnwrapKey() {
keyWrapResponse.getAlgorithm().toString());
// END: com.azure.security.keyvault.keys.cryptography.CryptographyClient.wrapKey#KeyWrapAlgorithm-byte-Context
- // BEGIN: com.azure.security.keyvault.keys.cryptography.CryptographyClient.wrapKey#KeyWrapAlgorithm-byte-CryptographyOptions-Context
- byte[] keyToWrap = new byte[100];
-
- new Random(0x1234567L).nextBytes(keyToWrap);
-
- byte[] iv = {
- (byte) 0x1a, (byte) 0xf3, (byte) 0x8c, (byte) 0x2d, (byte) 0xc2, (byte) 0xb9, (byte) 0x6f, (byte) 0xfd,
- (byte) 0xd8, (byte) 0x66, (byte) 0x94, (byte) 0x09, (byte) 0x23, (byte) 0x41, (byte) 0xbc, (byte) 0x04};
- byte[] authData = {
- (byte) 0x54, (byte) 0x68, (byte) 0x65, (byte) 0x20, (byte) 0x73, (byte) 0x65, (byte) 0x63, (byte) 0x6f,
- (byte) 0x6e, (byte) 0x64, (byte) 0x20, (byte) 0x70, (byte) 0x72, (byte) 0x69, (byte) 0x6e, (byte) 0x63,
- (byte) 0x69, (byte) 0x70, (byte) 0x6c, (byte) 0x65, (byte) 0x20, (byte) 0x6f, (byte) 0x66, (byte) 0x20,
- (byte) 0x41, (byte) 0x75, (byte) 0x67, (byte) 0x75, (byte) 0x73, (byte) 0x74, (byte) 0x65, (byte) 0x20,
- (byte) 0x4b, (byte) 0x65, (byte) 0x72, (byte) 0x63, (byte) 0x6b, (byte) 0x68, (byte) 0x6f, (byte) 0x66,
- (byte) 0x66, (byte) 0x73
- };
-
- CryptographyOptions cryptographyOptions = new CryptographyOptions(iv, authData, null);
-
- WrapResult wrapKeyResult = cryptographyClient.wrapKey(KeyWrapAlgorithm.RSA_OAEP, keyToWrap, cryptographyOptions,
- new Context(key1, value1));
-
- System.out.printf("Received encrypted key of length %d with algorithm %s", wrapKeyResult.getEncryptedKey().length,
- wrapKeyResult.getAlgorithm().toString());
- // END: com.azure.security.keyvault.keys.cryptography.CryptographyClient.wrapKey#KeyWrapAlgorithm-byte-CryptographyOptions-Context
-
// BEGIN: com.azure.security.keyvault.keys.cryptography.CryptographyClient.unwrapKey#KeyWrapAlgorithm-byte
byte[] wrappedKey = new byte[100];
@@ -340,31 +297,6 @@ public void wrapKeyUnwrapKey() {
System.out.printf("Received key of length %d", keyUnwrapResponse.getKey().length);
// END: com.azure.security.keyvault.keys.cryptography.CryptographyClient.unwrapKey#KeyWrapAlgorithm-byte-Context
-
- // BEGIN: com.azure.security.keyvault.keys.cryptography.CryptographyClient.unwrapKey#KeyWrapAlgorithm-byte-CryptographyOptions-Context
- byte[] keyToUnwrap = new byte[100];
-
- new Random(0x1234567L).nextBytes(keyToUnwrap);
-
- byte[] initializationVector = {
- (byte) 0x1a, (byte) 0xf3, (byte) 0x8c, (byte) 0x2d, (byte) 0xc2, (byte) 0xb9, (byte) 0x6f, (byte) 0xfd,
- (byte) 0xd8, (byte) 0x66, (byte) 0x94, (byte) 0x09, (byte) 0x23, (byte) 0x41, (byte) 0xbc, (byte) 0x04};
- byte[] authenticationData = {
- (byte) 0x54, (byte) 0x68, (byte) 0x65, (byte) 0x20, (byte) 0x73, (byte) 0x65, (byte) 0x63, (byte) 0x6f,
- (byte) 0x6e, (byte) 0x64, (byte) 0x20, (byte) 0x70, (byte) 0x72, (byte) 0x69, (byte) 0x6e, (byte) 0x63,
- (byte) 0x69, (byte) 0x70, (byte) 0x6c, (byte) 0x65, (byte) 0x20, (byte) 0x6f, (byte) 0x66, (byte) 0x20,
- (byte) 0x41, (byte) 0x75, (byte) 0x67, (byte) 0x75, (byte) 0x73, (byte) 0x74, (byte) 0x65, (byte) 0x20,
- (byte) 0x4b, (byte) 0x65, (byte) 0x72, (byte) 0x63, (byte) 0x6b, (byte) 0x68, (byte) 0x6f, (byte) 0x66,
- (byte) 0x66, (byte) 0x73
- };
-
- CryptographyOptions options = new CryptographyOptions(initializationVector, authenticationData, null);
-
- UnwrapResult unwrappedKey = cryptographyClient.unwrapKey(KeyWrapAlgorithm.RSA_OAEP, keyToUnwrap, options,
- new Context(key2, value2));
-
- System.out.printf("Received key of length %d", unwrappedKey.getKey().length);
- // END: com.azure.security.keyvault.keys.cryptography.CryptographyClient.unwrapKey#KeyWrapAlgorithm-byte-CryptographyOptions-Context
}
/**
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClientJavaDocCodeSnippets.java b/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClientJavaDocCodeSnippets.java
index 98fc655fc8fcf..5413d14a7fb41 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClientJavaDocCodeSnippets.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClientJavaDocCodeSnippets.java
@@ -44,12 +44,7 @@ public LocalCryptographyAsyncClient createAsyncClient() {
*/
public void encrypt() {
LocalCryptographyAsyncClient cryptographyAsyncClient = createAsyncClient();
- byte[] iv = {(byte) 0x1a, (byte) 0xf3, (byte) 0x8c, (byte) 0x2d, (byte) 0xc2, (byte) 0xb9, (byte) 0x6f, (byte) 0xfd, (byte) 0xd8, (byte) 0x66, (byte) 0x94, (byte) 0x09, (byte) 0x23, (byte) 0x41, (byte) 0xbc, (byte) 0x04};
- byte[] authData = {
- (byte) 0x54, (byte) 0x68, (byte) 0x65, (byte) 0x20, (byte) 0x73, (byte) 0x65, (byte) 0x63, (byte) 0x6f, (byte) 0x6e, (byte) 0x64, (byte) 0x20, (byte) 0x70, (byte) 0x72, (byte) 0x69, (byte) 0x6e, (byte) 0x63,
- (byte) 0x69, (byte) 0x70, (byte) 0x6c, (byte) 0x65, (byte) 0x20, (byte) 0x6f, (byte) 0x66, (byte) 0x20, (byte) 0x41, (byte) 0x75, (byte) 0x67, (byte) 0x75, (byte) 0x73, (byte) 0x74, (byte) 0x65, (byte) 0x20,
- (byte) 0x4b, (byte) 0x65, (byte) 0x72, (byte) 0x63, (byte) 0x6b, (byte) 0x68, (byte) 0x6f, (byte) 0x66, (byte) 0x66, (byte) 0x73
- };
+
// BEGIN: com.azure.security.keyvault.keys.cryptography.LocalCryptographyAsyncClient.encrypt#EncryptionAlgorithm-byte
byte[] plainText = new byte[100];
new Random(0x1234567L).nextBytes(plainText);
@@ -59,6 +54,22 @@ public void encrypt() {
System.out.printf("Received encrypted content of length %d with algorithm %s \n",
encryptResult.getCipherText().length, encryptResult.getAlgorithm().toString()));
// END: com.azure.security.keyvault.keys.cryptography.LocalCryptographyAsyncClient.encrypt#EncryptionAlgorithm-byte
+
+ // BEGIN: com.azure.security.keyvault.keys.cryptography.LocalCryptographyAsyncClient.encrypt#EncryptionAlgorithm-byte-EncryptOptions
+ byte[] plainTextBytes = new byte[100];
+ new Random(0x1234567L).nextBytes(plainTextBytes);
+ byte[] iv = {
+ (byte) 0x1a, (byte) 0xf3, (byte) 0x8c, (byte) 0x2d, (byte) 0xc2, (byte) 0xb9, (byte) 0x6f, (byte) 0xfd,
+ (byte) 0xd8, (byte) 0x66, (byte) 0x94, (byte) 0x09, (byte) 0x23, (byte) 0x41, (byte) 0xbc, (byte) 0x04
+ };
+ EncryptOptions encryptOptions = new AesCbcEncryptOptions(iv);
+
+ cryptographyAsyncClient.encrypt(EncryptionAlgorithm.A128CBC, plainTextBytes, encryptOptions)
+ .subscriberContext(reactor.util.context.Context.of(key1, value1, key2, value2))
+ .subscribe(encryptResult ->
+ System.out.printf("Received encrypted content of length %d with algorithm %s \n",
+ encryptResult.getCipherText().length, encryptResult.getAlgorithm().toString()));
+ // END: com.azure.security.keyvault.keys.cryptography.LocalCryptographyAsyncClient.encrypt#EncryptionAlgorithm-byte-EncryptOptions
}
/**
@@ -75,6 +86,21 @@ public void decrypt() {
.subscribe(decryptResult ->
System.out.printf("Received decrypted content of length %d\n", decryptResult.getPlainText().length));
// END: com.azure.security.keyvault.keys.cryptography.LocalCryptographyAsyncClient.decrypt#EncryptionAlgorithm-byte
+
+ // BEGIN: com.azure.security.keyvault.keys.cryptography.LocalCryptographyAsyncClient.decrypt#EncryptionAlgorithm-byte-DecryptOptions
+ byte[] plainTextBytes = new byte[100];
+ new Random(0x1234567L).nextBytes(plainTextBytes);
+ byte[] iv = {
+ (byte) 0x1a, (byte) 0xf3, (byte) 0x8c, (byte) 0x2d, (byte) 0xc2, (byte) 0xb9, (byte) 0x6f, (byte) 0xfd,
+ (byte) 0xd8, (byte) 0x66, (byte) 0x94, (byte) 0x09, (byte) 0x23, (byte) 0x41, (byte) 0xbc, (byte) 0x04
+ };
+ DecryptOptions decryptOptions = new AesCbcDecryptOptions(iv);
+
+ cryptographyAsyncClient.decrypt(EncryptionAlgorithm.A128CBC, plainTextBytes, decryptOptions)
+ .subscriberContext(reactor.util.context.Context.of(key1, value1, key2, value2))
+ .subscribe(decryptResult ->
+ System.out.printf("Received decrypted content of length %d\n", decryptResult.getPlainText().length));
+ // END: com.azure.security.keyvault.keys.cryptography.LocalCryptographyAsyncClient.decrypt#EncryptionAlgorithm-byte-DecryptOptions
}
/**
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClientJavaDocCodeSnippets.java b/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClientJavaDocCodeSnippets.java
index e730fa87ee0ab..a47687559d1f5 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClientJavaDocCodeSnippets.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClientJavaDocCodeSnippets.java
@@ -49,12 +49,7 @@ public LocalCryptographyClient createClient() {
*/
public void encrypt() {
LocalCryptographyClient cryptographyClient = createClient();
- byte[] iv = {(byte) 0x1a, (byte) 0xf3, (byte) 0x8c, (byte) 0x2d, (byte) 0xc2, (byte) 0xb9, (byte) 0x6f, (byte) 0xfd, (byte) 0xd8, (byte) 0x66, (byte) 0x94, (byte) 0x09, (byte) 0x23, (byte) 0x41, (byte) 0xbc, (byte) 0x04};
- byte[] authData = {
- (byte) 0x54, (byte) 0x68, (byte) 0x65, (byte) 0x20, (byte) 0x73, (byte) 0x65, (byte) 0x63, (byte) 0x6f, (byte) 0x6e, (byte) 0x64, (byte) 0x20, (byte) 0x70, (byte) 0x72, (byte) 0x69, (byte) 0x6e, (byte) 0x63,
- (byte) 0x69, (byte) 0x70, (byte) 0x6c, (byte) 0x65, (byte) 0x20, (byte) 0x6f, (byte) 0x66, (byte) 0x20, (byte) 0x41, (byte) 0x75, (byte) 0x67, (byte) 0x75, (byte) 0x73, (byte) 0x74, (byte) 0x65, (byte) 0x20,
- (byte) 0x4b, (byte) 0x65, (byte) 0x72, (byte) 0x63, (byte) 0x6b, (byte) 0x68, (byte) 0x6f, (byte) 0x66, (byte) 0x66, (byte) 0x73
- };
+
// BEGIN: com.azure.security.keyvault.keys.cryptography.LocalCryptographyClient.encrypt#EncryptionAlgorithm-byte
byte[] plainText = new byte[100];
new Random(0x1234567L).nextBytes(plainText);
@@ -62,6 +57,21 @@ public void encrypt() {
System.out.printf("Received encrypted content of length %d with algorithm %s \n",
encryptResult.getCipherText().length, encryptResult.getAlgorithm().toString());
// END: com.azure.security.keyvault.keys.cryptography.LocalCryptographyClient.encrypt#EncryptionAlgorithm-byte
+
+ // BEGIN: com.azure.security.keyvault.keys.cryptography.LocalCryptographyClient.encrypt#EncryptionAlgorithm-byte-EncryptOptions
+ byte[] plainTextBytes = new byte[100];
+ new Random(0x1234567L).nextBytes(plainTextBytes);
+ byte[] iv = {
+ (byte) 0x1a, (byte) 0xf3, (byte) 0x8c, (byte) 0x2d, (byte) 0xc2, (byte) 0xb9, (byte) 0x6f, (byte) 0xfd,
+ (byte) 0xd8, (byte) 0x66, (byte) 0x94, (byte) 0x09, (byte) 0x23, (byte) 0x41, (byte) 0xbc, (byte) 0x04
+ };
+ EncryptOptions encryptOptions = new AesCbcEncryptOptions(iv);
+ EncryptResult encryptedResult = cryptographyClient.encrypt(EncryptionAlgorithm.RSA_OAEP, plainTextBytes,
+ encryptOptions);
+
+ System.out.printf("Received encrypted content of length %d with algorithm %s \n",
+ encryptedResult.getCipherText().length, encryptedResult.getAlgorithm().toString());
+ // END: com.azure.security.keyvault.keys.cryptography.LocalCryptographyClient.encrypt#EncryptionAlgorithm-byte-EncryptOptions
}
/**
@@ -70,11 +80,26 @@ public void encrypt() {
*/
public void decrypt() {
LocalCryptographyClient cryptographyClient = createClient();
- byte[] encryptedData = new byte[100];
+
// BEGIN: com.azure.security.keyvault.keys.cryptography.LocalCryptographyClient.decrypt#EncryptionAlgorithm-byte
+ byte[] encryptedData = new byte[100];
DecryptResult decryptResult = cryptographyClient.decrypt(EncryptionAlgorithm.RSA_OAEP, encryptedData);
+
System.out.printf("Received decrypted content of length %d\n", decryptResult.getPlainText().length);
// END: com.azure.security.keyvault.keys.cryptography.LocalCryptographyClient.decrypt#EncryptionAlgorithm-byte
+
+ // BEGIN: com.azure.security.keyvault.keys.cryptography.LocalCryptographyClient.decrypt#EncryptionAlgorithm-byte-DecryptOptions
+ byte[] encryptedBytes = new byte[100];
+ byte[] iv = {
+ (byte) 0x1a, (byte) 0xf3, (byte) 0x8c, (byte) 0x2d, (byte) 0xc2, (byte) 0xb9, (byte) 0x6f, (byte) 0xfd,
+ (byte) 0xd8, (byte) 0x66, (byte) 0x94, (byte) 0x09, (byte) 0x23, (byte) 0x41, (byte) 0xbc, (byte) 0x04
+ };
+ DecryptOptions decryptOptions = new AesCbcDecryptOptions(iv);
+ DecryptResult decryptedResult = cryptographyClient.decrypt(EncryptionAlgorithm.A128CBC, encryptedBytes,
+ decryptOptions);
+
+ System.out.printf("Received decrypted content of length %d\n", decryptedResult.getPlainText().length);
+ // END: com.azure.security.keyvault.keys.cryptography.LocalCryptographyClient.decrypt#EncryptionAlgorithm-byte-DecryptOptions
}
/**
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/CryptographyClientTest.java b/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/CryptographyClientTest.java
index e0377b6868d39..c29cef3c56dca 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/CryptographyClientTest.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/CryptographyClientTest.java
@@ -16,9 +16,19 @@
import com.azure.security.keyvault.keys.models.JsonWebKey;
import com.azure.security.keyvault.keys.models.KeyCurveName;
-import java.security.*;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
+import java.security.NoSuchAlgorithmException;
+import java.security.Provider;
+import java.security.Security;
import java.security.spec.ECGenParameterSpec;
-import java.util.*;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Random;
+
import org.junit.jupiter.params.ParameterizedTest;
import org.junit.jupiter.params.provider.MethodSource;
@@ -103,12 +113,12 @@ public void wrapUnwraptRsa(HttpClient httpClient, CryptographyServiceVersion ser
new Random(0x1234567L).nextBytes(plainText);
byte[] encryptedKey = cryptoClient.wrapKey(algorithm, plainText).getEncryptedKey();
byte[] decryptedKey =
- serviceClient.unwrapKey(algorithm, encryptedKey, null, Context.NONE).block().getKey();
+ serviceClient.unwrapKey(algorithm, encryptedKey, Context.NONE).block().getKey();
assertArrayEquals(decryptedKey, plainText);
encryptedKey =
- serviceClient.wrapKey(algorithm, plainText, null, Context.NONE).block().getEncryptedKey();
+ serviceClient.wrapKey(algorithm, plainText, Context.NONE).block().getEncryptedKey();
decryptedKey = cryptoClient.unwrapKey(algorithm, encryptedKey).getKey();
assertArrayEquals(decryptedKey, plainText);
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/CryptographyClientTestBase.java b/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/CryptographyClientTestBase.java
index e61f407eb42f9..50947681766c0 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/CryptographyClientTestBase.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/CryptographyClientTestBase.java
@@ -34,7 +34,12 @@
import java.security.spec.RSAPrivateCrtKeySpec;
import java.security.spec.RSAPublicKeySpec;
import java.time.Duration;
-import java.util.*;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Objects;
+import java.util.UUID;
import java.util.function.Consumer;
import static org.junit.jupiter.api.Assertions.assertEquals;
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClientTest.java b/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClientTest.java
index ed006bb2ca610..a340b7cc55ecd 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClientTest.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClientTest.java
@@ -34,13 +34,6 @@ protected void beforeTest() {
beforeTestSetup();
}
-
- private LocalCryptographyClient initializeCryptographyClient(JsonWebKey key) {
- return new LocalCryptographyClientBuilder()
- .key(key)
- .buildClient();
- }
-
@Test
public void encryptDecryptRsa() throws Exception {
encryptDecryptRsaRunner(keyPair -> {
@@ -116,6 +109,50 @@ public void signVerifyEc() throws NoSuchAlgorithmException, InvalidAlgorithmPara
Boolean verifyStatus = cryptoClient.verifyData(curveToSignature.get(crv), plainText, signature).isValid();
assertTrue(verifyStatus);
}
+ }
+ @Test
+ public void encryptDecryptLocalAes128Cbc() throws NoSuchAlgorithmException {
+ encryptDecryptAesCbc(128, EncryptionAlgorithm.A128CBC);
+ }
+
+ @Test
+ public void encryptDecryptLocalAes192Cbc() throws NoSuchAlgorithmException {
+ encryptDecryptAesCbc(256, EncryptionAlgorithm.A192CBC);
+ }
+
+ @Test
+ public void encryptDecryptLocalAes256Cbc() throws NoSuchAlgorithmException {
+ encryptDecryptAesCbc(256, EncryptionAlgorithm.A256CBC);
+ }
+
+ @Test
+ public void encryptDecryptLocalAes128CbcPad() throws NoSuchAlgorithmException {
+ encryptDecryptAesCbc(128, EncryptionAlgorithm.A128CBCPAD);
+ }
+
+ @Test
+ public void encryptDecryptLocalAes192CbcPad() throws NoSuchAlgorithmException {
+ encryptDecryptAesCbc(192, EncryptionAlgorithm.A192CBCPAD);
+ }
+
+ @Test
+ public void encryptDecryptLocalAes256CbcPad() throws NoSuchAlgorithmException {
+ encryptDecryptAesCbc(256, EncryptionAlgorithm.A256CBCPAD);
+ }
+
+ @Test
+ public void encryptDecryptLocalAes128Gcm() throws NoSuchAlgorithmException {
+ encryptDecryptAesGcm(128, EncryptionAlgorithm.A128GCM);
+ }
+
+ @Test
+ public void encryptDecryptLocalAes192Gcm() throws NoSuchAlgorithmException {
+ encryptDecryptAesGcm(192, EncryptionAlgorithm.A192GCM);
+ }
+
+ @Test
+ public void encryptDecryptLocalAes256Gcm() throws NoSuchAlgorithmException {
+ encryptDecryptAesGcm(256, EncryptionAlgorithm.A256GCM);
}
}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClientTestBase.java b/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClientTestBase.java
index 4e0d1158e3b20..d5535637a6b3c 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClientTestBase.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClientTestBase.java
@@ -5,8 +5,15 @@
import com.azure.core.exception.HttpResponseException;
import com.azure.core.test.TestBase;
+import com.azure.security.keyvault.keys.cryptography.models.DecryptResult;
+import com.azure.security.keyvault.keys.cryptography.models.EncryptResult;
+import com.azure.security.keyvault.keys.cryptography.models.EncryptionAlgorithm;
+import com.azure.security.keyvault.keys.models.JsonWebKey;
+import com.azure.security.keyvault.keys.models.KeyOperation;
import org.junit.jupiter.api.Test;
+import javax.crypto.KeyGenerator;
+import javax.crypto.SecretKey;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyFactory;
@@ -15,11 +22,14 @@
import java.security.spec.KeySpec;
import java.security.spec.RSAPrivateCrtKeySpec;
import java.security.spec.RSAPublicKeySpec;
+import java.util.ArrayList;
import java.util.HashMap;
+import java.util.List;
import java.util.Map;
import java.util.UUID;
import java.util.function.Consumer;
+import static org.junit.jupiter.api.Assertions.assertArrayEquals;
import static org.junit.jupiter.api.Assertions.assertEquals;
import static org.junit.jupiter.api.Assertions.fail;
@@ -32,6 +42,12 @@ protected String getTestName() {
void beforeTestSetup() {
}
+ static LocalCryptographyClient initializeCryptographyClient(JsonWebKey key) {
+ return new LocalCryptographyClientBuilder()
+ .key(key)
+ .buildClient();
+ }
+
@Test
public abstract void encryptDecryptRsa() throws Exception;
@@ -41,6 +57,33 @@ void encryptDecryptRsaRunner(Consumer testRunner) throws Exception {
testRunner.accept(getWellKnownKey());
}
+ @Test
+ public abstract void encryptDecryptLocalAes128Cbc() throws Exception;
+
+ @Test
+ public abstract void encryptDecryptLocalAes192Cbc() throws Exception;
+
+ @Test
+ public abstract void encryptDecryptLocalAes256Cbc() throws Exception;
+
+ @Test
+ public abstract void encryptDecryptLocalAes128CbcPad() throws Exception;
+
+ @Test
+ public abstract void encryptDecryptLocalAes192CbcPad() throws Exception;
+
+ @Test
+ public abstract void encryptDecryptLocalAes256CbcPad() throws Exception;
+
+ @Test
+ public abstract void encryptDecryptLocalAes128Gcm() throws Exception;
+
+ @Test
+ public abstract void encryptDecryptLocalAes192Gcm() throws Exception;
+
+ @Test
+ public abstract void encryptDecryptLocalAes256Gcm() throws Exception;
+
@Test
public abstract void signVerifyEc() throws NoSuchAlgorithmException, InvalidAlgorithmParameterException;
@@ -65,6 +108,52 @@ private static KeyPair getWellKnownKey() throws Exception {
return new KeyPair(keyFactory.generatePublic(publicKeySpec), keyFactory.generatePrivate(privateKeySpec));
}
+ static void encryptDecryptAesCbc(int keySize, EncryptionAlgorithm algorithm) throws NoSuchAlgorithmException {
+ byte[] plaintext = "My16BitPlaintext".getBytes();
+ byte[] iv = "My16BytesTestIv.".getBytes();
+ LocalCryptographyClient localCryptographyClient = initializeCryptographyClient(getTestJsonWebKey(keySize));
+ EncryptOptions encryptOptions = new AesCbcEncryptOptions(iv);
+ EncryptResult encryptResult =
+ localCryptographyClient.encrypt(algorithm, plaintext, encryptOptions);
+ DecryptOptions decryptOptions = new AesCbcDecryptOptions(iv);
+ DecryptResult decryptResult =
+ localCryptographyClient.decrypt(algorithm, encryptResult.getCipherText(), decryptOptions);
+
+ assertArrayEquals(plaintext, decryptResult.getPlainText());
+ }
+
+ static void encryptDecryptAesGcm(int keySize, EncryptionAlgorithm algorithm) throws NoSuchAlgorithmException {
+ byte[] plaintext = "My16BitPlaintext".getBytes();
+ byte[] iv = "My12BytesIv.".getBytes();
+ LocalCryptographyClient localCryptographyClient = initializeCryptographyClient(getTestJsonWebKey(keySize));
+ EncryptOptions encryptOptions = new AesGcmEncryptOptions(iv, null);
+ EncryptResult encryptResult =
+ localCryptographyClient.encrypt(algorithm, plaintext, encryptOptions);
+ byte[] authenticationTag = new byte[12];
+
+ System.arraycopy(encryptResult.getCipherText(), 0, authenticationTag, 0, authenticationTag.length);
+
+ DecryptOptions decryptOptions = new AesGcmDecryptOptions(iv, null, authenticationTag);
+ DecryptResult decryptResult =
+ localCryptographyClient.decrypt(algorithm, encryptResult.getCipherText(), decryptOptions);
+
+ assertArrayEquals(plaintext, decryptResult.getPlainText());
+ }
+
+ private static JsonWebKey getTestJsonWebKey(int keySize) throws NoSuchAlgorithmException {
+ KeyGenerator keyGen = KeyGenerator.getInstance("AES");
+
+ keyGen.init(keySize);
+
+ SecretKey secretKey = keyGen.generateKey();
+
+ List keyOperations = new ArrayList<>();
+ keyOperations.add(KeyOperation.ENCRYPT);
+ keyOperations.add(KeyOperation.DECRYPT);
+
+ return JsonWebKey.fromAes(secretKey, keyOperations).setId("testKey");
+ }
+
String generateResourceId(String suffix) {
if (interceptorManager.isPlaybackMode()) {
return suffix;
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/test/resources/session-records/encryptDecryptLocalAes128Cbc.json b/sdk/keyvault/azure-security-keyvault-keys/src/test/resources/session-records/encryptDecryptLocalAes128Cbc.json
new file mode 100644
index 0000000000000..ef57284a590ce
--- /dev/null
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/test/resources/session-records/encryptDecryptLocalAes128Cbc.json
@@ -0,0 +1,4 @@
+{
+ "networkCallRecords" : [ ],
+ "variables" : [ ]
+}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/test/resources/session-records/encryptDecryptLocalAes128CbcPad.json b/sdk/keyvault/azure-security-keyvault-keys/src/test/resources/session-records/encryptDecryptLocalAes128CbcPad.json
new file mode 100644
index 0000000000000..ef57284a590ce
--- /dev/null
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/test/resources/session-records/encryptDecryptLocalAes128CbcPad.json
@@ -0,0 +1,4 @@
+{
+ "networkCallRecords" : [ ],
+ "variables" : [ ]
+}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/test/resources/session-records/encryptDecryptLocalAes128Gcm.json b/sdk/keyvault/azure-security-keyvault-keys/src/test/resources/session-records/encryptDecryptLocalAes128Gcm.json
new file mode 100644
index 0000000000000..ef57284a590ce
--- /dev/null
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/test/resources/session-records/encryptDecryptLocalAes128Gcm.json
@@ -0,0 +1,4 @@
+{
+ "networkCallRecords" : [ ],
+ "variables" : [ ]
+}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/test/resources/session-records/encryptDecryptLocalAes192Cbc.json b/sdk/keyvault/azure-security-keyvault-keys/src/test/resources/session-records/encryptDecryptLocalAes192Cbc.json
new file mode 100644
index 0000000000000..ef57284a590ce
--- /dev/null
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/test/resources/session-records/encryptDecryptLocalAes192Cbc.json
@@ -0,0 +1,4 @@
+{
+ "networkCallRecords" : [ ],
+ "variables" : [ ]
+}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/test/resources/session-records/encryptDecryptLocalAes192CbcPad.json b/sdk/keyvault/azure-security-keyvault-keys/src/test/resources/session-records/encryptDecryptLocalAes192CbcPad.json
new file mode 100644
index 0000000000000..ef57284a590ce
--- /dev/null
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/test/resources/session-records/encryptDecryptLocalAes192CbcPad.json
@@ -0,0 +1,4 @@
+{
+ "networkCallRecords" : [ ],
+ "variables" : [ ]
+}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/test/resources/session-records/encryptDecryptLocalAes192Gcm.json b/sdk/keyvault/azure-security-keyvault-keys/src/test/resources/session-records/encryptDecryptLocalAes192Gcm.json
new file mode 100644
index 0000000000000..ef57284a590ce
--- /dev/null
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/test/resources/session-records/encryptDecryptLocalAes192Gcm.json
@@ -0,0 +1,4 @@
+{
+ "networkCallRecords" : [ ],
+ "variables" : [ ]
+}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/test/resources/session-records/encryptDecryptLocalAes256Cbc.json b/sdk/keyvault/azure-security-keyvault-keys/src/test/resources/session-records/encryptDecryptLocalAes256Cbc.json
new file mode 100644
index 0000000000000..ef57284a590ce
--- /dev/null
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/test/resources/session-records/encryptDecryptLocalAes256Cbc.json
@@ -0,0 +1,4 @@
+{
+ "networkCallRecords" : [ ],
+ "variables" : [ ]
+}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/test/resources/session-records/encryptDecryptLocalAes256CbcPad.json b/sdk/keyvault/azure-security-keyvault-keys/src/test/resources/session-records/encryptDecryptLocalAes256CbcPad.json
new file mode 100644
index 0000000000000..ef57284a590ce
--- /dev/null
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/test/resources/session-records/encryptDecryptLocalAes256CbcPad.json
@@ -0,0 +1,4 @@
+{
+ "networkCallRecords" : [ ],
+ "variables" : [ ]
+}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/test/resources/session-records/encryptDecryptLocalAes256Gcm.json b/sdk/keyvault/azure-security-keyvault-keys/src/test/resources/session-records/encryptDecryptLocalAes256Gcm.json
new file mode 100644
index 0000000000000..ef57284a590ce
--- /dev/null
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/test/resources/session-records/encryptDecryptLocalAes256Gcm.json
@@ -0,0 +1,4 @@
+{
+ "networkCallRecords" : [ ],
+ "variables" : [ ]
+}
From 596d98e58e6860b78fbcce460fbe5da39333ce69 Mon Sep 17 00:00:00 2001
From: Victor Colin Amador
Date: Thu, 12 Nov 2020 09:34:47 -0800
Subject: [PATCH 09/15] Made the EncryptOptions and DecryptOptions constructor
package-private, as well as their children's, and made them have factory
methods for creating the former to help with discoverability.
---
.../cryptography/AesCbcDecryptOptions.java | 24 ++++-
.../cryptography/AesCbcEncryptOptions.java | 24 ++++-
.../cryptography/AesGcmDecryptOptions.java | 49 +++++++++-
.../cryptography/AesGcmEncryptOptions.java | 35 ++++++-
.../cryptography/CryptographyAsyncClient.java | 44 ++++-----
.../keys/cryptography/CryptographyClient.java | 28 +++---
.../CryptographyServiceClient.java | 41 ++++----
.../keys/cryptography/DecryptOptions.java | 95 +++++++++++++------
.../cryptography/EcKeyCryptographyClient.java | 7 +-
.../keys/cryptography/EncryptOptions.java | 90 +++++++++++++-----
.../LocalCryptographyAsyncClient.java | 20 ++--
.../cryptography/LocalCryptographyClient.java | 20 ++--
.../LocalKeyCryptographyClient.java | 7 +-
.../RsaKeyCryptographyClient.java | 32 +++++--
.../SymmetricKeyCryptographyClient.java | 42 ++++----
...ographyAsyncClientJavaDocCodeSnippets.java | 22 +++--
...CryptographyClientJavaDocCodeSnippets.java | 24 ++---
...ographyAsyncClientJavaDocCodeSnippets.java | 18 ++--
...CryptographyClientJavaDocCodeSnippets.java | 20 ++--
.../cryptography/CryptographyClientTest.java | 7 +-
.../LocalCryptographyClientTestBase.java | 18 ++--
21 files changed, 421 insertions(+), 246 deletions(-)
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbcDecryptOptions.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbcDecryptOptions.java
index a962f4325bce1..53f88f977f3ad 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbcDecryptOptions.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbcDecryptOptions.java
@@ -3,6 +3,8 @@
package com.azure.security.keyvault.keys.cryptography;
+import com.azure.security.keyvault.keys.cryptography.models.EncryptionAlgorithm;
+
/**
* A class containing configuration parameters that can be applied when decrypting AES-CBC keys with and without
* padding.
@@ -11,9 +13,27 @@ public class AesCbcDecryptOptions extends DecryptOptions {
/**
* Creates an instance of {@link AesCbcDecryptOptions} with the given parameters.
*
+ * @param algorithm The algorithm to be used for decryption.
+ * @param ciphertext The content to be decrypted.
+ */
+ AesCbcDecryptOptions(EncryptionAlgorithm algorithm, byte[] ciphertext) {
+ super(algorithm, ciphertext);
+ }
+
+ /**
+ * Set the given initialization vector to be used in this decryption operation.
+ *
* @param iv Initialization vector for the decryption operation.
+ * @return The updated {@link AesCbcDecryptOptions} object.
*/
- public AesCbcDecryptOptions(byte[] iv) {
- super(iv, null, null);
+ public AesCbcDecryptOptions setIv(byte[] iv) {
+ if (iv == null) {
+ this.iv = null;
+ } else {
+ this.iv = new byte[iv.length];
+ System.arraycopy(iv, 0, this.iv, 0, iv.length);
+ }
+
+ return this;
}
}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbcEncryptOptions.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbcEncryptOptions.java
index 9691c94c653f9..bf75673d06df1 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbcEncryptOptions.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbcEncryptOptions.java
@@ -3,6 +3,8 @@
package com.azure.security.keyvault.keys.cryptography;
+import com.azure.security.keyvault.keys.cryptography.models.EncryptionAlgorithm;
+
/**
* A class containing configuration parameters that can be applied when encrypting AES-CBC keys with and without
* padding.
@@ -11,9 +13,27 @@ public class AesCbcEncryptOptions extends EncryptOptions {
/**
* Creates an instance of {@link AesCbcEncryptOptions} with the given parameters.
*
+ * @param algorithm The algorithm to be used for encryption.
+ * @param plaintext The content to be encrypted.
+ */
+ AesCbcEncryptOptions(EncryptionAlgorithm algorithm, byte[] plaintext) {
+ super(algorithm, plaintext);
+ }
+
+ /**
+ * Set the given initialization vector to be used in this encryption operation.
+ *
* @param iv Initialization vector for the encryption operation.
+ * @return The updated {@link AesCbcEncryptOptions} object.
*/
- public AesCbcEncryptOptions(byte[] iv) {
- super(iv, null);
+ public AesCbcEncryptOptions setIv(byte[] iv) {
+ if (iv == null) {
+ this.iv = null;
+ } else {
+ this.iv = new byte[iv.length];
+ System.arraycopy(iv, 0, this.iv, 0, iv.length);
+ }
+
+ return this;
}
}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesGcmDecryptOptions.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesGcmDecryptOptions.java
index c335aae51b159..92dced7e0fcd3 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesGcmDecryptOptions.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesGcmDecryptOptions.java
@@ -3,6 +3,8 @@
package com.azure.security.keyvault.keys.cryptography;
+import com.azure.security.keyvault.keys.cryptography.models.EncryptionAlgorithm;
+
/**
* A class containing configuration parameters that can be applied when decrypting AES-GCM keys.
*/
@@ -10,11 +12,54 @@ public class AesGcmDecryptOptions extends DecryptOptions {
/**
* Creates an instance of {@link AesGcmDecryptOptions} with the given parameters.
*
+ * @param algorithm The algorithm to be used for decryption.
+ * @param ciphertext The content to be decrypted.
* @param iv Initialization vector for the decryption operation.
+ */
+ AesGcmDecryptOptions(EncryptionAlgorithm algorithm, byte[] ciphertext, byte[] iv) {
+ super(algorithm, ciphertext);
+
+ if (iv == null) {
+ this.iv = null;
+ } else {
+ this.iv = new byte[iv.length];
+ System.arraycopy(iv, 0, this.iv, 0, iv.length);
+ }
+ }
+
+ /**
+ * Set additional data to authenticate when using authenticated crypto algorithms.
+ *
* @param additionalAuthenticatedData Additional data to authenticate when using authenticated crypto algorithms.
+ * @return The updated {@link AesGcmDecryptOptions} object.
+ */
+ public AesGcmDecryptOptions setAdditionalAuthenticatedData(byte[] additionalAuthenticatedData) {
+ if (additionalAuthenticatedData == null) {
+ this.additionalAuthenticatedData = null;
+ } else {
+ this.additionalAuthenticatedData = new byte[additionalAuthenticatedData.length];
+ System.arraycopy(additionalAuthenticatedData, 0, this.additionalAuthenticatedData, 0,
+ additionalAuthenticatedData.length);
+ }
+
+ return this;
+ }
+
+ /**
+ * Set the tag to authenticate when performing decryption.
+ *
* @param authenticationTag The tag to authenticate when performing decryption.
+ * @return The updated {@link AesGcmDecryptOptions} object.
*/
- public AesGcmDecryptOptions(byte[] iv, byte[] additionalAuthenticatedData, byte[] authenticationTag) {
- super(iv, additionalAuthenticatedData, authenticationTag);
+ public AesGcmDecryptOptions setAuthenticationTag(byte[] authenticationTag) {
+ if (authenticationTag == null) {
+ this.authenticationTag = null;
+ } else {
+ this.authenticationTag = new byte[authenticationTag.length];
+ System.arraycopy(authenticationTag, 0, this.authenticationTag, 0,
+ authenticationTag.length);
+ }
+
+ return this;
}
}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesGcmEncryptOptions.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesGcmEncryptOptions.java
index d9697164c9d28..7ea254f54224b 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesGcmEncryptOptions.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesGcmEncryptOptions.java
@@ -3,6 +3,8 @@
package com.azure.security.keyvault.keys.cryptography;
+import com.azure.security.keyvault.keys.cryptography.models.EncryptionAlgorithm;
+
/**
* A class containing configuration parameters that can be applied when encrypting AES-GCM keys.
*/
@@ -10,11 +12,36 @@ public class AesGcmEncryptOptions extends EncryptOptions {
/**
* Creates an instance of {@link AesGcmEncryptOptions} with the given parameters.
*
+ * @param algorithm The algorithm to be used for encryption.
+ * @param ciphertext The content to be encrypted.
* @param iv Initialization vector for the encryption operation.
- * @param additionalAuthenticatedData Additional data to authenticate but not encrypt/decrypt when using
- * authenticated crypto algorithms.
*/
- public AesGcmEncryptOptions(byte[] iv, byte[] additionalAuthenticatedData) {
- super(iv, additionalAuthenticatedData);
+ AesGcmEncryptOptions(EncryptionAlgorithm algorithm, byte[] ciphertext, byte[] iv) {
+ super(algorithm, ciphertext);
+
+ if (iv == null) {
+ this.iv = null;
+ } else {
+ this.iv = new byte[iv.length];
+ System.arraycopy(iv, 0, this.iv, 0, iv.length);
+ }
+ }
+
+ /**
+ * Set additional data to authenticate when using authenticated crypto algorithms.
+ *
+ * @param additionalAuthenticatedData Additional data to authenticate when using authenticated crypto algorithms.
+ * @return The updated {@link AesGcmEncryptOptions} object.
+ */
+ public AesGcmEncryptOptions setAdditionalAuthenticatedData(byte[] additionalAuthenticatedData) {
+ if (additionalAuthenticatedData == null) {
+ this.additionalAuthenticatedData = null;
+ } else {
+ this.additionalAuthenticatedData = new byte[additionalAuthenticatedData.length];
+ System.arraycopy(additionalAuthenticatedData, 0, this.additionalAuthenticatedData, 0,
+ additionalAuthenticatedData.length);
+ }
+
+ return this;
}
}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyAsyncClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyAsyncClient.java
index decd00b92ecf5..d0f5b21762c37 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyAsyncClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyAsyncClient.java
@@ -223,7 +223,7 @@ Mono getSecretKey() {
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public Mono encrypt(EncryptionAlgorithm algorithm, byte[] plaintext) {
- return encrypt(algorithm, plaintext, null);
+ return encrypt(new EncryptOptions(algorithm, plaintext), null);
}
/**
@@ -248,11 +248,9 @@ public Mono encrypt(EncryptionAlgorithm algorithm, byte[] plainte
* Code Samples
* Encrypts the content. Subscribes to the call asynchronously and prints out the encrypted content details when
* a response has been received.
- * {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.encrypt#EncryptionAlgorithm-byte-EncryptOptions}
+ * {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.encrypt#EncryptOptions}
*
- * @param algorithm The algorithm to be used for encryption.
- * @param plaintext The content to be encrypted.
- * @param options Optional parameters for the encryption operation.
+ * @param encryptOptions The parameters to use in the encryption operation.
* @return A {@link Mono} containing a {@link EncryptResult} whose {@link EncryptResult#getCipherText() cipher text}
* contains the encrypted content.
* @throws ResourceNotFoundException If the key cannot be found for encryption.
@@ -260,23 +258,19 @@ public Mono encrypt(EncryptionAlgorithm algorithm, byte[] plainte
* @throws NullPointerException If {@code algorithm} or {@code plainText} are {@code null}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
- public Mono encrypt(EncryptionAlgorithm algorithm, byte[] plaintext, EncryptOptions options) {
+ public Mono encrypt(EncryptOptions encryptOptions) {
try {
- return withContext(context -> encrypt(algorithm, plaintext, options, context));
+ return withContext(context -> encrypt(encryptOptions, context));
} catch (RuntimeException ex) {
return monoError(logger, ex);
}
}
- Mono encrypt(EncryptionAlgorithm algorithm, byte[] plaintext, EncryptOptions options,
- Context context) {
- Objects.requireNonNull(algorithm, "Encryption algorithm cannot be null.");
- Objects.requireNonNull(plaintext, "Plain text content to be encrypted cannot be null.");
-
+ Mono encrypt(EncryptOptions encryptOptions, Context context) {
return ensureValidKeyAvailable().flatMap(available -> {
if (!available) {
- return cryptographyServiceClient.encrypt(algorithm, plaintext, options, context);
+ return cryptographyServiceClient.encrypt(encryptOptions, context);
}
if (!checkKeyPermissions(this.key.getKeyOps(), KeyOperation.ENCRYPT)) {
@@ -284,7 +278,7 @@ Mono encrypt(EncryptionAlgorithm algorithm, byte[] plaintext, Enc
"Encrypt Operation is missing permission/not supported for key with id %s", key.getId()))));
}
- return localKeyCryptographyClient.encryptAsync(algorithm, plaintext, options, context, key);
+ return localKeyCryptographyClient.encryptAsync(encryptOptions, context, key);
});
}
@@ -321,7 +315,7 @@ Mono encrypt(EncryptionAlgorithm algorithm, byte[] plaintext, Enc
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public Mono decrypt(EncryptionAlgorithm algorithm, byte[] cipherText) {
- return decrypt(algorithm, cipherText, null);
+ return decrypt(new DecryptOptions(algorithm, cipherText));
}
/**
@@ -346,33 +340,27 @@ public Mono decrypt(EncryptionAlgorithm algorithm, byte[] cipherT
* Code Samples
* Decrypts the encrypted content. Subscribes to the call asynchronously and prints out the decrypted content
* details when a response has been received.
- * {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.decrypt#EncryptionAlgorithm-byte-DecryptOptions}
+ * {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.decrypt#DecryptOptions}
*
- * @param algorithm The algorithm to be used for decryption.
- * @param cipherText The content to be decrypted.
- * @param options Optional parameters for the decryption operation.
+ * @param decryptOptions The parameters to use in the decryption operation.
* @return A {@link Mono} containing the decrypted blob.
* @throws ResourceNotFoundException If the key cannot be found for decryption.
* @throws UnsupportedOperationException If the decrypt operation is not supported or configured on the key.
* @throws NullPointerException If {@code algorithm} or {@code cipherText} are {@code null}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
- public Mono decrypt(EncryptionAlgorithm algorithm, byte[] cipherText, DecryptOptions options) {
+ public Mono decrypt(DecryptOptions decryptOptions) {
try {
- return withContext(context -> decrypt(algorithm, cipherText, options, context));
+ return withContext(context -> decrypt(decryptOptions, context));
} catch (RuntimeException ex) {
return monoError(logger, ex);
}
}
- Mono decrypt(EncryptionAlgorithm algorithm, byte[] cipherText, DecryptOptions options,
- Context context) {
- Objects.requireNonNull(algorithm, "Encryption algorithm cannot be null.");
- Objects.requireNonNull(cipherText, "Cipher text content to be decrypted cannot be null.");
-
+ Mono decrypt(DecryptOptions decryptOptions, Context context) {
return ensureValidKeyAvailable().flatMap(available -> {
if (!available) {
- return cryptographyServiceClient.decrypt(algorithm, cipherText, options, context);
+ return cryptographyServiceClient.decrypt(decryptOptions, context);
}
if (!checkKeyPermissions(this.key.getKeyOps(), KeyOperation.DECRYPT)) {
@@ -380,7 +368,7 @@ Mono decrypt(EncryptionAlgorithm algorithm, byte[] cipherText, De
"Decrypt Operation is not allowed for key with id %s", key.getId()))));
}
- return localKeyCryptographyClient.decryptAsync(algorithm, cipherText, options, context, key);
+ return localKeyCryptographyClient.decryptAsync(decryptOptions, context, key);
});
}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyClient.java
index b971a9fcf73a8..3e4c77f000cc6 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyClient.java
@@ -111,7 +111,7 @@ public Response getKeyWithResponse(Context context) {
* @throws NullPointerException If {@code algorithm} or {@code plainText} are {@code null}.
*/
public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plaintext, Context context) {
- return encrypt(algorithm, plaintext, null, context);
+ return encrypt(new EncryptOptions(algorithm, plaintext), context);
}
/**
@@ -172,11 +172,9 @@ public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plaintext) {
* Code Samples
* Encrypts the content. Subscribes to the call asynchronously and prints out the encrypted content details when
* a response has been received.
- * {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyClient.encrypt#EncryptionAlgorithm-byte-EncryptOptions-Context}
+ * {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyClient.encrypt#EncryptOptions-Context}
*
- * @param algorithm The algorithm to be used for encryption.
- * @param plaintext The content to be encrypted.
- * @param options Optional parameters for the encryption operation.
+ * @param encryptOptions The parameters to use in the encryption operation.
* @param context Additional context that is passed through the Http pipeline during the service call.
* @return The {@link EncryptResult} whose {@link EncryptResult#getCipherText() cipher text} contains the encrypted
* content.
@@ -184,9 +182,8 @@ public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plaintext) {
* @throws UnsupportedOperationException If the encrypt operation is not supported or configured on the key.
* @throws NullPointerException If {@code algorithm} or {@code plainText} are {@code null}.
*/
- public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plaintext, EncryptOptions options,
- Context context) {
- return client.encrypt(algorithm, plaintext, options, context).block();
+ public EncryptResult encrypt(EncryptOptions encryptOptions, Context context) {
+ return client.encrypt(encryptOptions, context).block();
}
/**
@@ -222,7 +219,7 @@ public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plaintext, En
* @throws NullPointerException If {@code algorithm} or {@code cipherText} are {@code null}.
*/
public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] cipherText, Context context) {
- return decrypt(algorithm, cipherText, null, context);
+ return decrypt(new DecryptOptions(algorithm, cipherText), context);
}
/**
@@ -257,7 +254,7 @@ public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] cipherText, C
* @throws NullPointerException If {@code algorithm} or {@code cipherText} are {@code null}.
*/
public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] cipherText) {
- return decrypt(algorithm, cipherText, Context.NONE);
+ return decrypt(new DecryptOptions(algorithm, cipherText), Context.NONE);
}
/**
@@ -282,20 +279,17 @@ public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] cipherText) {
* Code Samples
* Decrypts the encrypted content. Subscribes to the call asynchronously and prints out the decrypted content
* details when a response has been received.
- * {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyClient.decrypt#EncryptionAlgorithm-byte-DecryptOptions-Context}
+ * {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyClient.decrypt#DecryptOptions-Context}
*
- * @param algorithm The algorithm to be used for decryption.
- * @param cipherText The content to be decrypted.
- * @param options Optional parameters for the decryption operation.
+ * @param decryptOptions The parameters to use in the decryption operation.
* @param context Additional context that is passed through the Http pipeline during the service call.
* @return The decrypted blob.
* @throws ResourceNotFoundException If the key cannot be found for encryption.
* @throws UnsupportedOperationException If the decrypt operation is not supported or configured on the key.
* @throws NullPointerException If {@code algorithm} or {@code cipherText} are {@code null}.
*/
- public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] cipherText, DecryptOptions options,
- Context context) {
- return client.decrypt(algorithm, cipherText, options, context).block();
+ public DecryptResult decrypt(DecryptOptions decryptOptions, Context context) {
+ return client.decrypt(decryptOptions, context).block();
}
/**
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyServiceClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyServiceClient.java
index 2fe89007c5c59..c20507cd74afd 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyServiceClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyServiceClient.java
@@ -125,19 +125,17 @@ JsonWebKey transformSecretKey(SecretKey secretKey) throws JsonProcessingExceptio
return mapper.readValue(jsonString, JsonWebKey.class);
}
- Mono encrypt(EncryptionAlgorithm algorithm, byte[] plaintext, EncryptOptions options,
- Context context) {
- byte[] iv = null;
- byte[] authenticatedData = null;
-
- if (options != null) {
- iv = options.getIv();
- authenticatedData = options.getAdditionalAuthenticatedData();
- }
-
+ Mono encrypt(EncryptOptions encryptOptions, Context context) {
+ Objects.requireNonNull(encryptOptions, "'encryptOptions' cannot be null.");
+ Objects.requireNonNull(encryptOptions.getAlgorithm(), "Encryption algorithm cannot be null.");
+ Objects.requireNonNull(encryptOptions.getPlainText(), "Plain text content to be encrypted cannot be null.");
+
+ EncryptionAlgorithm algorithm = encryptOptions.getAlgorithm();
+ byte[] iv = encryptOptions.getIv();
+ byte[] authenticatedData = encryptOptions.getAdditionalAuthenticatedData();
KeyOperationParameters parameters = new KeyOperationParameters()
.setAlgorithm(algorithm)
- .setValue(plaintext)
+ .setValue(encryptOptions.getPlainText())
.setIv(iv)
.setAdditionalAuthenticatedData(authenticatedData);
context = context == null ? Context.NONE : context;
@@ -153,21 +151,18 @@ Mono encrypt(EncryptionAlgorithm algorithm, byte[] plaintext, Enc
Mono.just(new EncryptResult(keyOperationResultResponse.getValue().getResult(), algorithm, keyId)));
}
- Mono decrypt(EncryptionAlgorithm algorithm, byte[] cipherText, DecryptOptions options,
- Context context) {
- byte[] iv = null;
- byte[] additionalAuthenticatedData = null;
- byte[] authenticationTag = null;
-
- if (options != null) {
- iv = options.getIv();
- additionalAuthenticatedData = options.getAdditionalAuthenticatedData();
- authenticationTag = options.getAuthenticationTag();
- }
+ Mono decrypt(DecryptOptions decryptOptions, Context context) {
+ Objects.requireNonNull(decryptOptions, "'decryptOptions' cannot be null.");
+ Objects.requireNonNull(decryptOptions.getAlgorithm(), "Encryption algorithm cannot be null.");
+ Objects.requireNonNull(decryptOptions.getCipherText(), "Cipher text content to be decrypted cannot be null.");
+ EncryptionAlgorithm algorithm = decryptOptions.getAlgorithm();
+ byte[] iv = decryptOptions.getIv();
+ byte[] additionalAuthenticatedData = decryptOptions.getAdditionalAuthenticatedData();
+ byte[] authenticationTag = decryptOptions.getAuthenticationTag();
KeyOperationParameters parameters = new KeyOperationParameters()
.setAlgorithm(algorithm)
- .setValue(cipherText)
+ .setValue(decryptOptions.getCipherText())
.setIv(iv)
.setAdditionalAuthenticatedData(additionalAuthenticatedData)
.setAuthenticationTag(authenticationTag);
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/DecryptOptions.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/DecryptOptions.java
index 216c3d37269f0..37969353fe90a 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/DecryptOptions.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/DecryptOptions.java
@@ -3,59 +3,96 @@
package com.azure.security.keyvault.keys.cryptography;
-import com.fasterxml.jackson.annotation.JsonProperty;
+import com.azure.security.keyvault.keys.cryptography.models.EncryptionAlgorithm;
+
+import java.util.Objects;
/**
* A class containing various configuration parameters that can be applied when performing decryption operations.
*/
public class DecryptOptions {
+ /**
+ * The algorithm to be used for decryption.
+ */
+ final EncryptionAlgorithm algorithm;
+
+ /**
+ * The content to be decrypted.
+ */
+ final byte[] cipherText;
+
/**
* Initialization vector to be used in the decryption operation using a symmetric algorithm.
*/
- @JsonProperty(value = "iv")
- private final byte[] iv;
+ byte[] iv;
/**
* Get additional data to authenticate when performing decryption with an authenticated algorithm.
*/
- @JsonProperty(value = "aad")
- private final byte[] additionalAuthenticatedData;
+ byte[] additionalAuthenticatedData;
/**
* The tag to authenticate when performing decryption with an authenticated algorithm.
*/
- @JsonProperty(value = "tag")
- private final byte[] authenticationTag;
+ byte[] authenticationTag;
+
+ /**
+ * Factory method to create an instance of {@link AesCbcDecryptOptions} with the given parameters.
+ *
+ * @param algorithm The algorithm to be used for decryption.
+ * @param ciphertext The content to be decrypted.
+ * @return The {@link AesCbcDecryptOptions}.
+ */
+ public static AesCbcDecryptOptions createAesCbcOptions(EncryptionAlgorithm algorithm, byte[] ciphertext) {
+ return new AesCbcDecryptOptions(algorithm, ciphertext);
+ }
+
+ /**
+ * Factory method to create an instance of {@link AesGcmDecryptOptions} with the given parameters.
+ *
+ * @param algorithm The algorithm to be used for decryption.
+ * @param ciphertext The content to be decrypted.
+ * @param iv Initialization vector for the decryption operation.
+ * @return The {@link AesGcmDecryptOptions}.
+ */
+ public static AesGcmDecryptOptions createAesGcmOptions(EncryptionAlgorithm algorithm, byte[] ciphertext, byte[] iv) {
+ return new AesGcmDecryptOptions(algorithm, ciphertext, iv);
+ }
/**
* Creates an instance of {@link DecryptOptions} with the given parameters.
*
- * @param iv Initialization vector for symmetric algorithms.
- * @param additionalAuthenticatedData Additional data to authenticate but not encrypt/decrypt when using
- * authenticated crypto algorithms.
- * @param authenticationTag The tag to authenticate when performing decryption with an authenticated algorithm.
+ * @param algorithm The algorithm to be used for decryption.
+ * @param cipherText The content to be decrypted.
*/
- public DecryptOptions(byte[] iv, byte[] additionalAuthenticatedData, byte[] authenticationTag) {
- if (iv == null) {
- this.iv = null;
- } else {
- this.iv = new byte[iv.length];
- System.arraycopy(iv, 0, this.iv, 0, iv.length);
- }
+ DecryptOptions(EncryptionAlgorithm algorithm, byte[] cipherText) {
+ Objects.requireNonNull(algorithm, "'algorithm cannot be null'");
+ Objects.requireNonNull(cipherText, "'ciphertext' cannot be null");
- if (additionalAuthenticatedData == null) {
- this.additionalAuthenticatedData = null;
- } else {
- this.additionalAuthenticatedData = new byte[additionalAuthenticatedData.length];
- System.arraycopy(additionalAuthenticatedData, 0, this.additionalAuthenticatedData, 0,
- additionalAuthenticatedData.length);
- }
+ this.algorithm = algorithm;
+ this.cipherText = new byte[cipherText.length];
+ System.arraycopy(cipherText, 0, this.cipherText, 0, cipherText.length);
+ }
- if (authenticationTag == null) {
- this.authenticationTag = null;
+ /**
+ * The algorithm to be used for encryption.
+ *
+ * @return The algorithm to be used for encryption.
+ */
+ public EncryptionAlgorithm getAlgorithm() {
+ return algorithm;
+ }
+
+ /**
+ * Get the content to be encrypted.
+ *
+ * @return The content to be encrypted.
+ */
+ public byte[] getCipherText() {
+ if (cipherText == null) {
+ return null;
} else {
- this.authenticationTag = new byte[authenticationTag.length];
- System.arraycopy(authenticationTag, 0, this.authenticationTag, 0, authenticationTag.length);
+ return cipherText.clone();
}
}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EcKeyCryptographyClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EcKeyCryptographyClient.java
index 161792f7cabc4..89a18684f3304 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EcKeyCryptographyClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EcKeyCryptographyClient.java
@@ -6,7 +6,6 @@
import com.azure.core.util.Context;
import com.azure.core.util.logging.ClientLogger;
import com.azure.security.keyvault.keys.cryptography.models.DecryptResult;
-import com.azure.security.keyvault.keys.cryptography.models.EncryptionAlgorithm;
import com.azure.security.keyvault.keys.cryptography.models.EncryptResult;
import com.azure.security.keyvault.keys.cryptography.models.UnwrapResult;
import com.azure.security.keyvault.keys.cryptography.models.KeyWrapAlgorithm;
@@ -56,15 +55,13 @@ private KeyPair getKeyPair(JsonWebKey key) {
}
@Override
- Mono encryptAsync(EncryptionAlgorithm algorithm, byte[] plaintext, EncryptOptions options,
- Context context, JsonWebKey key) {
+ Mono encryptAsync(EncryptOptions options, Context context, JsonWebKey key) {
throw logger.logExceptionAsError(new UnsupportedOperationException(
"Encrypt operation is not supported for EC key"));
}
@Override
- Mono decryptAsync(EncryptionAlgorithm algorithm, byte[] cipherText, DecryptOptions options,
- Context context, JsonWebKey key) {
+ Mono decryptAsync(DecryptOptions options, Context context, JsonWebKey key) {
throw logger.logExceptionAsError(new UnsupportedOperationException(
"Decrypt operation is not supported for EC key"));
}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EncryptOptions.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EncryptOptions.java
index b9e53bb4c77c1..6bba15997fb74 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EncryptOptions.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EncryptOptions.java
@@ -3,50 +3,96 @@
package com.azure.security.keyvault.keys.cryptography;
-import com.fasterxml.jackson.annotation.JsonProperty;
+import com.azure.security.keyvault.keys.cryptography.models.EncryptionAlgorithm;
+
+import java.util.Objects;
/**
* A class containing various configuration parameters that can be applied when performing encryption operations.
*/
public class EncryptOptions {
+ /**
+ * The algorithm to be used for encryption.
+ */
+ final EncryptionAlgorithm algorithm;
+
+ /**
+ * The content to be encrypted.
+ */
+ final byte[] plainText;
+
/**
* Initialization vector to be used in the encryption operation using a symmetric algorithm.
*/
- @JsonProperty(value = "iv")
- private final byte[] iv;
+ byte[] iv;
/**
* Get additional data to authenticate when performing encryption with an authenticated algorithm.
*/
- @JsonProperty(value = "aad")
- private final byte[] additionalAuthenticatedData;
+ byte[] additionalAuthenticatedData;
+
+ /**
+ * Factory method to create an instance of {@link AesCbcEncryptOptions} with the given parameters.
+ *
+ * @param algorithm The algorithm to be used for encryption.
+ * @param plaintext The content to be encryption.
+ * @return The {@link AesCbcEncryptOptions}.
+ */
+ public static AesCbcEncryptOptions createAesCbcOptions(EncryptionAlgorithm algorithm, byte[] plaintext) {
+ return new AesCbcEncryptOptions(algorithm, plaintext);
+ }
+
+ /**
+ * Factory method to create an instance of {@link AesGcmEncryptOptions} with the given parameters.
+ *
+ * @param algorithm The algorithm to be used for encryption.
+ * @param plaintext The content to be encryption.
+ * @param iv Initialization vector for the encryption operation.
+ * @return The {@link AesGcmEncryptOptions}.
+ */
+ public static AesGcmEncryptOptions createAesGcmOptions(EncryptionAlgorithm algorithm, byte[] plaintext, byte[] iv) {
+ return new AesGcmEncryptOptions(algorithm, plaintext, iv);
+ }
/**
* Creates an instance of {@link EncryptOptions} with the given parameters.
*
- * @param iv Initialization vector for symmetric algorithms.
- * @param additionalAuthenticatedData Additional data to authenticate but not encrypt/decrypt when using
- * authenticated crypto algorithms.
+ * @param algorithm The algorithm to be used for encryption.
+ * @param plainText The content to be encrypted.
*/
- public EncryptOptions(byte[] iv, byte[] additionalAuthenticatedData) {
- if (iv == null) {
- this.iv = null;
- } else {
- this.iv = new byte[iv.length];
- System.arraycopy(iv, 0, this.iv, 0, iv.length);
- }
+ EncryptOptions(EncryptionAlgorithm algorithm, byte[] plainText) {
+ Objects.requireNonNull(algorithm, "'algorithm cannot be null'");
+ Objects.requireNonNull(plainText, "'plaintext' cannot be null");
- if (additionalAuthenticatedData == null) {
- this.additionalAuthenticatedData = null;
+ this.algorithm = algorithm;
+ this.plainText = new byte[plainText.length];
+ System.arraycopy(plainText, 0, this.plainText, 0, plainText.length);
+ }
+
+ /**
+ * The algorithm to be used for encryption.
+ *
+ * @return The algorithm to be used for encryption.
+ */
+ public EncryptionAlgorithm getAlgorithm() {
+ return algorithm;
+ }
+
+ /**
+ * Get the content to be encrypted.
+ *
+ * @return The content to be encrypted.
+ */
+ public byte[] getPlainText() {
+ if (plainText == null) {
+ return null;
} else {
- this.additionalAuthenticatedData = new byte[additionalAuthenticatedData.length];
- System.arraycopy(additionalAuthenticatedData, 0, this.additionalAuthenticatedData, 0,
- additionalAuthenticatedData.length);
+ return plainText.clone();
}
}
/**
- * Get the initialization vector to be used in the decryption operation using a symmetric algorithm.
+ * Get the initialization vector to be used in the encryption operation using a symmetric algorithm.
*
* @return The initialization vector.
*/
@@ -59,7 +105,7 @@ public byte[] getIv() {
}
/**
- * Get additional data to authenticate when performing decryption with an authenticated algorithm.
+ * Get additional data to authenticate when performing encryption with an authenticated algorithm.
*
* @return The additional authenticated data.
*/
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClient.java
index cafa9442e33b6..b8f174d1df5ef 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClient.java
@@ -98,18 +98,16 @@ public Mono encrypt(EncryptionAlgorithm algorithm, byte[] plainte
* Code Samples
* Encrypts the content. Subscribes to the call asynchronously and prints out the encrypted content details when
* a response has been received.
- * {@codesnippet com.azure.security.keyvault.keys.cryptography.LocalCryptographyAsyncClient.encrypt#EncryptionAlgorithm-byte-EncryptOptions}
+ * {@codesnippet com.azure.security.keyvault.keys.cryptography.LocalCryptographyAsyncClient.encrypt#EncryptOptions}
*
- * @param algorithm The algorithm to be used for encryption.
- * @param options Optional parameters for the encryption operation.
- * @param plaintext The content to be encrypted.
+ * @param encryptOptions The parameters to use in the encryption operation.
* @return A {@link Mono} containing a {@link EncryptResult} whose {@link EncryptResult#getCipherText() cipher text}
* contains the encrypted content.
* @throws UnsupportedOperationException if the encrypt operation is not supported or configured on the key.
* @throws NullPointerException if {@code algorithm} or {@code plainText} is null.
*/
- public Mono encrypt(EncryptionAlgorithm algorithm, byte[] plaintext, EncryptOptions options) {
- return cryptographyAsyncClient.encrypt(algorithm, plaintext, options);
+ public Mono encrypt(EncryptOptions encryptOptions) {
+ return cryptographyAsyncClient.encrypt(encryptOptions);
}
/**
@@ -168,17 +166,15 @@ public Mono decrypt(EncryptionAlgorithm algorithm, byte[] cipherT
* Code Samples
* Decrypts the encrypted content. Subscribes to the call asynchronously and prints out the decrypted content
* details when a response has been received.
- * {@codesnippet com.azure.security.keyvault.keys.cryptography.LocalCryptographyAsyncClient.decrypt#EncryptionAlgorithm-byte-DecryptOptions}
+ * {@codesnippet com.azure.security.keyvault.keys.cryptography.LocalCryptographyAsyncClient.decrypt#DecryptOptions}
*
- * @param algorithm The algorithm to be used for decryption.
- * @param options Optional parameters for the decryption operation.
- * @param cipherText The content to be decrypted.
+ * @param decryptOptions The parameters to use in the decryption operation.
* @return A {@link Mono} containing the decrypted blob.
* @throws UnsupportedOperationException if the decrypt operation is not supported or configured on the key.
* @throws NullPointerException if {@code algorithm} or {@code cipherText} is null.
*/
- public Mono decrypt(EncryptionAlgorithm algorithm, byte[] cipherText, DecryptOptions options) {
- return cryptographyAsyncClient.decrypt(algorithm, cipherText, options);
+ public Mono decrypt(DecryptOptions decryptOptions) {
+ return cryptographyAsyncClient.decrypt(decryptOptions);
}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClient.java
index 9f4d4466e51dc..0dc23643c0e34 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClient.java
@@ -94,18 +94,16 @@ public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plaintext) {
* Code Samples
* Encrypts the content. Subscribes to the call asynchronously and prints out the encrypted content details when
* a response has been received.
- * {@codesnippet com.azure.security.keyvault.keys.cryptography.LocalCryptographyClient.encrypt#EncryptionAlgorithm-byte-EncryptOptions}
+ * {@codesnippet com.azure.security.keyvault.keys.cryptography.LocalCryptographyClient.encrypt#EncryptOptions}
*
- * @param algorithm The algorithm to be used for encryption.
- * @param options Optional parameters for the encryption operation.
- * @param plaintext The content to be encrypted.
+ * @param encryptOptions The parameters to use in the encryption operation.
* @return The {@link EncryptResult} whose {@link EncryptResult#getCipherText() cipher text} contains the encrypted
* content.
* @throws UnsupportedOperationException if the encrypt operation is not supported or configured on the key.
* @throws NullPointerException if {@code algorithm} or {@code plainText} is null.
*/
- public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plaintext, EncryptOptions options) {
- return client.encrypt(algorithm, plaintext, options).block();
+ public EncryptResult encrypt(EncryptOptions encryptOptions) {
+ return client.encrypt(encryptOptions).block();
}
/**
@@ -164,17 +162,15 @@ public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] cipherText) {
* Code Samples
* Decrypts the encrypted content. Subscribes to the call asynchronously and prints out the decrypted content
* details when a response has been received.
- * {@codesnippet com.azure.security.keyvault.keys.cryptography.LocalCryptographyClient.decrypt#EncryptionAlgorithm-byte-DecryptOptions}
+ * {@codesnippet com.azure.security.keyvault.keys.cryptography.LocalCryptographyClient.decrypt#DecryptOptions}
*
- * @param algorithm The algorithm to be used for decryption.
- * @param options Optional parameters for the decryption operation.
- * @param cipherText The content to be decrypted.
+ * @param decryptOptions The parameters to use in the decryption operation.
* @return The decrypted blob.
* @throws UnsupportedOperationException if the decrypt operation is not supported or configured on the key.
* @throws NullPointerException if {@code algorithm} or {@code cipherText} is null.
*/
- public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] cipherText, DecryptOptions options) {
- return client.decrypt(algorithm, cipherText, options).block();
+ public DecryptResult decrypt(DecryptOptions decryptOptions) {
+ return client.decrypt(decryptOptions).block();
}
/**
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalKeyCryptographyClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalKeyCryptographyClient.java
index 4728c90a9a4df..83ce109bf0e44 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalKeyCryptographyClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalKeyCryptographyClient.java
@@ -5,7 +5,6 @@
import com.azure.core.util.Context;
import com.azure.security.keyvault.keys.cryptography.models.DecryptResult;
-import com.azure.security.keyvault.keys.cryptography.models.EncryptionAlgorithm;
import com.azure.security.keyvault.keys.cryptography.models.EncryptResult;
import com.azure.security.keyvault.keys.cryptography.models.UnwrapResult;
import com.azure.security.keyvault.keys.cryptography.models.KeyWrapAlgorithm;
@@ -27,11 +26,9 @@ abstract class LocalKeyCryptographyClient {
this.serviceClient = serviceClient;
}
- abstract Mono encryptAsync(EncryptionAlgorithm algorithm, byte[] plaintext,
- EncryptOptions options, Context context, JsonWebKey jsonWebKey);
+ abstract Mono encryptAsync(EncryptOptions encryptOptions, Context context, JsonWebKey jsonWebKey);
- abstract Mono decryptAsync(EncryptionAlgorithm algorithm, byte[] cipherText,
- DecryptOptions options, Context context, JsonWebKey jsonWebKey);
+ abstract Mono decryptAsync(DecryptOptions decryptOptions, Context context, JsonWebKey jsonWebKey);
abstract Mono signAsync(SignatureAlgorithm algorithm, byte[] digest, Context context, JsonWebKey key);
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/RsaKeyCryptographyClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/RsaKeyCryptographyClient.java
index 3cd4a3ef0c504..d39a9cb562fbc 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/RsaKeyCryptographyClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/RsaKeyCryptographyClient.java
@@ -25,6 +25,7 @@
import java.security.KeyPair;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
+import java.util.Objects;
class RsaKeyCryptographyClient extends LocalKeyCryptographyClient {
private KeyPair keyPair;
@@ -52,16 +53,20 @@ private KeyPair getKeyPair(JsonWebKey key) {
}
@Override
- Mono encryptAsync(EncryptionAlgorithm algorithm, byte[] plaintext, EncryptOptions options,
- Context context, JsonWebKey jsonWebKey) {
+ Mono encryptAsync(EncryptOptions encryptOptions, Context context, JsonWebKey jsonWebKey) {
+ Objects.requireNonNull(encryptOptions, "'encryptOptions' cannot be null.");
+ Objects.requireNonNull(encryptOptions.getAlgorithm(), "Encryption algorithm cannot be null.");
+ Objects.requireNonNull(encryptOptions.plainText, "Plain text content to be encrypted cannot be null.");
+
keyPair = getKeyPair(jsonWebKey);
// Interpret the requested algorithm
+ EncryptionAlgorithm algorithm = encryptOptions.getAlgorithm();
Algorithm baseAlgorithm = AlgorithmResolver.Default.get(algorithm.toString());
if (baseAlgorithm == null) {
if (serviceCryptoAvailable()) {
- return serviceClient.encrypt(algorithm, plaintext, options, context);
+ return serviceClient.encrypt(encryptOptions, context);
}
return Mono.error(new NoSuchAlgorithmException(algorithm.toString()));
} else if (!(baseAlgorithm instanceof AsymmetricEncryptionAlgorithm)) {
@@ -70,7 +75,7 @@ Mono encryptAsync(EncryptionAlgorithm algorithm, byte[] plaintext
if (keyPair.getPublic() == null) {
if (serviceCryptoAvailable()) {
- return serviceClient.encrypt(algorithm, plaintext, options, context);
+ return serviceClient.encrypt(encryptOptions, context);
}
return Mono.error(new IllegalArgumentException(
"Public portion of the key not available to perform encrypt operation"));
@@ -82,7 +87,8 @@ Mono encryptAsync(EncryptionAlgorithm algorithm, byte[] plaintext
try {
transform = algo.createEncryptor(keyPair);
- return Mono.just(new EncryptResult(transform.doFinal(plaintext), algorithm, jsonWebKey.getId()));
+ return Mono.just(new EncryptResult(transform.doFinal(encryptOptions.getPlainText()), algorithm,
+ jsonWebKey.getId()));
} catch (InvalidKeyException
| NoSuchAlgorithmException
| NoSuchPaddingException
@@ -93,15 +99,20 @@ Mono encryptAsync(EncryptionAlgorithm algorithm, byte[] plaintext
}
@Override
- Mono decryptAsync(EncryptionAlgorithm algorithm, byte[] cipherText, DecryptOptions options,
- Context context, JsonWebKey jsonWebKey) {
+ Mono decryptAsync(DecryptOptions decryptOptions, Context context, JsonWebKey jsonWebKey) {
+ Objects.requireNonNull(decryptOptions, "'decryptOptions' cannot be null.");
+ Objects.requireNonNull(decryptOptions.getAlgorithm(), "Encryption algorithm cannot be null.");
+ Objects.requireNonNull(decryptOptions.getCipherText(), "Cipher text content to be decrypted cannot be null.");
+
keyPair = getKeyPair(jsonWebKey);
+ // Interpret the requested algorithm
+ EncryptionAlgorithm algorithm = decryptOptions.getAlgorithm();
Algorithm baseAlgorithm = AlgorithmResolver.Default.get(algorithm.toString());
if (baseAlgorithm == null) {
if (serviceCryptoAvailable()) {
- return serviceClient.decrypt(algorithm, cipherText, options, context);
+ return serviceClient.decrypt(decryptOptions, context);
}
return Mono.error(new NoSuchAlgorithmException(algorithm.toString()));
} else if (!(baseAlgorithm instanceof AsymmetricEncryptionAlgorithm)) {
@@ -110,7 +121,7 @@ Mono decryptAsync(EncryptionAlgorithm algorithm, byte[] cipherTex
if (keyPair.getPrivate() == null) {
if (serviceCryptoAvailable()) {
- return serviceClient.decrypt(algorithm, cipherText, options, context);
+ return serviceClient.decrypt(decryptOptions, context);
}
return Mono.error(new IllegalArgumentException(
"Private portion of the key not available to perform decrypt operation"));
@@ -122,7 +133,8 @@ Mono decryptAsync(EncryptionAlgorithm algorithm, byte[] cipherTex
try {
transform = algo.createDecryptor(keyPair);
- return Mono.just(new DecryptResult(transform.doFinal(cipherText), algorithm, jsonWebKey.getId()));
+ return Mono.just(new DecryptResult(transform.doFinal(decryptOptions.getCipherText()), algorithm,
+ jsonWebKey.getId()));
} catch (InvalidKeyException
| NoSuchAlgorithmException
| NoSuchPaddingException
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/SymmetricKeyCryptographyClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/SymmetricKeyCryptographyClient.java
index e4454ac6280ae..37e542b69c3b5 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/SymmetricKeyCryptographyClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/SymmetricKeyCryptographyClient.java
@@ -19,6 +19,7 @@
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
+import java.util.Objects;
class SymmetricKeyCryptographyClient extends LocalKeyCryptographyClient {
private final ClientLogger logger = new ClientLogger(SymmetricKeyCryptographyClient.class);
@@ -47,8 +48,11 @@ private byte[] getKey(JsonWebKey key) {
}
@Override
- Mono encryptAsync(EncryptionAlgorithm algorithm, byte[] plaintext, EncryptOptions options,
- Context context, JsonWebKey jsonWebKey) {
+ Mono encryptAsync(EncryptOptions encryptOptions, Context context, JsonWebKey jsonWebKey) {
+ Objects.requireNonNull(encryptOptions, "'encryptOptions' cannot be null.");
+ Objects.requireNonNull(encryptOptions.getAlgorithm(), "Encryption algorithm cannot be null.");
+ Objects.requireNonNull(encryptOptions.plainText, "Plain text content to be encrypted cannot be null.");
+
this.key = getKey(jsonWebKey);
if (key == null || key.length == 0) {
@@ -56,6 +60,7 @@ Mono encryptAsync(EncryptionAlgorithm algorithm, byte[] plaintext
}
// Interpret the algorithm
+ EncryptionAlgorithm algorithm = encryptOptions.getAlgorithm();
Algorithm baseAlgorithm = AlgorithmResolver.Default.get(algorithm.toString());
if (!(baseAlgorithm instanceof SymmetricEncryptionAlgorithm)) {
@@ -66,13 +71,8 @@ Mono encryptAsync(EncryptionAlgorithm algorithm, byte[] plaintext
ICryptoTransform transform;
- byte[] iv = null;
- byte[] additionalAuthenticatedData = null;
-
- if (options != null) {
- iv = options.getIv();
- additionalAuthenticatedData = options.getAdditionalAuthenticatedData();
- }
+ byte[] iv = encryptOptions.getIv();
+ byte[] additionalAuthenticatedData = encryptOptions.getAdditionalAuthenticatedData();
if (iv == null) {
if (algorithm == EncryptionAlgorithm.A128GCM || algorithm == EncryptionAlgorithm.A192GCM
@@ -96,7 +96,7 @@ Mono encryptAsync(EncryptionAlgorithm algorithm, byte[] plaintext
byte[] encrypted;
try {
- encrypted = transform.doFinal(plaintext);
+ encrypted = transform.doFinal(encryptOptions.getPlainText());
} catch (Exception e) {
return Mono.error(e);
}
@@ -105,8 +105,11 @@ Mono encryptAsync(EncryptionAlgorithm algorithm, byte[] plaintext
}
@Override
- Mono decryptAsync(EncryptionAlgorithm algorithm, byte[] cipherText, DecryptOptions options,
- Context context, JsonWebKey jsonWebKey) {
+ Mono decryptAsync(DecryptOptions decryptOptions, Context context, JsonWebKey jsonWebKey) {
+ Objects.requireNonNull(decryptOptions, "'decryptOptions' cannot be null.");
+ Objects.requireNonNull(decryptOptions.getAlgorithm(), "Encryption algorithm cannot be null.");
+ Objects.requireNonNull(decryptOptions.getCipherText(), "Cipher text content to be decrypted cannot be null.");
+
this.key = getKey(jsonWebKey);
if (key == null || key.length == 0) {
@@ -114,6 +117,7 @@ Mono decryptAsync(EncryptionAlgorithm algorithm, byte[] cipherTex
}
// Interpret the algorithm
+ EncryptionAlgorithm algorithm = decryptOptions.getAlgorithm();
Algorithm baseAlgorithm = AlgorithmResolver.Default.get(algorithm.toString());
if (!(baseAlgorithm instanceof SymmetricEncryptionAlgorithm)) {
@@ -124,15 +128,9 @@ Mono decryptAsync(EncryptionAlgorithm algorithm, byte[] cipherTex
ICryptoTransform transform;
- byte[] iv = null;
- byte[] additionalAuthenticatedData = null;
- byte[] authenticationTag = null;
-
- if (options != null) {
- iv = options.getIv();
- additionalAuthenticatedData = options.getAdditionalAuthenticatedData();
- authenticationTag = options.getAuthenticationTag();
- }
+ byte[] iv = decryptOptions.getIv();
+ byte[] additionalAuthenticatedData = decryptOptions.getAdditionalAuthenticatedData();
+ byte[] authenticationTag = decryptOptions.getAuthenticationTag();
if (iv == null) {
if (algorithm == EncryptionAlgorithm.A128GCM || algorithm == EncryptionAlgorithm.A192GCM
@@ -156,7 +154,7 @@ Mono decryptAsync(EncryptionAlgorithm algorithm, byte[] cipherTex
byte[] decrypted;
try {
- decrypted = transform.doFinal(cipherText);
+ decrypted = transform.doFinal(decryptOptions.getCipherText());
} catch (Exception e) {
return Mono.error(e);
}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/CryptographyAsyncClientJavaDocCodeSnippets.java b/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/CryptographyAsyncClientJavaDocCodeSnippets.java
index 42a5a692e8692..44ceb5cbbec62 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/CryptographyAsyncClientJavaDocCodeSnippets.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/CryptographyAsyncClientJavaDocCodeSnippets.java
@@ -107,7 +107,7 @@ public void getKeySnippets() {
/**
* Generates code samples for using {@link CryptographyAsyncClient#encrypt(EncryptionAlgorithm, byte[])} and
- * {@link CryptographyAsyncClient#encrypt(EncryptionAlgorithm, byte[], EncryptOptions)}.
+ * {@link CryptographyAsyncClient#encrypt(EncryptOptions)}.
*/
public void encrypt() {
CryptographyAsyncClient cryptographyAsyncClient = createAsyncClient();
@@ -123,7 +123,7 @@ public void encrypt() {
encryptResult.getCipherText().length, encryptResult.getAlgorithm().toString()));
// END: com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.encrypt#EncryptionAlgorithm-byte
- // BEGIN: com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.encrypt#EncryptionAlgorithm-byte-EncryptOptions
+ // BEGIN: com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.encrypt#EncryptOptions
byte[] plainTextBytes = new byte[100];
new Random(0x1234567L).nextBytes(plainTextBytes);
@@ -133,19 +133,20 @@ public void encrypt() {
(byte) 0xd8, (byte) 0x66, (byte) 0x94, (byte) 0x09, (byte) 0x23, (byte) 0x41, (byte) 0xbc, (byte) 0x04
};
- EncryptOptions encryptOptions = new AesCbcEncryptOptions(iv);
+ EncryptOptions encryptOptions = EncryptOptions.createAesCbcOptions(EncryptionAlgorithm.A128CBC, plainTextBytes)
+ .setIv(iv);
- cryptographyAsyncClient.encrypt(EncryptionAlgorithm.A128CBC, plainTextBytes, encryptOptions)
+ cryptographyAsyncClient.encrypt(encryptOptions)
.subscriberContext(reactor.util.context.Context.of(key1, value1, key2, value2))
.subscribe(encryptResult ->
System.out.printf("Received encrypted content of length %d with algorithm %s \n",
encryptResult.getCipherText().length, encryptResult.getAlgorithm().toString()));
- // END: com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.encrypt#EncryptionAlgorithm-byte-EncryptOptions
+ // END: com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.encrypt#EncryptOptions
}
/**
* Generates code samples for using {@link CryptographyAsyncClient#decrypt(EncryptionAlgorithm, byte[])} and
- * {@link CryptographyAsyncClient#decrypt(EncryptionAlgorithm, byte[], DecryptOptions)}.
+ * {@link CryptographyAsyncClient#decrypt(DecryptOptions)}.
*/
public void decrypt() {
CryptographyAsyncClient cryptographyAsyncClient = createAsyncClient();
@@ -161,7 +162,7 @@ public void decrypt() {
System.out.printf("Received decrypted content of length %d\n", decryptResult.getPlainText().length));
// END: com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.decrypt#EncryptionAlgorithm-byte
- // BEGIN: com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.decrypt#EncryptionAlgorithm-byte-DecryptOptions
+ // BEGIN: com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.decrypt#DecryptOptions
byte[] cipherTextBytes = new byte[100];
new Random(0x1234567L).nextBytes(cipherTextBytes);
@@ -171,13 +172,14 @@ public void decrypt() {
(byte) 0xd8, (byte) 0x66, (byte) 0x94, (byte) 0x09, (byte) 0x23, (byte) 0x41, (byte) 0xbc, (byte) 0x04
};
- DecryptOptions decryptOptions = new AesCbcDecryptOptions(iv);
+ DecryptOptions decryptOptions = DecryptOptions.createAesCbcOptions(EncryptionAlgorithm.A128CBC, cipherTextBytes)
+ .setIv(iv);
- cryptographyAsyncClient.decrypt(EncryptionAlgorithm.A128CBC, cipherTextBytes, decryptOptions)
+ cryptographyAsyncClient.decrypt(decryptOptions)
.subscriberContext(reactor.util.context.Context.of(key1, value1, key2, value2))
.subscribe(decryptResult ->
System.out.printf("Received decrypted content of length %d\n", decryptResult.getPlainText().length));
- // END: com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.decrypt#EncryptionAlgorithm-byte-DecryptOptions
+ // END: com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.decrypt#DecryptOptions
}
/**
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/CryptographyClientJavaDocCodeSnippets.java b/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/CryptographyClientJavaDocCodeSnippets.java
index 0f3c99d25a4a9..81bad71313290 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/CryptographyClientJavaDocCodeSnippets.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/CryptographyClientJavaDocCodeSnippets.java
@@ -71,7 +71,7 @@ public void getKeySnippets() {
/**
* Generates a code sample for using {@link CryptographyClient#encrypt(EncryptionAlgorithm, byte[])},
* {@link CryptographyClient#encrypt(EncryptionAlgorithm, byte[], Context)} and
- * {@link CryptographyClient#encrypt(EncryptionAlgorithm, byte[], EncryptOptions, Context)}.
+ * {@link CryptographyClient#encrypt(EncryptOptions, Context)}.
*/
public void encrypt() {
CryptographyClient cryptographyClient = createClient();
@@ -99,7 +99,7 @@ public void encrypt() {
encryptionResult.getCipherText().length, encryptionResult.getAlgorithm().toString());
// END: com.azure.security.keyvault.keys.cryptography.CryptographyClient.encrypt#EncryptionAlgorithm-byte-Context
- // BEGIN: com.azure.security.keyvault.keys.cryptography.CryptographyClient.encrypt#EncryptionAlgorithm-byte-EncryptOptions-Context
+ // BEGIN: com.azure.security.keyvault.keys.cryptography.CryptographyClient.encrypt#EncryptOptions-Context
byte[] myPlainText = new byte[100];
new Random(0x1234567L).nextBytes(myPlainText);
@@ -109,20 +109,20 @@ public void encrypt() {
(byte) 0xd8, (byte) 0x66, (byte) 0x94, (byte) 0x09, (byte) 0x23, (byte) 0x41, (byte) 0xbc, (byte) 0x04
};
- EncryptOptions encryptOptions = new AesCbcEncryptOptions(iv);
+ EncryptOptions encryptOptions = EncryptOptions.createAesCbcOptions(EncryptionAlgorithm.A128CBC, myPlainText)
+ .setIv(iv);
- EncryptResult encryptedResult = cryptographyClient.encrypt(EncryptionAlgorithm.A128CBC, myPlainText,
- encryptOptions, new Context(key1, value1));
+ EncryptResult encryptedResult = cryptographyClient.encrypt(encryptOptions, new Context(key1, value1));
System.out.printf("Received encrypted content of length %d with algorithm %s \n",
encryptedResult.getCipherText().length, encryptedResult.getAlgorithm().toString());
- // END: com.azure.security.keyvault.keys.cryptography.CryptographyClient.encrypt#EncryptionAlgorithm-byte-EncryptOptions-Context
+ // END: com.azure.security.keyvault.keys.cryptography.CryptographyClient.encrypt#EncryptOptions-Context
}
/**
* Generates a code sample for using {@link CryptographyClient#decrypt(EncryptionAlgorithm, byte[])},
* {@link CryptographyClient#decrypt(EncryptionAlgorithm, byte[], Context)} and
- * {@link CryptographyClient#decrypt(EncryptionAlgorithm, byte[], DecryptOptions, Context)}.
+ * {@link CryptographyClient#decrypt(DecryptOptions, Context)}.
*/
public void decrypt() {
CryptographyClient cryptographyClient = createClient();
@@ -148,7 +148,7 @@ public void decrypt() {
System.out.printf("Received decrypted content of length %d\n", decryptionResult.getPlainText().length);
// END: com.azure.security.keyvault.keys.cryptography.CryptographyClient.decrypt#EncryptionAlgorithm-byte-Context
- // BEGIN: com.azure.security.keyvault.keys.cryptography.CryptographyClient.decrypt#EncryptionAlgorithm-byte-DecryptOptions-Context
+ // BEGIN: com.azure.security.keyvault.keys.cryptography.CryptographyClient.decrypt#DecryptOptions-Context
byte[] myCipherText = new byte[100];
new Random(0x1234567L).nextBytes(myCipherText);
@@ -158,13 +158,13 @@ public void decrypt() {
(byte) 0xd8, (byte) 0x66, (byte) 0x94, (byte) 0x09, (byte) 0x23, (byte) 0x41, (byte) 0xbc, (byte) 0x04
};
- DecryptOptions decryptOptions = new AesCbcDecryptOptions(iv);
+ DecryptOptions decryptOptions = DecryptOptions.createAesCbcOptions(EncryptionAlgorithm.A128CBC, myCipherText)
+ .setIv(iv);
- DecryptResult decryptedResult = cryptographyClient.decrypt(EncryptionAlgorithm.A128CBC, myCipherText,
- decryptOptions, new Context(key1, value1));
+ DecryptResult decryptedResult = cryptographyClient.decrypt(decryptOptions, new Context(key1, value1));
System.out.printf("Received decrypted content of length %d\n", decryptedResult.getPlainText().length);
- // END: com.azure.security.keyvault.keys.cryptography.CryptographyClient.decrypt#EncryptionAlgorithm-byte-DecryptOptions-Context
+ // END: com.azure.security.keyvault.keys.cryptography.CryptographyClient.decrypt#DecryptOptions-Context
}
/**
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClientJavaDocCodeSnippets.java b/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClientJavaDocCodeSnippets.java
index 5413d14a7fb41..6c870639ffd5d 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClientJavaDocCodeSnippets.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClientJavaDocCodeSnippets.java
@@ -55,21 +55,22 @@ public void encrypt() {
encryptResult.getCipherText().length, encryptResult.getAlgorithm().toString()));
// END: com.azure.security.keyvault.keys.cryptography.LocalCryptographyAsyncClient.encrypt#EncryptionAlgorithm-byte
- // BEGIN: com.azure.security.keyvault.keys.cryptography.LocalCryptographyAsyncClient.encrypt#EncryptionAlgorithm-byte-EncryptOptions
+ // BEGIN: com.azure.security.keyvault.keys.cryptography.LocalCryptographyAsyncClient.encrypt#EncryptOptions
byte[] plainTextBytes = new byte[100];
new Random(0x1234567L).nextBytes(plainTextBytes);
byte[] iv = {
(byte) 0x1a, (byte) 0xf3, (byte) 0x8c, (byte) 0x2d, (byte) 0xc2, (byte) 0xb9, (byte) 0x6f, (byte) 0xfd,
(byte) 0xd8, (byte) 0x66, (byte) 0x94, (byte) 0x09, (byte) 0x23, (byte) 0x41, (byte) 0xbc, (byte) 0x04
};
- EncryptOptions encryptOptions = new AesCbcEncryptOptions(iv);
+ EncryptOptions encryptOptions = EncryptOptions.createAesCbcOptions(EncryptionAlgorithm.A128CBC, plainTextBytes)
+ .setIv(iv);
- cryptographyAsyncClient.encrypt(EncryptionAlgorithm.A128CBC, plainTextBytes, encryptOptions)
+ cryptographyAsyncClient.encrypt(encryptOptions)
.subscriberContext(reactor.util.context.Context.of(key1, value1, key2, value2))
.subscribe(encryptResult ->
System.out.printf("Received encrypted content of length %d with algorithm %s \n",
encryptResult.getCipherText().length, encryptResult.getAlgorithm().toString()));
- // END: com.azure.security.keyvault.keys.cryptography.LocalCryptographyAsyncClient.encrypt#EncryptionAlgorithm-byte-EncryptOptions
+ // END: com.azure.security.keyvault.keys.cryptography.LocalCryptographyAsyncClient.encrypt#EncryptOptions
}
/**
@@ -87,20 +88,21 @@ public void decrypt() {
System.out.printf("Received decrypted content of length %d\n", decryptResult.getPlainText().length));
// END: com.azure.security.keyvault.keys.cryptography.LocalCryptographyAsyncClient.decrypt#EncryptionAlgorithm-byte
- // BEGIN: com.azure.security.keyvault.keys.cryptography.LocalCryptographyAsyncClient.decrypt#EncryptionAlgorithm-byte-DecryptOptions
+ // BEGIN: com.azure.security.keyvault.keys.cryptography.LocalCryptographyAsyncClient.decrypt#DecryptOptions
byte[] plainTextBytes = new byte[100];
new Random(0x1234567L).nextBytes(plainTextBytes);
byte[] iv = {
(byte) 0x1a, (byte) 0xf3, (byte) 0x8c, (byte) 0x2d, (byte) 0xc2, (byte) 0xb9, (byte) 0x6f, (byte) 0xfd,
(byte) 0xd8, (byte) 0x66, (byte) 0x94, (byte) 0x09, (byte) 0x23, (byte) 0x41, (byte) 0xbc, (byte) 0x04
};
- DecryptOptions decryptOptions = new AesCbcDecryptOptions(iv);
+ DecryptOptions decryptOptions = DecryptOptions.createAesCbcOptions(EncryptionAlgorithm.A128CBC, plainTextBytes)
+ .setIv(iv);
- cryptographyAsyncClient.decrypt(EncryptionAlgorithm.A128CBC, plainTextBytes, decryptOptions)
+ cryptographyAsyncClient.decrypt(decryptOptions)
.subscriberContext(reactor.util.context.Context.of(key1, value1, key2, value2))
.subscribe(decryptResult ->
System.out.printf("Received decrypted content of length %d\n", decryptResult.getPlainText().length));
- // END: com.azure.security.keyvault.keys.cryptography.LocalCryptographyAsyncClient.decrypt#EncryptionAlgorithm-byte-DecryptOptions
+ // END: com.azure.security.keyvault.keys.cryptography.LocalCryptographyAsyncClient.decrypt#DecryptOptions
}
/**
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClientJavaDocCodeSnippets.java b/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClientJavaDocCodeSnippets.java
index a47687559d1f5..8d4d12818f96c 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClientJavaDocCodeSnippets.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClientJavaDocCodeSnippets.java
@@ -58,20 +58,20 @@ public void encrypt() {
encryptResult.getCipherText().length, encryptResult.getAlgorithm().toString());
// END: com.azure.security.keyvault.keys.cryptography.LocalCryptographyClient.encrypt#EncryptionAlgorithm-byte
- // BEGIN: com.azure.security.keyvault.keys.cryptography.LocalCryptographyClient.encrypt#EncryptionAlgorithm-byte-EncryptOptions
+ // BEGIN: com.azure.security.keyvault.keys.cryptography.LocalCryptographyClient.encrypt#EncryptOptions
byte[] plainTextBytes = new byte[100];
new Random(0x1234567L).nextBytes(plainTextBytes);
byte[] iv = {
(byte) 0x1a, (byte) 0xf3, (byte) 0x8c, (byte) 0x2d, (byte) 0xc2, (byte) 0xb9, (byte) 0x6f, (byte) 0xfd,
(byte) 0xd8, (byte) 0x66, (byte) 0x94, (byte) 0x09, (byte) 0x23, (byte) 0x41, (byte) 0xbc, (byte) 0x04
};
- EncryptOptions encryptOptions = new AesCbcEncryptOptions(iv);
- EncryptResult encryptedResult = cryptographyClient.encrypt(EncryptionAlgorithm.RSA_OAEP, plainTextBytes,
- encryptOptions);
+ EncryptOptions encryptOptions = EncryptOptions.createAesCbcOptions(EncryptionAlgorithm.RSA_OAEP, plainTextBytes)
+ .setIv(iv);
+ EncryptResult encryptedResult = cryptographyClient.encrypt(encryptOptions);
System.out.printf("Received encrypted content of length %d with algorithm %s \n",
encryptedResult.getCipherText().length, encryptedResult.getAlgorithm().toString());
- // END: com.azure.security.keyvault.keys.cryptography.LocalCryptographyClient.encrypt#EncryptionAlgorithm-byte-EncryptOptions
+ // END: com.azure.security.keyvault.keys.cryptography.LocalCryptographyClient.encrypt#EncryptOptions
}
/**
@@ -88,18 +88,18 @@ public void decrypt() {
System.out.printf("Received decrypted content of length %d\n", decryptResult.getPlainText().length);
// END: com.azure.security.keyvault.keys.cryptography.LocalCryptographyClient.decrypt#EncryptionAlgorithm-byte
- // BEGIN: com.azure.security.keyvault.keys.cryptography.LocalCryptographyClient.decrypt#EncryptionAlgorithm-byte-DecryptOptions
+ // BEGIN: com.azure.security.keyvault.keys.cryptography.LocalCryptographyClient.decrypt#DecryptOptions
byte[] encryptedBytes = new byte[100];
byte[] iv = {
(byte) 0x1a, (byte) 0xf3, (byte) 0x8c, (byte) 0x2d, (byte) 0xc2, (byte) 0xb9, (byte) 0x6f, (byte) 0xfd,
(byte) 0xd8, (byte) 0x66, (byte) 0x94, (byte) 0x09, (byte) 0x23, (byte) 0x41, (byte) 0xbc, (byte) 0x04
};
- DecryptOptions decryptOptions = new AesCbcDecryptOptions(iv);
- DecryptResult decryptedResult = cryptographyClient.decrypt(EncryptionAlgorithm.A128CBC, encryptedBytes,
- decryptOptions);
+ DecryptOptions decryptOptions = DecryptOptions.createAesCbcOptions(EncryptionAlgorithm.A128CBC, encryptedBytes)
+ .setIv(iv);
+ DecryptResult decryptedResult = cryptographyClient.decrypt(decryptOptions);
System.out.printf("Received decrypted content of length %d\n", decryptedResult.getPlainText().length);
- // END: com.azure.security.keyvault.keys.cryptography.LocalCryptographyClient.decrypt#EncryptionAlgorithm-byte-DecryptOptions
+ // END: com.azure.security.keyvault.keys.cryptography.LocalCryptographyClient.decrypt#DecryptOptions
}
/**
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/CryptographyClientTest.java b/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/CryptographyClientTest.java
index c29cef3c56dca..fa6a8177e6ca0 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/CryptographyClientTest.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/CryptographyClientTest.java
@@ -81,12 +81,13 @@ public void encryptDecryptRsa(HttpClient httpClient, CryptographyServiceVersion
byte[] plainText = new byte[100];
new Random(0x1234567L).nextBytes(plainText);
byte[] cipherText = cryptoClient.encrypt(algorithm, plainText).getCipherText();
- byte[] decryptedText =
- serviceClient.decrypt(algorithm, cipherText, null, Context.NONE).block().getPlainText();
+ byte[] decryptedText = serviceClient.decrypt(new DecryptOptions(algorithm, cipherText), Context.NONE)
+ .block().getPlainText();
assertArrayEquals(decryptedText, plainText);
- cipherText = serviceClient.encrypt(algorithm, plainText, null, Context.NONE).block().getCipherText();
+ cipherText = serviceClient.encrypt(new EncryptOptions(algorithm, plainText), Context.NONE)
+ .block().getCipherText();
decryptedText = cryptoClient.decrypt(algorithm, cipherText).getPlainText();
assertArrayEquals(decryptedText, plainText);
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClientTestBase.java b/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClientTestBase.java
index d5535637a6b3c..04070cadad586 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClientTestBase.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClientTestBase.java
@@ -112,12 +112,13 @@ static void encryptDecryptAesCbc(int keySize, EncryptionAlgorithm algorithm) thr
byte[] plaintext = "My16BitPlaintext".getBytes();
byte[] iv = "My16BytesTestIv.".getBytes();
LocalCryptographyClient localCryptographyClient = initializeCryptographyClient(getTestJsonWebKey(keySize));
- EncryptOptions encryptOptions = new AesCbcEncryptOptions(iv);
+ EncryptOptions encryptOptions = EncryptOptions.createAesCbcOptions(algorithm, plaintext).setIv(iv);
EncryptResult encryptResult =
- localCryptographyClient.encrypt(algorithm, plaintext, encryptOptions);
- DecryptOptions decryptOptions = new AesCbcDecryptOptions(iv);
+ localCryptographyClient.encrypt(encryptOptions);
+ DecryptOptions decryptOptions = DecryptOptions.createAesCbcOptions(algorithm, encryptResult.getCipherText())
+ .setIv(iv);
DecryptResult decryptResult =
- localCryptographyClient.decrypt(algorithm, encryptResult.getCipherText(), decryptOptions);
+ localCryptographyClient.decrypt(decryptOptions);
assertArrayEquals(plaintext, decryptResult.getPlainText());
}
@@ -126,16 +127,17 @@ static void encryptDecryptAesGcm(int keySize, EncryptionAlgorithm algorithm) thr
byte[] plaintext = "My16BitPlaintext".getBytes();
byte[] iv = "My12BytesIv.".getBytes();
LocalCryptographyClient localCryptographyClient = initializeCryptographyClient(getTestJsonWebKey(keySize));
- EncryptOptions encryptOptions = new AesGcmEncryptOptions(iv, null);
+ EncryptOptions encryptOptions = EncryptOptions.createAesGcmOptions(algorithm, plaintext, iv);
EncryptResult encryptResult =
- localCryptographyClient.encrypt(algorithm, plaintext, encryptOptions);
+ localCryptographyClient.encrypt(encryptOptions);
byte[] authenticationTag = new byte[12];
System.arraycopy(encryptResult.getCipherText(), 0, authenticationTag, 0, authenticationTag.length);
- DecryptOptions decryptOptions = new AesGcmDecryptOptions(iv, null, authenticationTag);
+ DecryptOptions decryptOptions = DecryptOptions.createAesGcmOptions(algorithm, encryptResult.getCipherText(), iv)
+ .setAuthenticationTag(authenticationTag);
DecryptResult decryptResult =
- localCryptographyClient.decrypt(algorithm, encryptResult.getCipherText(), decryptOptions);
+ localCryptographyClient.decrypt(decryptOptions);
assertArrayEquals(plaintext, decryptResult.getPlainText());
}
From 8b937512b6060605f73c8980c6bb7e227e786f2c Mon Sep 17 00:00:00 2001
From: Victor Colin Amador
Date: Thu, 12 Nov 2020 10:13:10 -0800
Subject: [PATCH 10/15] Fixed build issues.
---
.../main/resources/spotbugs/spotbugs-exclude.xml | 4 ++--
.../keys/cryptography/CryptographyAsyncClient.java | 6 ++++--
.../keys/cryptography/CryptographyClient.java | 8 +++++---
.../cryptography/CryptographyServiceClient.java | 2 ++
.../keys/cryptography/EcKeyCryptographyClient.java | 2 ++
.../cryptography/LocalCryptographyAsyncClient.java | 2 ++
.../keys/cryptography/LocalCryptographyClient.java | 2 ++
.../cryptography/LocalKeyCryptographyClient.java | 2 ++
.../keys/cryptography/RsaKeyCryptographyClient.java | 4 +++-
.../SymmetricKeyCryptographyClient.java | 4 +++-
.../{ => options}/AesCbcDecryptOptions.java | 2 +-
.../{ => options}/AesCbcEncryptOptions.java | 2 +-
.../{ => options}/AesGcmDecryptOptions.java | 2 +-
.../{ => options}/AesGcmEncryptOptions.java | 2 +-
.../cryptography/{ => options}/DecryptOptions.java | 13 ++++++++++++-
.../cryptography/{ => options}/EncryptOptions.java | 13 ++++++++++++-
.../keys/cryptography/options/package-info.java | 8 ++++++++
.../src/main/java/module-info.java | 1 +
.../CryptographyAsyncClientJavaDocCodeSnippets.java | 2 ++
.../CryptographyClientJavaDocCodeSnippets.java | 2 ++
...lCryptographyAsyncClientJavaDocCodeSnippets.java | 2 ++
.../LocalCryptographyClientJavaDocCodeSnippets.java | 2 ++
.../keys/cryptography/CryptographyClientTest.java | 10 ++++++----
.../LocalCryptographyClientTestBase.java | 2 ++
24 files changed, 80 insertions(+), 19 deletions(-)
rename sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/{ => options}/AesCbcDecryptOptions.java (95%)
rename sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/{ => options}/AesCbcEncryptOptions.java (95%)
rename sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/{ => options}/AesGcmDecryptOptions.java (97%)
rename sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/{ => options}/AesGcmEncryptOptions.java (96%)
rename sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/{ => options}/DecryptOptions.java (89%)
rename sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/{ => options}/EncryptOptions.java (87%)
create mode 100644 sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/package-info.java
diff --git a/eng/code-quality-reports/src/main/resources/spotbugs/spotbugs-exclude.xml b/eng/code-quality-reports/src/main/resources/spotbugs/spotbugs-exclude.xml
index 9054faef8bcbd..a42685ce97a92 100755
--- a/eng/code-quality-reports/src/main/resources/spotbugs/spotbugs-exclude.xml
+++ b/eng/code-quality-reports/src/main/resources/spotbugs/spotbugs-exclude.xml
@@ -2418,8 +2418,8 @@
-
-
+
+
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyAsyncClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyAsyncClient.java
index d0f5b21762c37..7d01e85960929 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyAsyncClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyAsyncClient.java
@@ -23,6 +23,8 @@
import com.azure.security.keyvault.keys.cryptography.models.SignResult;
import com.azure.security.keyvault.keys.cryptography.models.VerifyResult;
import com.azure.security.keyvault.keys.cryptography.models.WrapResult;
+import com.azure.security.keyvault.keys.cryptography.options.DecryptOptions;
+import com.azure.security.keyvault.keys.cryptography.options.EncryptOptions;
import com.azure.security.keyvault.keys.models.KeyVaultKey;
import com.azure.security.keyvault.keys.models.JsonWebKey;
import com.azure.security.keyvault.keys.models.KeyOperation;
@@ -223,7 +225,7 @@ Mono getSecretKey() {
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public Mono encrypt(EncryptionAlgorithm algorithm, byte[] plaintext) {
- return encrypt(new EncryptOptions(algorithm, plaintext), null);
+ return encrypt(EncryptOptions.createOptions(algorithm, plaintext), null);
}
/**
@@ -315,7 +317,7 @@ Mono encrypt(EncryptOptions encryptOptions, Context context) {
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public Mono decrypt(EncryptionAlgorithm algorithm, byte[] cipherText) {
- return decrypt(new DecryptOptions(algorithm, cipherText));
+ return decrypt(DecryptOptions.createOptions(algorithm, cipherText));
}
/**
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyClient.java
index 3e4c77f000cc6..a62b5314ed4b1 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyClient.java
@@ -18,6 +18,8 @@
import com.azure.security.keyvault.keys.cryptography.models.SignResult;
import com.azure.security.keyvault.keys.cryptography.models.VerifyResult;
import com.azure.security.keyvault.keys.cryptography.models.WrapResult;
+import com.azure.security.keyvault.keys.cryptography.options.DecryptOptions;
+import com.azure.security.keyvault.keys.cryptography.options.EncryptOptions;
import com.azure.security.keyvault.keys.models.KeyVaultKey;
@@ -111,7 +113,7 @@ public Response getKeyWithResponse(Context context) {
* @throws NullPointerException If {@code algorithm} or {@code plainText} are {@code null}.
*/
public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plaintext, Context context) {
- return encrypt(new EncryptOptions(algorithm, plaintext), context);
+ return encrypt(EncryptOptions.createOptions(algorithm, plaintext), context);
}
/**
@@ -219,7 +221,7 @@ public EncryptResult encrypt(EncryptOptions encryptOptions, Context context) {
* @throws NullPointerException If {@code algorithm} or {@code cipherText} are {@code null}.
*/
public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] cipherText, Context context) {
- return decrypt(new DecryptOptions(algorithm, cipherText), context);
+ return decrypt(DecryptOptions.createOptions(algorithm, cipherText), context);
}
/**
@@ -254,7 +256,7 @@ public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] cipherText, C
* @throws NullPointerException If {@code algorithm} or {@code cipherText} are {@code null}.
*/
public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] cipherText) {
- return decrypt(new DecryptOptions(algorithm, cipherText), Context.NONE);
+ return decrypt(DecryptOptions.createOptions(algorithm, cipherText), Context.NONE);
}
/**
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyServiceClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyServiceClient.java
index c20507cd74afd..3e6c751f69e08 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyServiceClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyServiceClient.java
@@ -16,6 +16,8 @@
import com.azure.security.keyvault.keys.cryptography.models.SignResult;
import com.azure.security.keyvault.keys.cryptography.models.VerifyResult;
import com.azure.security.keyvault.keys.cryptography.models.WrapResult;
+import com.azure.security.keyvault.keys.cryptography.options.DecryptOptions;
+import com.azure.security.keyvault.keys.cryptography.options.EncryptOptions;
import com.azure.security.keyvault.keys.models.JsonWebKey;
import com.azure.security.keyvault.keys.models.KeyOperation;
import com.azure.security.keyvault.keys.models.KeyType;
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EcKeyCryptographyClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EcKeyCryptographyClient.java
index 89a18684f3304..89ddd9dc7e1af 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EcKeyCryptographyClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EcKeyCryptographyClient.java
@@ -13,6 +13,8 @@
import com.azure.security.keyvault.keys.cryptography.models.SignResult;
import com.azure.security.keyvault.keys.cryptography.models.VerifyResult;
import com.azure.security.keyvault.keys.cryptography.models.WrapResult;
+import com.azure.security.keyvault.keys.cryptography.options.DecryptOptions;
+import com.azure.security.keyvault.keys.cryptography.options.EncryptOptions;
import com.azure.security.keyvault.keys.models.JsonWebKey;
import reactor.core.publisher.Mono;
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClient.java
index b8f174d1df5ef..060ae98a1b365 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClient.java
@@ -12,6 +12,8 @@
import com.azure.security.keyvault.keys.cryptography.models.UnwrapResult;
import com.azure.security.keyvault.keys.cryptography.models.VerifyResult;
import com.azure.security.keyvault.keys.cryptography.models.WrapResult;
+import com.azure.security.keyvault.keys.cryptography.options.DecryptOptions;
+import com.azure.security.keyvault.keys.cryptography.options.EncryptOptions;
import com.azure.security.keyvault.keys.models.JsonWebKey;
import reactor.core.publisher.Mono;
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClient.java
index 0dc23643c0e34..3e6ec67a3d334 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClient.java
@@ -12,6 +12,8 @@
import com.azure.security.keyvault.keys.cryptography.models.UnwrapResult;
import com.azure.security.keyvault.keys.cryptography.models.VerifyResult;
import com.azure.security.keyvault.keys.cryptography.models.WrapResult;
+import com.azure.security.keyvault.keys.cryptography.options.DecryptOptions;
+import com.azure.security.keyvault.keys.cryptography.options.EncryptOptions;
/**
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalKeyCryptographyClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalKeyCryptographyClient.java
index 83ce109bf0e44..0de8b8259e08b 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalKeyCryptographyClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalKeyCryptographyClient.java
@@ -12,6 +12,8 @@
import com.azure.security.keyvault.keys.cryptography.models.SignResult;
import com.azure.security.keyvault.keys.cryptography.models.VerifyResult;
import com.azure.security.keyvault.keys.cryptography.models.WrapResult;
+import com.azure.security.keyvault.keys.cryptography.options.DecryptOptions;
+import com.azure.security.keyvault.keys.cryptography.options.EncryptOptions;
import com.azure.security.keyvault.keys.models.JsonWebKey;
import reactor.core.publisher.Mono;
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/RsaKeyCryptographyClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/RsaKeyCryptographyClient.java
index d39a9cb562fbc..719d0098db955 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/RsaKeyCryptographyClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/RsaKeyCryptographyClient.java
@@ -15,6 +15,8 @@
import com.azure.security.keyvault.keys.cryptography.models.SignResult;
import com.azure.security.keyvault.keys.cryptography.models.VerifyResult;
import com.azure.security.keyvault.keys.cryptography.models.WrapResult;
+import com.azure.security.keyvault.keys.cryptography.options.DecryptOptions;
+import com.azure.security.keyvault.keys.cryptography.options.EncryptOptions;
import com.azure.security.keyvault.keys.models.JsonWebKey;
import reactor.core.publisher.Mono;
@@ -56,7 +58,7 @@ private KeyPair getKeyPair(JsonWebKey key) {
Mono encryptAsync(EncryptOptions encryptOptions, Context context, JsonWebKey jsonWebKey) {
Objects.requireNonNull(encryptOptions, "'encryptOptions' cannot be null.");
Objects.requireNonNull(encryptOptions.getAlgorithm(), "Encryption algorithm cannot be null.");
- Objects.requireNonNull(encryptOptions.plainText, "Plain text content to be encrypted cannot be null.");
+ Objects.requireNonNull(encryptOptions.getPlainText(), "Plain text content to be encrypted cannot be null.");
keyPair = getKeyPair(jsonWebKey);
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/SymmetricKeyCryptographyClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/SymmetricKeyCryptographyClient.java
index 37e542b69c3b5..f8fdb524165d3 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/SymmetricKeyCryptographyClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/SymmetricKeyCryptographyClient.java
@@ -14,6 +14,8 @@
import com.azure.security.keyvault.keys.cryptography.models.SignatureAlgorithm;
import com.azure.security.keyvault.keys.cryptography.models.SignResult;
import com.azure.security.keyvault.keys.cryptography.models.VerifyResult;
+import com.azure.security.keyvault.keys.cryptography.options.DecryptOptions;
+import com.azure.security.keyvault.keys.cryptography.options.EncryptOptions;
import com.azure.security.keyvault.keys.models.JsonWebKey;
import reactor.core.publisher.Mono;
@@ -51,7 +53,7 @@ private byte[] getKey(JsonWebKey key) {
Mono encryptAsync(EncryptOptions encryptOptions, Context context, JsonWebKey jsonWebKey) {
Objects.requireNonNull(encryptOptions, "'encryptOptions' cannot be null.");
Objects.requireNonNull(encryptOptions.getAlgorithm(), "Encryption algorithm cannot be null.");
- Objects.requireNonNull(encryptOptions.plainText, "Plain text content to be encrypted cannot be null.");
+ Objects.requireNonNull(encryptOptions.getPlainText(), "Plain text content to be encrypted cannot be null.");
this.key = getKey(jsonWebKey);
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbcDecryptOptions.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/AesCbcDecryptOptions.java
similarity index 95%
rename from sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbcDecryptOptions.java
rename to sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/AesCbcDecryptOptions.java
index 53f88f977f3ad..81ac367530be4 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbcDecryptOptions.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/AesCbcDecryptOptions.java
@@ -1,7 +1,7 @@
// Copyright (c) Microsoft Corporation. All rights reserved.
// Licensed under the MIT License.
-package com.azure.security.keyvault.keys.cryptography;
+package com.azure.security.keyvault.keys.cryptography.options;
import com.azure.security.keyvault.keys.cryptography.models.EncryptionAlgorithm;
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbcEncryptOptions.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/AesCbcEncryptOptions.java
similarity index 95%
rename from sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbcEncryptOptions.java
rename to sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/AesCbcEncryptOptions.java
index bf75673d06df1..82dec9beda24d 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbcEncryptOptions.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/AesCbcEncryptOptions.java
@@ -1,7 +1,7 @@
// Copyright (c) Microsoft Corporation. All rights reserved.
// Licensed under the MIT License.
-package com.azure.security.keyvault.keys.cryptography;
+package com.azure.security.keyvault.keys.cryptography.options;
import com.azure.security.keyvault.keys.cryptography.models.EncryptionAlgorithm;
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesGcmDecryptOptions.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/AesGcmDecryptOptions.java
similarity index 97%
rename from sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesGcmDecryptOptions.java
rename to sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/AesGcmDecryptOptions.java
index 92dced7e0fcd3..003ab82fee95a 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesGcmDecryptOptions.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/AesGcmDecryptOptions.java
@@ -1,7 +1,7 @@
// Copyright (c) Microsoft Corporation. All rights reserved.
// Licensed under the MIT License.
-package com.azure.security.keyvault.keys.cryptography;
+package com.azure.security.keyvault.keys.cryptography.options;
import com.azure.security.keyvault.keys.cryptography.models.EncryptionAlgorithm;
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesGcmEncryptOptions.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/AesGcmEncryptOptions.java
similarity index 96%
rename from sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesGcmEncryptOptions.java
rename to sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/AesGcmEncryptOptions.java
index 7ea254f54224b..da62fa804706b 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesGcmEncryptOptions.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/AesGcmEncryptOptions.java
@@ -1,7 +1,7 @@
// Copyright (c) Microsoft Corporation. All rights reserved.
// Licensed under the MIT License.
-package com.azure.security.keyvault.keys.cryptography;
+package com.azure.security.keyvault.keys.cryptography.options;
import com.azure.security.keyvault.keys.cryptography.models.EncryptionAlgorithm;
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/DecryptOptions.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/DecryptOptions.java
similarity index 89%
rename from sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/DecryptOptions.java
rename to sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/DecryptOptions.java
index 37969353fe90a..1a8573efe236e 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/DecryptOptions.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/DecryptOptions.java
@@ -1,7 +1,7 @@
// Copyright (c) Microsoft Corporation. All rights reserved.
// Licensed under the MIT License.
-package com.azure.security.keyvault.keys.cryptography;
+package com.azure.security.keyvault.keys.cryptography.options;
import com.azure.security.keyvault.keys.cryptography.models.EncryptionAlgorithm;
@@ -36,6 +36,17 @@ public class DecryptOptions {
*/
byte[] authenticationTag;
+ /**
+ * Factory method to create an instance of {@link DecryptOptions} with the given parameters.
+ *
+ * @param algorithm The algorithm to be used for decryption.
+ * @param ciphertext The content to be decrypted.
+ * @return The {@link DecryptOptions}.
+ */
+ public static DecryptOptions createOptions(EncryptionAlgorithm algorithm, byte[] ciphertext) {
+ return new DecryptOptions(algorithm, ciphertext);
+ }
+
/**
* Factory method to create an instance of {@link AesCbcDecryptOptions} with the given parameters.
*
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EncryptOptions.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/EncryptOptions.java
similarity index 87%
rename from sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EncryptOptions.java
rename to sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/EncryptOptions.java
index 6bba15997fb74..64db353a689ab 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EncryptOptions.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/EncryptOptions.java
@@ -1,7 +1,7 @@
// Copyright (c) Microsoft Corporation. All rights reserved.
// Licensed under the MIT License.
-package com.azure.security.keyvault.keys.cryptography;
+package com.azure.security.keyvault.keys.cryptography.options;
import com.azure.security.keyvault.keys.cryptography.models.EncryptionAlgorithm;
@@ -31,6 +31,17 @@ public class EncryptOptions {
*/
byte[] additionalAuthenticatedData;
+ /**
+ * Factory method to create an instance of {@link EncryptOptions} with the given parameters.
+ *
+ * @param algorithm The algorithm to be used for encryption.
+ * @param plaintext The content to be encryption.
+ * @return The {@link EncryptOptions}.
+ */
+ public static EncryptOptions createOptions(EncryptionAlgorithm algorithm, byte[] plaintext) {
+ return new EncryptOptions(algorithm, plaintext);
+ }
+
/**
* Factory method to create an instance of {@link AesCbcEncryptOptions} with the given parameters.
*
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/package-info.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/package-info.java
new file mode 100644
index 0000000000000..a5f252b7b3e5c
--- /dev/null
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/package-info.java
@@ -0,0 +1,8 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+/**
+ * Package containing classes used for representing options for encryption, decryption, signing, verifying, key wrapping
+ * and unwrapping operations.
+ */
+package com.azure.security.keyvault.keys.cryptography.options;
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/module-info.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/module-info.java
index 35421e19f8e0f..03c02ebdfe946 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/module-info.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/module-info.java
@@ -9,6 +9,7 @@
exports com.azure.security.keyvault.keys;
exports com.azure.security.keyvault.keys.cryptography;
exports com.azure.security.keyvault.keys.cryptography.models;
+ exports com.azure.security.keyvault.keys.cryptography.options;
exports com.azure.security.keyvault.keys.models;
opens com.azure.security.keyvault.keys to com.fasterxml.jackson.databind;
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/CryptographyAsyncClientJavaDocCodeSnippets.java b/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/CryptographyAsyncClientJavaDocCodeSnippets.java
index 44ceb5cbbec62..bcaebac85c701 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/CryptographyAsyncClientJavaDocCodeSnippets.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/CryptographyAsyncClientJavaDocCodeSnippets.java
@@ -12,6 +12,8 @@
import com.azure.core.http.policy.RetryPolicy;
import com.azure.identity.DefaultAzureCredentialBuilder;
import com.azure.security.keyvault.keys.KeyAsyncClient;
+import com.azure.security.keyvault.keys.cryptography.options.DecryptOptions;
+import com.azure.security.keyvault.keys.cryptography.options.EncryptOptions;
import com.azure.security.keyvault.keys.implementation.KeyVaultCredentialPolicy;
import com.azure.security.keyvault.keys.cryptography.models.EncryptionAlgorithm;
import com.azure.security.keyvault.keys.cryptography.models.KeyWrapAlgorithm;
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/CryptographyClientJavaDocCodeSnippets.java b/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/CryptographyClientJavaDocCodeSnippets.java
index 81bad71313290..aeef0b76dee4f 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/CryptographyClientJavaDocCodeSnippets.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/CryptographyClientJavaDocCodeSnippets.java
@@ -16,6 +16,8 @@
import com.azure.security.keyvault.keys.cryptography.models.SignResult;
import com.azure.security.keyvault.keys.cryptography.models.VerifyResult;
import com.azure.security.keyvault.keys.cryptography.models.WrapResult;
+import com.azure.security.keyvault.keys.cryptography.options.DecryptOptions;
+import com.azure.security.keyvault.keys.cryptography.options.EncryptOptions;
import com.azure.security.keyvault.keys.models.KeyVaultKey;
import java.security.MessageDigest;
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClientJavaDocCodeSnippets.java b/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClientJavaDocCodeSnippets.java
index 6c870639ffd5d..8ebbd79e84c91 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClientJavaDocCodeSnippets.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClientJavaDocCodeSnippets.java
@@ -7,6 +7,8 @@
import com.azure.security.keyvault.keys.cryptography.models.EncryptionAlgorithm;
import com.azure.security.keyvault.keys.cryptography.models.KeyWrapAlgorithm;
import com.azure.security.keyvault.keys.cryptography.models.SignatureAlgorithm;
+import com.azure.security.keyvault.keys.cryptography.options.DecryptOptions;
+import com.azure.security.keyvault.keys.cryptography.options.EncryptOptions;
import com.azure.security.keyvault.keys.models.JsonWebKey;
import java.security.MessageDigest;
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClientJavaDocCodeSnippets.java b/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClientJavaDocCodeSnippets.java
index 8d4d12818f96c..c16f6601a6066 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClientJavaDocCodeSnippets.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClientJavaDocCodeSnippets.java
@@ -13,6 +13,8 @@
import com.azure.security.keyvault.keys.cryptography.models.UnwrapResult;
import com.azure.security.keyvault.keys.cryptography.models.VerifyResult;
import com.azure.security.keyvault.keys.cryptography.models.WrapResult;
+import com.azure.security.keyvault.keys.cryptography.options.DecryptOptions;
+import com.azure.security.keyvault.keys.cryptography.options.EncryptOptions;
import com.azure.security.keyvault.keys.models.JsonWebKey;
import java.security.MessageDigest;
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/CryptographyClientTest.java b/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/CryptographyClientTest.java
index fa6a8177e6ca0..eab49a0cce938 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/CryptographyClientTest.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/CryptographyClientTest.java
@@ -12,6 +12,8 @@
import com.azure.security.keyvault.keys.cryptography.models.EncryptionAlgorithm;
import com.azure.security.keyvault.keys.cryptography.models.KeyWrapAlgorithm;
import com.azure.security.keyvault.keys.cryptography.models.SignatureAlgorithm;
+import com.azure.security.keyvault.keys.cryptography.options.DecryptOptions;
+import com.azure.security.keyvault.keys.cryptography.options.EncryptOptions;
import com.azure.security.keyvault.keys.models.KeyVaultKey;
import com.azure.security.keyvault.keys.models.JsonWebKey;
import com.azure.security.keyvault.keys.models.KeyCurveName;
@@ -81,13 +83,13 @@ public void encryptDecryptRsa(HttpClient httpClient, CryptographyServiceVersion
byte[] plainText = new byte[100];
new Random(0x1234567L).nextBytes(plainText);
byte[] cipherText = cryptoClient.encrypt(algorithm, plainText).getCipherText();
- byte[] decryptedText = serviceClient.decrypt(new DecryptOptions(algorithm, cipherText), Context.NONE)
- .block().getPlainText();
+ byte[] decryptedText = serviceClient.decrypt(DecryptOptions.createOptions(algorithm, cipherText),
+ Context.NONE).block().getPlainText();
assertArrayEquals(decryptedText, plainText);
- cipherText = serviceClient.encrypt(new EncryptOptions(algorithm, plainText), Context.NONE)
- .block().getCipherText();
+ cipherText = serviceClient.encrypt(EncryptOptions.createOptions(algorithm, plainText),
+ Context.NONE).block().getCipherText();
decryptedText = cryptoClient.decrypt(algorithm, cipherText).getPlainText();
assertArrayEquals(decryptedText, plainText);
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClientTestBase.java b/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClientTestBase.java
index 04070cadad586..570d6af559d6f 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClientTestBase.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClientTestBase.java
@@ -8,6 +8,8 @@
import com.azure.security.keyvault.keys.cryptography.models.DecryptResult;
import com.azure.security.keyvault.keys.cryptography.models.EncryptResult;
import com.azure.security.keyvault.keys.cryptography.models.EncryptionAlgorithm;
+import com.azure.security.keyvault.keys.cryptography.options.DecryptOptions;
+import com.azure.security.keyvault.keys.cryptography.options.EncryptOptions;
import com.azure.security.keyvault.keys.models.JsonWebKey;
import com.azure.security.keyvault.keys.models.KeyOperation;
import org.junit.jupiter.api.Test;
From b1f1511b8176ae42a6b0d138da8062da0027609d Mon Sep 17 00:00:00 2001
From: Victor Colin Amador
Date: Thu, 12 Nov 2020 13:44:53 -0800
Subject: [PATCH 11/15] Changed EncryptOptions and DecryptOptions to use a
factory model.
---
.../resources/spotbugs/spotbugs-exclude.xml | 4 +-
.../cryptography/CryptographyAsyncClient.java | 6 +-
.../keys/cryptography/CryptographyClient.java | 8 +-
.../CryptographyServiceClient.java | 2 -
.../keys/cryptography/DecryptOptions.java | 296 ++++++++++++++++
.../cryptography/EcKeyCryptographyClient.java | 2 -
.../keys/cryptography/EncryptOptions.java | 330 ++++++++++++++++++
.../LocalCryptographyAsyncClient.java | 2 -
.../cryptography/LocalCryptographyClient.java | 2 -
.../LocalKeyCryptographyClient.java | 2 -
.../RsaKeyCryptographyClient.java | 2 -
.../SymmetricKeyCryptographyClient.java | 2 -
.../options/AesCbcDecryptOptions.java | 39 ---
.../options/AesCbcEncryptOptions.java | 39 ---
.../options/AesGcmDecryptOptions.java | 65 ----
.../options/AesGcmEncryptOptions.java | 47 ---
.../cryptography/options/DecryptOptions.java | 148 --------
.../cryptography/options/EncryptOptions.java | 130 -------
.../cryptography/options/package-info.java | 8 -
.../src/main/java/module-info.java | 1 -
...ographyAsyncClientJavaDocCodeSnippets.java | 10 +-
...CryptographyClientJavaDocCodeSnippets.java | 12 +-
...ographyAsyncClientJavaDocCodeSnippets.java | 8 +-
...CryptographyClientJavaDocCodeSnippets.java | 8 +-
.../cryptography/CryptographyClientTest.java | 10 +-
.../LocalCryptographyClientTestBase.java | 13 +-
26 files changed, 650 insertions(+), 546 deletions(-)
create mode 100644 sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/DecryptOptions.java
create mode 100644 sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EncryptOptions.java
delete mode 100644 sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/AesCbcDecryptOptions.java
delete mode 100644 sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/AesCbcEncryptOptions.java
delete mode 100644 sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/AesGcmDecryptOptions.java
delete mode 100644 sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/AesGcmEncryptOptions.java
delete mode 100644 sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/DecryptOptions.java
delete mode 100644 sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/EncryptOptions.java
delete mode 100644 sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/package-info.java
diff --git a/eng/code-quality-reports/src/main/resources/spotbugs/spotbugs-exclude.xml b/eng/code-quality-reports/src/main/resources/spotbugs/spotbugs-exclude.xml
index a42685ce97a92..9054faef8bcbd 100755
--- a/eng/code-quality-reports/src/main/resources/spotbugs/spotbugs-exclude.xml
+++ b/eng/code-quality-reports/src/main/resources/spotbugs/spotbugs-exclude.xml
@@ -2418,8 +2418,8 @@
-
-
+
+
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyAsyncClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyAsyncClient.java
index 7d01e85960929..f2e39b9067911 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyAsyncClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyAsyncClient.java
@@ -23,8 +23,6 @@
import com.azure.security.keyvault.keys.cryptography.models.SignResult;
import com.azure.security.keyvault.keys.cryptography.models.VerifyResult;
import com.azure.security.keyvault.keys.cryptography.models.WrapResult;
-import com.azure.security.keyvault.keys.cryptography.options.DecryptOptions;
-import com.azure.security.keyvault.keys.cryptography.options.EncryptOptions;
import com.azure.security.keyvault.keys.models.KeyVaultKey;
import com.azure.security.keyvault.keys.models.JsonWebKey;
import com.azure.security.keyvault.keys.models.KeyOperation;
@@ -225,7 +223,7 @@ Mono getSecretKey() {
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public Mono encrypt(EncryptionAlgorithm algorithm, byte[] plaintext) {
- return encrypt(EncryptOptions.createOptions(algorithm, plaintext), null);
+ return encrypt(new EncryptOptions(algorithm, plaintext, null, null), null);
}
/**
@@ -317,7 +315,7 @@ Mono encrypt(EncryptOptions encryptOptions, Context context) {
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public Mono decrypt(EncryptionAlgorithm algorithm, byte[] cipherText) {
- return decrypt(DecryptOptions.createOptions(algorithm, cipherText));
+ return decrypt(new DecryptOptions(algorithm, cipherText, null, null, null));
}
/**
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyClient.java
index a62b5314ed4b1..a9d9429541085 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyClient.java
@@ -18,8 +18,6 @@
import com.azure.security.keyvault.keys.cryptography.models.SignResult;
import com.azure.security.keyvault.keys.cryptography.models.VerifyResult;
import com.azure.security.keyvault.keys.cryptography.models.WrapResult;
-import com.azure.security.keyvault.keys.cryptography.options.DecryptOptions;
-import com.azure.security.keyvault.keys.cryptography.options.EncryptOptions;
import com.azure.security.keyvault.keys.models.KeyVaultKey;
@@ -113,7 +111,7 @@ public Response getKeyWithResponse(Context context) {
* @throws NullPointerException If {@code algorithm} or {@code plainText} are {@code null}.
*/
public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plaintext, Context context) {
- return encrypt(EncryptOptions.createOptions(algorithm, plaintext), context);
+ return encrypt(new EncryptOptions(algorithm, plaintext, null, null), context);
}
/**
@@ -221,7 +219,7 @@ public EncryptResult encrypt(EncryptOptions encryptOptions, Context context) {
* @throws NullPointerException If {@code algorithm} or {@code cipherText} are {@code null}.
*/
public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] cipherText, Context context) {
- return decrypt(DecryptOptions.createOptions(algorithm, cipherText), context);
+ return decrypt(new DecryptOptions(algorithm, cipherText, null, null, null), context);
}
/**
@@ -256,7 +254,7 @@ public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] cipherText, C
* @throws NullPointerException If {@code algorithm} or {@code cipherText} are {@code null}.
*/
public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] cipherText) {
- return decrypt(DecryptOptions.createOptions(algorithm, cipherText), Context.NONE);
+ return decrypt(new DecryptOptions(algorithm, cipherText, null, null, null), Context.NONE);
}
/**
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyServiceClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyServiceClient.java
index 3e6c751f69e08..c20507cd74afd 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyServiceClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyServiceClient.java
@@ -16,8 +16,6 @@
import com.azure.security.keyvault.keys.cryptography.models.SignResult;
import com.azure.security.keyvault.keys.cryptography.models.VerifyResult;
import com.azure.security.keyvault.keys.cryptography.models.WrapResult;
-import com.azure.security.keyvault.keys.cryptography.options.DecryptOptions;
-import com.azure.security.keyvault.keys.cryptography.options.EncryptOptions;
import com.azure.security.keyvault.keys.models.JsonWebKey;
import com.azure.security.keyvault.keys.models.KeyOperation;
import com.azure.security.keyvault.keys.models.KeyType;
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/DecryptOptions.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/DecryptOptions.java
new file mode 100644
index 0000000000000..68e66d84b7896
--- /dev/null
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/DecryptOptions.java
@@ -0,0 +1,296 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+package com.azure.security.keyvault.keys.cryptography;
+
+import com.azure.security.keyvault.keys.cryptography.models.EncryptionAlgorithm;
+
+import java.util.Objects;
+
+/**
+ * A class containing various configuration parameters that can be applied when performing decryption operations.
+ */
+public class DecryptOptions {
+ /**
+ * The algorithm to be used for decryption.
+ */
+ private final EncryptionAlgorithm algorithm;
+
+ /**
+ * The content to be decrypted.
+ */
+ private final byte[] cipherText;
+
+ /**
+ * Initialization vector to be used in the decryption operation using a symmetric algorithm.
+ */
+ private final byte[] iv;
+
+ /**
+ * Get additional data to authenticate when performing decryption with an authenticated algorithm.
+ */
+ private final byte[] additionalAuthenticatedData;
+
+ /**
+ * The tag to authenticate when performing decryption with an authenticated algorithm.
+ */
+ private final byte[] authenticationTag;
+
+ /**
+ * Factory method to create an instance of {@link DecryptOptions} with the given parameters for
+ * {@link EncryptionAlgorithm#A128CBC}.
+ *
+ * @param plainText The content to be encryption.
+ * @param iv Initialization vector for the encryption operation.
+ * @return The {@link DecryptOptions}.
+ */
+ public static DecryptOptions createAes128CbcOptions(byte[] plainText, byte[] iv) {
+ return new DecryptOptions(EncryptionAlgorithm.A128CBC, plainText, iv, null, null);
+ }
+ /**
+ * Factory method to create an instance of {@link DecryptOptions} with the given parameters for
+ * {@link EncryptionAlgorithm#A128CBCPAD}.
+ *
+ * @param plainText The content to be encryption.
+ * @param iv Initialization vector for the encryption operation.
+ * @return The {@link DecryptOptions}.
+ */
+ public static DecryptOptions createAes128CbcPadOptions(byte[] plainText, byte[] iv) {
+ return new DecryptOptions(EncryptionAlgorithm.A128CBCPAD, plainText, iv, null, null);
+ }
+
+ /**
+ * Factory method to create an instance of {@link DecryptOptions} with the given parameters for
+ * {@link EncryptionAlgorithm#A128GCM}.
+ *
+ * @param plainText The content to be encryption.
+ * @param iv Initialization vector for the encryption operation.
+ * @param authenticationTag The tag to authenticate when performing decryption.
+ * @return The {@link DecryptOptions}.
+ */
+ public static DecryptOptions createAes128GcmOptions(byte[] plainText, byte[] iv, byte[] authenticationTag) {
+ return createAes128GcmOptions(plainText, iv, authenticationTag, null);
+ }
+
+ /**
+ * Factory method to create an instance of {@link DecryptOptions} with the given parameters for
+ * {@link EncryptionAlgorithm#A128GCM}.
+ *
+ * @param plainText The content to be encryption.
+ * @param iv Initialization vector for the encryption operation.
+ * @param authenticationTag The tag to authenticate when performing decryption.
+ * @param additionalAuthenticatedData Additional data to authenticate when using authenticated crypto algorithms.
+ * @return The {@link DecryptOptions}.
+ */
+ public static DecryptOptions createAes128GcmOptions(byte[] plainText, byte[] iv, byte[] authenticationTag,
+ byte[] additionalAuthenticatedData) {
+ return new DecryptOptions(EncryptionAlgorithm.A128GCM, plainText, iv, authenticationTag,
+ additionalAuthenticatedData);
+ }
+
+ /**
+ * Factory method to create an instance of {@link DecryptOptions} with the given parameters for
+ * {@link EncryptionAlgorithm#A192CBC}.
+ *
+ * @param plainText The content to be encryption.
+ * @param iv Initialization vector for the encryption operation.
+ * @return The {@link DecryptOptions}.
+ */
+ public static DecryptOptions createAes192CbcOptions(byte[] plainText, byte[] iv) {
+ return new DecryptOptions(EncryptionAlgorithm.A192CBC, plainText, iv, null, null);
+ }
+
+ /**
+ * Factory method to create an instance of {@link DecryptOptions} with the given parameters for
+ * {@link EncryptionAlgorithm#A192CBCPAD}.
+ *
+ * @param plainText The content to be encryption.
+ * @param iv Initialization vector for the encryption operation.
+ * @return The {@link DecryptOptions}.
+ */
+ public static DecryptOptions createAes192CbcPadOptions(byte[] plainText, byte[] iv) {
+ return new DecryptOptions(EncryptionAlgorithm.A192CBCPAD, plainText, iv, null, null);
+ }
+
+ /**
+ * Factory method to create an instance of {@link DecryptOptions} with the given parameters for
+ * {@link EncryptionAlgorithm#A192GCM}.
+ *
+ * @param plainText The content to be encryption.
+ * @param iv Initialization vector for the encryption operation.
+ * @param authenticationTag The tag to authenticate when performing decryption.
+ * @return The {@link DecryptOptions}.
+ */
+ public static DecryptOptions createAes192GcmOptions(byte[] plainText, byte[] iv, byte[] authenticationTag) {
+ return createAes192GcmOptions(plainText, iv, authenticationTag, null);
+ }
+
+ /**
+ * Factory method to create an instance of {@link DecryptOptions} with the given parameters for
+ * {@link EncryptionAlgorithm#A192GCM}.
+ *
+ * @param plainText The content to be encryption.
+ * @param iv Initialization vector for the encryption operation.
+ * @param authenticationTag The tag to authenticate when performing decryption.
+ * @param additionalAuthenticatedData Additional data to authenticate when using authenticated crypto algorithms.
+ * @return The {@link DecryptOptions}.
+ */
+ public static DecryptOptions createAes192GcmOptions(byte[] plainText, byte[] iv, byte[] authenticationTag,
+ byte[] additionalAuthenticatedData) {
+ return new DecryptOptions(EncryptionAlgorithm.A192GCM, plainText, iv, authenticationTag,
+ additionalAuthenticatedData);
+ }
+ /**
+ * Factory method to create an instance of {@link DecryptOptions} with the given parameters for
+ * {@link EncryptionAlgorithm#A256CBC}.
+ *
+ * @param plainText The content to be encryption.
+ * @param iv Initialization vector for the encryption operation.
+ * @return The {@link DecryptOptions}.
+ */
+ public static DecryptOptions createAes256CbcOptions(byte[] plainText, byte[] iv) {
+ return new DecryptOptions(EncryptionAlgorithm.A256CBC, plainText, iv, null, null);
+ }
+ /**
+ * Factory method to create an instance of {@link DecryptOptions} with the given parameters for
+ * {@link EncryptionAlgorithm#A256CBCPAD}.
+ *
+ * @param plainText The content to be encryption.
+ * @param iv Initialization vector for the encryption operation.
+ * @return The {@link DecryptOptions}.
+ */
+ public static DecryptOptions createAes256CbcPadOptions(byte[] plainText, byte[] iv) {
+ return new DecryptOptions(EncryptionAlgorithm.A256CBCPAD, plainText, iv, null, null);
+ }
+
+ /**
+ * Factory method to create an instance of {@link DecryptOptions} with the given parameters for
+ * {@link EncryptionAlgorithm#A256GCM}.
+ *
+ * @param plainText The content to be encryption.
+ * @param iv Initialization vector for the encryption operation.
+ * @param authenticationTag The tag to authenticate when performing decryption.
+ * @return The {@link DecryptOptions}.
+ */
+ public static DecryptOptions createAes256GcmOptions(byte[] plainText, byte[] iv, byte[] authenticationTag) {
+ return createAes256GcmOptions(plainText, iv, authenticationTag, null);
+ }
+
+ /**
+ * Factory method to create an instance of {@link DecryptOptions} with the given parameters for
+ * {@link EncryptionAlgorithm#A256GCM}.
+ *
+ * @param plainText The content to be encryption.
+ * @param iv Initialization vector for the encryption operation.
+ * @param authenticationTag The tag to authenticate when performing decryption.
+ * @param additionalAuthenticatedData Additional data to authenticate when using authenticated crypto algorithms.
+ * @return The {@link DecryptOptions}.
+ */
+ public static DecryptOptions createAes256GcmOptions(byte[] plainText, byte[] iv, byte[] authenticationTag,
+ byte[] additionalAuthenticatedData) {
+ return new DecryptOptions(EncryptionAlgorithm.A256GCM, plainText, iv, authenticationTag,
+ additionalAuthenticatedData);
+ }
+
+ /**
+ * Creates an instance of {@link DecryptOptions} with the given parameters.
+ *
+ * @param algorithm The algorithm to be used for decryption.
+ * @param cipherText The content to be decrypted.
+ * @param iv Initialization vector for the encryption operation.
+ * @param authenticationTag The tag to authenticate when performing decryption.
+ * @param additionalAuthenticatedData Additional data to authenticate when using authenticated crypto algorithms.
+ */
+ DecryptOptions(EncryptionAlgorithm algorithm, byte[] cipherText, byte[] iv, byte[] authenticationTag,
+ byte[] additionalAuthenticatedData) {
+ Objects.requireNonNull(cipherText, "'cipherText' cannot be null");
+
+ this.algorithm = algorithm;
+ this.cipherText = new byte[cipherText.length];
+ System.arraycopy(cipherText, 0, this.cipherText, 0, cipherText.length);
+
+ if (iv == null) {
+ this.iv = null;
+ } else {
+ this.iv = new byte[iv.length];
+ System.arraycopy(iv, 0, this.iv, 0, iv.length);
+ }
+
+ if (additionalAuthenticatedData == null) {
+ this.additionalAuthenticatedData = null;
+ } else {
+ this.additionalAuthenticatedData = new byte[additionalAuthenticatedData.length];
+ System.arraycopy(additionalAuthenticatedData, 0, this.additionalAuthenticatedData, 0,
+ additionalAuthenticatedData.length);
+ }
+
+ if (authenticationTag == null) {
+ this.authenticationTag = null;
+ } else {
+ this.authenticationTag = new byte[authenticationTag.length];
+ System.arraycopy(authenticationTag, 0, this.authenticationTag, 0,
+ authenticationTag.length);
+ }
+ }
+
+ /**
+ * The algorithm to be used for encryption.
+ *
+ * @return The algorithm to be used for encryption.
+ */
+ public EncryptionAlgorithm getAlgorithm() {
+ return algorithm;
+ }
+
+ /**
+ * Get the content to be encrypted.
+ *
+ * @return The content to be encrypted.
+ */
+ public byte[] getCipherText() {
+ if (cipherText == null) {
+ return null;
+ } else {
+ return cipherText.clone();
+ }
+ }
+
+ /**
+ * Get the initialization vector to be used in the decryption operation using a symmetric algorithm.
+ *
+ * @return The initialization vector.
+ */
+ public byte[] getIv() {
+ if (iv == null) {
+ return null;
+ } else {
+ return iv.clone();
+ }
+ }
+
+ /**
+ * Get additional data to authenticate when performing decryption with an authenticated algorithm.
+ *
+ * @return The additional authenticated data.
+ */
+ public byte[] getAdditionalAuthenticatedData() {
+ if (additionalAuthenticatedData == null) {
+ return null;
+ } else {
+ return additionalAuthenticatedData.clone();
+ }
+ }
+
+ /**
+ * Get the tag to authenticate when performing decryption with an authenticated algorithm.
+ *
+ * @return The authentication tag.
+ */
+ public byte[] getAuthenticationTag() {
+ if (authenticationTag == null) {
+ return null;
+ } else {
+ return authenticationTag.clone();
+ }
+ }
+}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EcKeyCryptographyClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EcKeyCryptographyClient.java
index 89ddd9dc7e1af..89a18684f3304 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EcKeyCryptographyClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EcKeyCryptographyClient.java
@@ -13,8 +13,6 @@
import com.azure.security.keyvault.keys.cryptography.models.SignResult;
import com.azure.security.keyvault.keys.cryptography.models.VerifyResult;
import com.azure.security.keyvault.keys.cryptography.models.WrapResult;
-import com.azure.security.keyvault.keys.cryptography.options.DecryptOptions;
-import com.azure.security.keyvault.keys.cryptography.options.EncryptOptions;
import com.azure.security.keyvault.keys.models.JsonWebKey;
import reactor.core.publisher.Mono;
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EncryptOptions.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EncryptOptions.java
new file mode 100644
index 0000000000000..560e3470b6db1
--- /dev/null
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EncryptOptions.java
@@ -0,0 +1,330 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+package com.azure.security.keyvault.keys.cryptography;
+
+import com.azure.security.keyvault.keys.cryptography.models.EncryptionAlgorithm;
+
+import java.util.Objects;
+
+/**
+ * A class containing various configuration parameters that can be applied when performing encryption operations.
+ */
+public class EncryptOptions {
+ /**
+ * The algorithm to be used for encryption.
+ */
+ private final EncryptionAlgorithm algorithm;
+
+ /**
+ * The content to be encrypted.
+ */
+ private final byte[] plainText;
+
+ /**
+ * Initialization vector to be used in the encryption operation using a symmetric algorithm.
+ */
+ private final byte[] iv;
+
+ /**
+ * Get additional data to authenticate when performing encryption with an authenticated algorithm.
+ */
+ private final byte[] additionalAuthenticatedData;
+
+ /**
+ * Factory method to create an instance of {@link EncryptOptions} with the given parameters for
+ * {@link EncryptionAlgorithm#A128CBC}.
+ *
+ * @param plainText The content to be encryption.
+ * @return The {@link EncryptOptions}.
+ */
+ public static EncryptOptions createAes128CbcOptions(byte[] plainText) {
+ return createAes128CbcOptions(plainText, null);
+ }
+
+ /**
+ * Factory method to create an instance of {@link EncryptOptions} with the given parameters for
+ * {@link EncryptionAlgorithm#A128CBC}.
+ *
+ * @param plainText The content to be encryption.
+ * @param iv Initialization vector for the encryption operation.
+ * @return The {@link EncryptOptions}.
+ */
+ public static EncryptOptions createAes128CbcOptions(byte[] plainText, byte[] iv) {
+ return new EncryptOptions(EncryptionAlgorithm.A128CBC, plainText, iv, null);
+ }
+
+ /**
+ * Factory method to create an instance of {@link EncryptOptions} with the given parameters for
+ * {@link EncryptionAlgorithm#A128CBCPAD}.
+ *
+ * @param plainText The content to be encryption.
+ * @return The {@link EncryptOptions}.
+ */
+ public static EncryptOptions createAes128CbcPadOptions(byte[] plainText) {
+ return createAes128CbcPadOptions(plainText, null);
+ }
+
+ /**
+ * Factory method to create an instance of {@link EncryptOptions} with the given parameters for
+ * {@link EncryptionAlgorithm#A128CBCPAD}.
+ *
+ * @param plainText The content to be encryption.
+ * @param iv Initialization vector for the encryption operation.
+ * @return The {@link EncryptOptions}.
+ */
+ public static EncryptOptions createAes128CbcPadOptions(byte[] plainText, byte[] iv) {
+ return new EncryptOptions(EncryptionAlgorithm.A128CBCPAD, plainText, iv, null);
+ }
+
+ /**
+ * Factory method to create an instance of {@link EncryptOptions} with the given parameters for
+ * {@link EncryptionAlgorithm#A128GCM}.
+ *
+ * @param plainText The content to be encryption.
+ * @param iv Initialization vector for the encryption operation.
+ * @return The {@link EncryptOptions}.
+ */
+ public static EncryptOptions createAes128GcmOptions(byte[] plainText, byte[] iv) {
+ return createAes128GcmOptions(plainText, iv, null);
+ }
+
+ /**
+ * Factory method to create an instance of {@link EncryptOptions} with the given parameters for
+ * {@link EncryptionAlgorithm#A128GCM}.
+ *
+ * @param plainText The content to be encryption.
+ * @param iv Initialization vector for the encryption operation.
+ * @param additionalAuthenticatedData Additional data to authenticate when using authenticated crypto algorithms.
+ * @return The {@link EncryptOptions}.
+ */
+ public static EncryptOptions createAes128GcmOptions(byte[] plainText, byte[] iv,
+ byte[] additionalAuthenticatedData) {
+ return new EncryptOptions(EncryptionAlgorithm.A128GCM, plainText, iv, additionalAuthenticatedData);
+ }
+
+ /**
+ * Factory method to create an instance of {@link EncryptOptions} with the given parameters for
+ * {@link EncryptionAlgorithm#A192CBC}.
+ *
+ * @param plainText The content to be encryption.
+ * @return The {@link EncryptOptions}.
+ */
+ public static EncryptOptions createAes192CbcOptions(byte[] plainText) {
+ return createAes192CbcOptions(plainText, null);
+ }
+
+ /**
+ * Factory method to create an instance of {@link EncryptOptions} with the given parameters for
+ * {@link EncryptionAlgorithm#A192CBC}.
+ *
+ * @param plainText The content to be encryption.
+ * @param iv Initialization vector for the encryption operation.
+ * @return The {@link EncryptOptions}.
+ */
+ public static EncryptOptions createAes192CbcOptions(byte[] plainText, byte[] iv) {
+ return new EncryptOptions(EncryptionAlgorithm.A192CBC, plainText, iv, null);
+ }
+
+ /**
+ * Factory method to create an instance of {@link EncryptOptions} with the given parameters for
+ * {@link EncryptionAlgorithm#A192CBCPAD}.
+ *
+ * @param plainText The content to be encryption.
+ * @return The {@link EncryptOptions}.
+ */
+ public static EncryptOptions createAes192CbcPadOptions(byte[] plainText) {
+ return createAes192CbcPadOptions(plainText, null);
+ }
+
+ /**
+ * Factory method to create an instance of {@link EncryptOptions} with the given parameters for
+ * {@link EncryptionAlgorithm#A192CBCPAD}.
+ *
+ * @param plainText The content to be encryption.
+ * @param iv Initialization vector for the encryption operation.
+ * @return The {@link EncryptOptions}.
+ */
+ public static EncryptOptions createAes192CbcPadOptions(byte[] plainText, byte[] iv) {
+ return new EncryptOptions(EncryptionAlgorithm.A192CBCPAD, plainText, iv, null);
+ }
+
+ /**
+ * Factory method to create an instance of {@link EncryptOptions} with the given parameters for
+ * {@link EncryptionAlgorithm#A192GCM}.
+ *
+ * @param plainText The content to be encryption.
+ * @param iv Initialization vector for the encryption operation.
+ * @return The {@link EncryptOptions}.
+ */
+ public static EncryptOptions createAes192GcmOptions(byte[] plainText, byte[] iv) {
+ return createAes192GcmOptions(plainText, iv, null);
+ }
+
+ /**
+ * Factory method to create an instance of {@link EncryptOptions} with the given parameters for
+ * {@link EncryptionAlgorithm#A192GCM}.
+ *
+ * @param plainText The content to be encryption.
+ * @param iv Initialization vector for the encryption operation.
+ * @param additionalAuthenticatedData Additional data to authenticate when using authenticated crypto algorithms.
+ * @return The {@link EncryptOptions}.
+ */
+ public static EncryptOptions createAes192GcmOptions(byte[] plainText, byte[] iv,
+ byte[] additionalAuthenticatedData) {
+ return new EncryptOptions(EncryptionAlgorithm.A192GCM, plainText, iv, additionalAuthenticatedData);
+ }
+
+ /**
+ * Factory method to create an instance of {@link EncryptOptions} with the given parameters for
+ * {@link EncryptionAlgorithm#A256CBC}.
+ *
+ * @param plainText The content to be encryption.
+ * @return The {@link EncryptOptions}.
+ */
+ public static EncryptOptions createAes256CbcOptions(byte[] plainText) {
+ return createAes256CbcOptions(plainText, null);
+ }
+
+ /**
+ * Factory method to create an instance of {@link EncryptOptions} with the given parameters for
+ * {@link EncryptionAlgorithm#A256CBC}.
+ *
+ * @param plainText The content to be encryption.
+ * @param iv Initialization vector for the encryption operation.
+ * @return The {@link EncryptOptions}.
+ */
+ public static EncryptOptions createAes256CbcOptions(byte[] plainText, byte[] iv) {
+ return new EncryptOptions(EncryptionAlgorithm.A256CBC, plainText, iv, null);
+ }
+
+ /**
+ * Factory method to create an instance of {@link EncryptOptions} with the given parameters for
+ * {@link EncryptionAlgorithm#A256CBCPAD}.
+ *
+ * @param plainText The content to be encryption.
+ * @return The {@link EncryptOptions}.
+ */
+ public static EncryptOptions createAes256CbcPadOptions(byte[] plainText) {
+ return createAes256CbcPadOptions(plainText, null);
+ }
+
+ /**
+ * Factory method to create an instance of {@link EncryptOptions} with the given parameters for
+ * {@link EncryptionAlgorithm#A256CBCPAD}.
+ *
+ * @param plainText The content to be encryption.
+ * @param iv Initialization vector for the encryption operation.
+ * @return The {@link EncryptOptions}.
+ */
+ public static EncryptOptions createAes256CbcPadOptions(byte[] plainText, byte[] iv) {
+ return new EncryptOptions(EncryptionAlgorithm.A256CBCPAD, plainText, iv, null);
+ }
+
+ /**
+ * Factory method to create an instance of {@link EncryptOptions} with the given parameters for
+ * {@link EncryptionAlgorithm#A256GCM}.
+ *
+ * @param plainText The content to be encryption.
+ * @param iv Initialization vector for the encryption operation.
+ * @return The {@link EncryptOptions}.
+ */
+ public static EncryptOptions createAes256GcmOptions(byte[] plainText, byte[] iv) {
+ return createAes256GcmOptions(plainText, iv, null);
+ }
+
+ /**
+ * Factory method to create an instance of {@link EncryptOptions} with the given parameters for
+ * {@link EncryptionAlgorithm#A256GCM}.
+ *
+ * @param plainText The content to be encryption.
+ * @param iv Initialization vector for the encryption operation.
+ * @param additionalAuthenticatedData Additional data to authenticate when using authenticated crypto algorithms.
+ * @return The {@link EncryptOptions}.
+ */
+ public static EncryptOptions createAes256GcmOptions(byte[] plainText, byte[] iv,
+ byte[] additionalAuthenticatedData) {
+ return new EncryptOptions(EncryptionAlgorithm.A256GCM, plainText, iv, additionalAuthenticatedData);
+ }
+
+ /**
+ * Creates an instance of {@link EncryptOptions} with the given parameters.
+ *
+ * @param algorithm The algorithm to be used for encryption.
+ * @param plainText The content to be encrypted.
+ * @param iv Initialization vector for the encryption operation.
+ * @param additionalAuthenticatedData Additional data to authenticate when using authenticated crypto algorithms.
+ */
+ EncryptOptions(EncryptionAlgorithm algorithm, byte[] plainText, byte[] iv,
+ byte[] additionalAuthenticatedData) {
+ Objects.requireNonNull(plainText, "'plaintext' cannot be null");
+
+ this.algorithm = algorithm;
+ this.plainText = new byte[plainText.length];
+
+ System.arraycopy(plainText, 0, this.plainText, 0, plainText.length);
+
+ if (iv == null) {
+ this.iv = null;
+ } else {
+ this.iv = new byte[iv.length];
+ System.arraycopy(iv, 0, this.iv, 0, iv.length);
+ }
+
+ if (additionalAuthenticatedData == null) {
+ this.additionalAuthenticatedData = null;
+ } else {
+ this.additionalAuthenticatedData = new byte[additionalAuthenticatedData.length];
+ System.arraycopy(additionalAuthenticatedData, 0, this.additionalAuthenticatedData, 0,
+ additionalAuthenticatedData.length);
+ }
+ }
+
+ /**
+ * The algorithm to be used for encryption.
+ *
+ * @return The algorithm to be used for encryption.
+ */
+ public EncryptionAlgorithm getAlgorithm() {
+ return algorithm;
+ }
+
+ /**
+ * Get the content to be encrypted.
+ *
+ * @return The content to be encrypted.
+ */
+ public byte[] getPlainText() {
+ if (plainText == null) {
+ return null;
+ } else {
+ return plainText.clone();
+ }
+ }
+
+ /**
+ * Get the initialization vector to be used in the encryption operation using a symmetric algorithm.
+ *
+ * @return The initialization vector.
+ */
+ public byte[] getIv() {
+ if (iv == null) {
+ return null;
+ } else {
+ return iv.clone();
+ }
+ }
+
+ /**
+ * Get additional data to authenticate when performing encryption with an authenticated algorithm.
+ *
+ * @return The additional authenticated data.
+ */
+ public byte[] getAdditionalAuthenticatedData() {
+ if (additionalAuthenticatedData == null) {
+ return null;
+ } else {
+ return additionalAuthenticatedData.clone();
+ }
+ }
+}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClient.java
index 060ae98a1b365..b8f174d1df5ef 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClient.java
@@ -12,8 +12,6 @@
import com.azure.security.keyvault.keys.cryptography.models.UnwrapResult;
import com.azure.security.keyvault.keys.cryptography.models.VerifyResult;
import com.azure.security.keyvault.keys.cryptography.models.WrapResult;
-import com.azure.security.keyvault.keys.cryptography.options.DecryptOptions;
-import com.azure.security.keyvault.keys.cryptography.options.EncryptOptions;
import com.azure.security.keyvault.keys.models.JsonWebKey;
import reactor.core.publisher.Mono;
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClient.java
index 3e6ec67a3d334..0dc23643c0e34 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClient.java
@@ -12,8 +12,6 @@
import com.azure.security.keyvault.keys.cryptography.models.UnwrapResult;
import com.azure.security.keyvault.keys.cryptography.models.VerifyResult;
import com.azure.security.keyvault.keys.cryptography.models.WrapResult;
-import com.azure.security.keyvault.keys.cryptography.options.DecryptOptions;
-import com.azure.security.keyvault.keys.cryptography.options.EncryptOptions;
/**
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalKeyCryptographyClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalKeyCryptographyClient.java
index 0de8b8259e08b..83ce109bf0e44 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalKeyCryptographyClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalKeyCryptographyClient.java
@@ -12,8 +12,6 @@
import com.azure.security.keyvault.keys.cryptography.models.SignResult;
import com.azure.security.keyvault.keys.cryptography.models.VerifyResult;
import com.azure.security.keyvault.keys.cryptography.models.WrapResult;
-import com.azure.security.keyvault.keys.cryptography.options.DecryptOptions;
-import com.azure.security.keyvault.keys.cryptography.options.EncryptOptions;
import com.azure.security.keyvault.keys.models.JsonWebKey;
import reactor.core.publisher.Mono;
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/RsaKeyCryptographyClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/RsaKeyCryptographyClient.java
index 719d0098db955..e6a3d34ee6cbf 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/RsaKeyCryptographyClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/RsaKeyCryptographyClient.java
@@ -15,8 +15,6 @@
import com.azure.security.keyvault.keys.cryptography.models.SignResult;
import com.azure.security.keyvault.keys.cryptography.models.VerifyResult;
import com.azure.security.keyvault.keys.cryptography.models.WrapResult;
-import com.azure.security.keyvault.keys.cryptography.options.DecryptOptions;
-import com.azure.security.keyvault.keys.cryptography.options.EncryptOptions;
import com.azure.security.keyvault.keys.models.JsonWebKey;
import reactor.core.publisher.Mono;
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/SymmetricKeyCryptographyClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/SymmetricKeyCryptographyClient.java
index f8fdb524165d3..5879183b4126d 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/SymmetricKeyCryptographyClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/SymmetricKeyCryptographyClient.java
@@ -14,8 +14,6 @@
import com.azure.security.keyvault.keys.cryptography.models.SignatureAlgorithm;
import com.azure.security.keyvault.keys.cryptography.models.SignResult;
import com.azure.security.keyvault.keys.cryptography.models.VerifyResult;
-import com.azure.security.keyvault.keys.cryptography.options.DecryptOptions;
-import com.azure.security.keyvault.keys.cryptography.options.EncryptOptions;
import com.azure.security.keyvault.keys.models.JsonWebKey;
import reactor.core.publisher.Mono;
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/AesCbcDecryptOptions.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/AesCbcDecryptOptions.java
deleted file mode 100644
index 81ac367530be4..0000000000000
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/AesCbcDecryptOptions.java
+++ /dev/null
@@ -1,39 +0,0 @@
-// Copyright (c) Microsoft Corporation. All rights reserved.
-// Licensed under the MIT License.
-
-package com.azure.security.keyvault.keys.cryptography.options;
-
-import com.azure.security.keyvault.keys.cryptography.models.EncryptionAlgorithm;
-
-/**
- * A class containing configuration parameters that can be applied when decrypting AES-CBC keys with and without
- * padding.
- */
-public class AesCbcDecryptOptions extends DecryptOptions {
- /**
- * Creates an instance of {@link AesCbcDecryptOptions} with the given parameters.
- *
- * @param algorithm The algorithm to be used for decryption.
- * @param ciphertext The content to be decrypted.
- */
- AesCbcDecryptOptions(EncryptionAlgorithm algorithm, byte[] ciphertext) {
- super(algorithm, ciphertext);
- }
-
- /**
- * Set the given initialization vector to be used in this decryption operation.
- *
- * @param iv Initialization vector for the decryption operation.
- * @return The updated {@link AesCbcDecryptOptions} object.
- */
- public AesCbcDecryptOptions setIv(byte[] iv) {
- if (iv == null) {
- this.iv = null;
- } else {
- this.iv = new byte[iv.length];
- System.arraycopy(iv, 0, this.iv, 0, iv.length);
- }
-
- return this;
- }
-}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/AesCbcEncryptOptions.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/AesCbcEncryptOptions.java
deleted file mode 100644
index 82dec9beda24d..0000000000000
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/AesCbcEncryptOptions.java
+++ /dev/null
@@ -1,39 +0,0 @@
-// Copyright (c) Microsoft Corporation. All rights reserved.
-// Licensed under the MIT License.
-
-package com.azure.security.keyvault.keys.cryptography.options;
-
-import com.azure.security.keyvault.keys.cryptography.models.EncryptionAlgorithm;
-
-/**
- * A class containing configuration parameters that can be applied when encrypting AES-CBC keys with and without
- * padding.
- */
-public class AesCbcEncryptOptions extends EncryptOptions {
- /**
- * Creates an instance of {@link AesCbcEncryptOptions} with the given parameters.
- *
- * @param algorithm The algorithm to be used for encryption.
- * @param plaintext The content to be encrypted.
- */
- AesCbcEncryptOptions(EncryptionAlgorithm algorithm, byte[] plaintext) {
- super(algorithm, plaintext);
- }
-
- /**
- * Set the given initialization vector to be used in this encryption operation.
- *
- * @param iv Initialization vector for the encryption operation.
- * @return The updated {@link AesCbcEncryptOptions} object.
- */
- public AesCbcEncryptOptions setIv(byte[] iv) {
- if (iv == null) {
- this.iv = null;
- } else {
- this.iv = new byte[iv.length];
- System.arraycopy(iv, 0, this.iv, 0, iv.length);
- }
-
- return this;
- }
-}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/AesGcmDecryptOptions.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/AesGcmDecryptOptions.java
deleted file mode 100644
index 003ab82fee95a..0000000000000
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/AesGcmDecryptOptions.java
+++ /dev/null
@@ -1,65 +0,0 @@
-// Copyright (c) Microsoft Corporation. All rights reserved.
-// Licensed under the MIT License.
-
-package com.azure.security.keyvault.keys.cryptography.options;
-
-import com.azure.security.keyvault.keys.cryptography.models.EncryptionAlgorithm;
-
-/**
- * A class containing configuration parameters that can be applied when decrypting AES-GCM keys.
- */
-public class AesGcmDecryptOptions extends DecryptOptions {
- /**
- * Creates an instance of {@link AesGcmDecryptOptions} with the given parameters.
- *
- * @param algorithm The algorithm to be used for decryption.
- * @param ciphertext The content to be decrypted.
- * @param iv Initialization vector for the decryption operation.
- */
- AesGcmDecryptOptions(EncryptionAlgorithm algorithm, byte[] ciphertext, byte[] iv) {
- super(algorithm, ciphertext);
-
- if (iv == null) {
- this.iv = null;
- } else {
- this.iv = new byte[iv.length];
- System.arraycopy(iv, 0, this.iv, 0, iv.length);
- }
- }
-
- /**
- * Set additional data to authenticate when using authenticated crypto algorithms.
- *
- * @param additionalAuthenticatedData Additional data to authenticate when using authenticated crypto algorithms.
- * @return The updated {@link AesGcmDecryptOptions} object.
- */
- public AesGcmDecryptOptions setAdditionalAuthenticatedData(byte[] additionalAuthenticatedData) {
- if (additionalAuthenticatedData == null) {
- this.additionalAuthenticatedData = null;
- } else {
- this.additionalAuthenticatedData = new byte[additionalAuthenticatedData.length];
- System.arraycopy(additionalAuthenticatedData, 0, this.additionalAuthenticatedData, 0,
- additionalAuthenticatedData.length);
- }
-
- return this;
- }
-
- /**
- * Set the tag to authenticate when performing decryption.
- *
- * @param authenticationTag The tag to authenticate when performing decryption.
- * @return The updated {@link AesGcmDecryptOptions} object.
- */
- public AesGcmDecryptOptions setAuthenticationTag(byte[] authenticationTag) {
- if (authenticationTag == null) {
- this.authenticationTag = null;
- } else {
- this.authenticationTag = new byte[authenticationTag.length];
- System.arraycopy(authenticationTag, 0, this.authenticationTag, 0,
- authenticationTag.length);
- }
-
- return this;
- }
-}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/AesGcmEncryptOptions.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/AesGcmEncryptOptions.java
deleted file mode 100644
index da62fa804706b..0000000000000
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/AesGcmEncryptOptions.java
+++ /dev/null
@@ -1,47 +0,0 @@
-// Copyright (c) Microsoft Corporation. All rights reserved.
-// Licensed under the MIT License.
-
-package com.azure.security.keyvault.keys.cryptography.options;
-
-import com.azure.security.keyvault.keys.cryptography.models.EncryptionAlgorithm;
-
-/**
- * A class containing configuration parameters that can be applied when encrypting AES-GCM keys.
- */
-public class AesGcmEncryptOptions extends EncryptOptions {
- /**
- * Creates an instance of {@link AesGcmEncryptOptions} with the given parameters.
- *
- * @param algorithm The algorithm to be used for encryption.
- * @param ciphertext The content to be encrypted.
- * @param iv Initialization vector for the encryption operation.
- */
- AesGcmEncryptOptions(EncryptionAlgorithm algorithm, byte[] ciphertext, byte[] iv) {
- super(algorithm, ciphertext);
-
- if (iv == null) {
- this.iv = null;
- } else {
- this.iv = new byte[iv.length];
- System.arraycopy(iv, 0, this.iv, 0, iv.length);
- }
- }
-
- /**
- * Set additional data to authenticate when using authenticated crypto algorithms.
- *
- * @param additionalAuthenticatedData Additional data to authenticate when using authenticated crypto algorithms.
- * @return The updated {@link AesGcmEncryptOptions} object.
- */
- public AesGcmEncryptOptions setAdditionalAuthenticatedData(byte[] additionalAuthenticatedData) {
- if (additionalAuthenticatedData == null) {
- this.additionalAuthenticatedData = null;
- } else {
- this.additionalAuthenticatedData = new byte[additionalAuthenticatedData.length];
- System.arraycopy(additionalAuthenticatedData, 0, this.additionalAuthenticatedData, 0,
- additionalAuthenticatedData.length);
- }
-
- return this;
- }
-}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/DecryptOptions.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/DecryptOptions.java
deleted file mode 100644
index 1a8573efe236e..0000000000000
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/DecryptOptions.java
+++ /dev/null
@@ -1,148 +0,0 @@
-// Copyright (c) Microsoft Corporation. All rights reserved.
-// Licensed under the MIT License.
-
-package com.azure.security.keyvault.keys.cryptography.options;
-
-import com.azure.security.keyvault.keys.cryptography.models.EncryptionAlgorithm;
-
-import java.util.Objects;
-
-/**
- * A class containing various configuration parameters that can be applied when performing decryption operations.
- */
-public class DecryptOptions {
- /**
- * The algorithm to be used for decryption.
- */
- final EncryptionAlgorithm algorithm;
-
- /**
- * The content to be decrypted.
- */
- final byte[] cipherText;
-
- /**
- * Initialization vector to be used in the decryption operation using a symmetric algorithm.
- */
- byte[] iv;
-
- /**
- * Get additional data to authenticate when performing decryption with an authenticated algorithm.
- */
- byte[] additionalAuthenticatedData;
-
- /**
- * The tag to authenticate when performing decryption with an authenticated algorithm.
- */
- byte[] authenticationTag;
-
- /**
- * Factory method to create an instance of {@link DecryptOptions} with the given parameters.
- *
- * @param algorithm The algorithm to be used for decryption.
- * @param ciphertext The content to be decrypted.
- * @return The {@link DecryptOptions}.
- */
- public static DecryptOptions createOptions(EncryptionAlgorithm algorithm, byte[] ciphertext) {
- return new DecryptOptions(algorithm, ciphertext);
- }
-
- /**
- * Factory method to create an instance of {@link AesCbcDecryptOptions} with the given parameters.
- *
- * @param algorithm The algorithm to be used for decryption.
- * @param ciphertext The content to be decrypted.
- * @return The {@link AesCbcDecryptOptions}.
- */
- public static AesCbcDecryptOptions createAesCbcOptions(EncryptionAlgorithm algorithm, byte[] ciphertext) {
- return new AesCbcDecryptOptions(algorithm, ciphertext);
- }
-
- /**
- * Factory method to create an instance of {@link AesGcmDecryptOptions} with the given parameters.
- *
- * @param algorithm The algorithm to be used for decryption.
- * @param ciphertext The content to be decrypted.
- * @param iv Initialization vector for the decryption operation.
- * @return The {@link AesGcmDecryptOptions}.
- */
- public static AesGcmDecryptOptions createAesGcmOptions(EncryptionAlgorithm algorithm, byte[] ciphertext, byte[] iv) {
- return new AesGcmDecryptOptions(algorithm, ciphertext, iv);
- }
-
- /**
- * Creates an instance of {@link DecryptOptions} with the given parameters.
- *
- * @param algorithm The algorithm to be used for decryption.
- * @param cipherText The content to be decrypted.
- */
- DecryptOptions(EncryptionAlgorithm algorithm, byte[] cipherText) {
- Objects.requireNonNull(algorithm, "'algorithm cannot be null'");
- Objects.requireNonNull(cipherText, "'ciphertext' cannot be null");
-
- this.algorithm = algorithm;
- this.cipherText = new byte[cipherText.length];
- System.arraycopy(cipherText, 0, this.cipherText, 0, cipherText.length);
- }
-
- /**
- * The algorithm to be used for encryption.
- *
- * @return The algorithm to be used for encryption.
- */
- public EncryptionAlgorithm getAlgorithm() {
- return algorithm;
- }
-
- /**
- * Get the content to be encrypted.
- *
- * @return The content to be encrypted.
- */
- public byte[] getCipherText() {
- if (cipherText == null) {
- return null;
- } else {
- return cipherText.clone();
- }
- }
-
- /**
- * Get the initialization vector to be used in the decryption operation using a symmetric algorithm.
- *
- * @return The initialization vector.
- */
- public byte[] getIv() {
- if (iv == null) {
- return null;
- } else {
- return iv.clone();
- }
- }
-
- /**
- * Get additional data to authenticate when performing decryption with an authenticated algorithm.
- *
- * @return The additional authenticated data.
- */
- public byte[] getAdditionalAuthenticatedData() {
- if (additionalAuthenticatedData == null) {
- return null;
- } else {
- return additionalAuthenticatedData.clone();
- }
- }
-
- /**
- * Get the tag to authenticate when performing decryption with an authenticated algorithm.
- *
- * @return The authentication tag.
- */
- public byte[] getAuthenticationTag() {
- if (authenticationTag == null) {
- return null;
- } else {
- return authenticationTag.clone();
- }
- }
-}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/EncryptOptions.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/EncryptOptions.java
deleted file mode 100644
index 64db353a689ab..0000000000000
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/EncryptOptions.java
+++ /dev/null
@@ -1,130 +0,0 @@
-// Copyright (c) Microsoft Corporation. All rights reserved.
-// Licensed under the MIT License.
-
-package com.azure.security.keyvault.keys.cryptography.options;
-
-import com.azure.security.keyvault.keys.cryptography.models.EncryptionAlgorithm;
-
-import java.util.Objects;
-
-/**
- * A class containing various configuration parameters that can be applied when performing encryption operations.
- */
-public class EncryptOptions {
- /**
- * The algorithm to be used for encryption.
- */
- final EncryptionAlgorithm algorithm;
-
- /**
- * The content to be encrypted.
- */
- final byte[] plainText;
-
- /**
- * Initialization vector to be used in the encryption operation using a symmetric algorithm.
- */
- byte[] iv;
-
- /**
- * Get additional data to authenticate when performing encryption with an authenticated algorithm.
- */
- byte[] additionalAuthenticatedData;
-
- /**
- * Factory method to create an instance of {@link EncryptOptions} with the given parameters.
- *
- * @param algorithm The algorithm to be used for encryption.
- * @param plaintext The content to be encryption.
- * @return The {@link EncryptOptions}.
- */
- public static EncryptOptions createOptions(EncryptionAlgorithm algorithm, byte[] plaintext) {
- return new EncryptOptions(algorithm, plaintext);
- }
-
- /**
- * Factory method to create an instance of {@link AesCbcEncryptOptions} with the given parameters.
- *
- * @param algorithm The algorithm to be used for encryption.
- * @param plaintext The content to be encryption.
- * @return The {@link AesCbcEncryptOptions}.
- */
- public static AesCbcEncryptOptions createAesCbcOptions(EncryptionAlgorithm algorithm, byte[] plaintext) {
- return new AesCbcEncryptOptions(algorithm, plaintext);
- }
-
- /**
- * Factory method to create an instance of {@link AesGcmEncryptOptions} with the given parameters.
- *
- * @param algorithm The algorithm to be used for encryption.
- * @param plaintext The content to be encryption.
- * @param iv Initialization vector for the encryption operation.
- * @return The {@link AesGcmEncryptOptions}.
- */
- public static AesGcmEncryptOptions createAesGcmOptions(EncryptionAlgorithm algorithm, byte[] plaintext, byte[] iv) {
- return new AesGcmEncryptOptions(algorithm, plaintext, iv);
- }
-
- /**
- * Creates an instance of {@link EncryptOptions} with the given parameters.
- *
- * @param algorithm The algorithm to be used for encryption.
- * @param plainText The content to be encrypted.
- */
- EncryptOptions(EncryptionAlgorithm algorithm, byte[] plainText) {
- Objects.requireNonNull(algorithm, "'algorithm cannot be null'");
- Objects.requireNonNull(plainText, "'plaintext' cannot be null");
-
- this.algorithm = algorithm;
- this.plainText = new byte[plainText.length];
- System.arraycopy(plainText, 0, this.plainText, 0, plainText.length);
- }
-
- /**
- * The algorithm to be used for encryption.
- *
- * @return The algorithm to be used for encryption.
- */
- public EncryptionAlgorithm getAlgorithm() {
- return algorithm;
- }
-
- /**
- * Get the content to be encrypted.
- *
- * @return The content to be encrypted.
- */
- public byte[] getPlainText() {
- if (plainText == null) {
- return null;
- } else {
- return plainText.clone();
- }
- }
-
- /**
- * Get the initialization vector to be used in the encryption operation using a symmetric algorithm.
- *
- * @return The initialization vector.
- */
- public byte[] getIv() {
- if (iv == null) {
- return null;
- } else {
- return iv.clone();
- }
- }
-
- /**
- * Get additional data to authenticate when performing encryption with an authenticated algorithm.
- *
- * @return The additional authenticated data.
- */
- public byte[] getAdditionalAuthenticatedData() {
- if (additionalAuthenticatedData == null) {
- return null;
- } else {
- return additionalAuthenticatedData.clone();
- }
- }
-}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/package-info.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/package-info.java
deleted file mode 100644
index a5f252b7b3e5c..0000000000000
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/options/package-info.java
+++ /dev/null
@@ -1,8 +0,0 @@
-// Copyright (c) Microsoft Corporation. All rights reserved.
-// Licensed under the MIT License.
-
-/**
- * Package containing classes used for representing options for encryption, decryption, signing, verifying, key wrapping
- * and unwrapping operations.
- */
-package com.azure.security.keyvault.keys.cryptography.options;
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/module-info.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/module-info.java
index 03c02ebdfe946..35421e19f8e0f 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/module-info.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/module-info.java
@@ -9,7 +9,6 @@
exports com.azure.security.keyvault.keys;
exports com.azure.security.keyvault.keys.cryptography;
exports com.azure.security.keyvault.keys.cryptography.models;
- exports com.azure.security.keyvault.keys.cryptography.options;
exports com.azure.security.keyvault.keys.models;
opens com.azure.security.keyvault.keys to com.fasterxml.jackson.databind;
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/CryptographyAsyncClientJavaDocCodeSnippets.java b/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/CryptographyAsyncClientJavaDocCodeSnippets.java
index bcaebac85c701..25a7592786412 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/CryptographyAsyncClientJavaDocCodeSnippets.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/CryptographyAsyncClientJavaDocCodeSnippets.java
@@ -12,8 +12,6 @@
import com.azure.core.http.policy.RetryPolicy;
import com.azure.identity.DefaultAzureCredentialBuilder;
import com.azure.security.keyvault.keys.KeyAsyncClient;
-import com.azure.security.keyvault.keys.cryptography.options.DecryptOptions;
-import com.azure.security.keyvault.keys.cryptography.options.EncryptOptions;
import com.azure.security.keyvault.keys.implementation.KeyVaultCredentialPolicy;
import com.azure.security.keyvault.keys.cryptography.models.EncryptionAlgorithm;
import com.azure.security.keyvault.keys.cryptography.models.KeyWrapAlgorithm;
@@ -134,9 +132,7 @@ public void encrypt() {
(byte) 0x1a, (byte) 0xf3, (byte) 0x8c, (byte) 0x2d, (byte) 0xc2, (byte) 0xb9, (byte) 0x6f, (byte) 0xfd,
(byte) 0xd8, (byte) 0x66, (byte) 0x94, (byte) 0x09, (byte) 0x23, (byte) 0x41, (byte) 0xbc, (byte) 0x04
};
-
- EncryptOptions encryptOptions = EncryptOptions.createAesCbcOptions(EncryptionAlgorithm.A128CBC, plainTextBytes)
- .setIv(iv);
+ EncryptOptions encryptOptions = EncryptOptions.createAes128CbcOptions(plainTextBytes, iv);
cryptographyAsyncClient.encrypt(encryptOptions)
.subscriberContext(reactor.util.context.Context.of(key1, value1, key2, value2))
@@ -173,9 +169,7 @@ public void decrypt() {
(byte) 0x1a, (byte) 0xf3, (byte) 0x8c, (byte) 0x2d, (byte) 0xc2, (byte) 0xb9, (byte) 0x6f, (byte) 0xfd,
(byte) 0xd8, (byte) 0x66, (byte) 0x94, (byte) 0x09, (byte) 0x23, (byte) 0x41, (byte) 0xbc, (byte) 0x04
};
-
- DecryptOptions decryptOptions = DecryptOptions.createAesCbcOptions(EncryptionAlgorithm.A128CBC, cipherTextBytes)
- .setIv(iv);
+ DecryptOptions decryptOptions = DecryptOptions.createAes128CbcOptions(cipherTextBytes, iv);
cryptographyAsyncClient.decrypt(decryptOptions)
.subscriberContext(reactor.util.context.Context.of(key1, value1, key2, value2))
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/CryptographyClientJavaDocCodeSnippets.java b/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/CryptographyClientJavaDocCodeSnippets.java
index aeef0b76dee4f..533907acf8b30 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/CryptographyClientJavaDocCodeSnippets.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/CryptographyClientJavaDocCodeSnippets.java
@@ -16,8 +16,6 @@
import com.azure.security.keyvault.keys.cryptography.models.SignResult;
import com.azure.security.keyvault.keys.cryptography.models.VerifyResult;
import com.azure.security.keyvault.keys.cryptography.models.WrapResult;
-import com.azure.security.keyvault.keys.cryptography.options.DecryptOptions;
-import com.azure.security.keyvault.keys.cryptography.options.EncryptOptions;
import com.azure.security.keyvault.keys.models.KeyVaultKey;
import java.security.MessageDigest;
@@ -110,10 +108,7 @@ public void encrypt() {
(byte) 0x1a, (byte) 0xf3, (byte) 0x8c, (byte) 0x2d, (byte) 0xc2, (byte) 0xb9, (byte) 0x6f, (byte) 0xfd,
(byte) 0xd8, (byte) 0x66, (byte) 0x94, (byte) 0x09, (byte) 0x23, (byte) 0x41, (byte) 0xbc, (byte) 0x04
};
-
- EncryptOptions encryptOptions = EncryptOptions.createAesCbcOptions(EncryptionAlgorithm.A128CBC, myPlainText)
- .setIv(iv);
-
+ EncryptOptions encryptOptions = EncryptOptions.createAes128CbcOptions(myPlainText, iv);
EncryptResult encryptedResult = cryptographyClient.encrypt(encryptOptions, new Context(key1, value1));
System.out.printf("Received encrypted content of length %d with algorithm %s \n",
@@ -159,10 +154,7 @@ public void decrypt() {
(byte) 0x1a, (byte) 0xf3, (byte) 0x8c, (byte) 0x2d, (byte) 0xc2, (byte) 0xb9, (byte) 0x6f, (byte) 0xfd,
(byte) 0xd8, (byte) 0x66, (byte) 0x94, (byte) 0x09, (byte) 0x23, (byte) 0x41, (byte) 0xbc, (byte) 0x04
};
-
- DecryptOptions decryptOptions = DecryptOptions.createAesCbcOptions(EncryptionAlgorithm.A128CBC, myCipherText)
- .setIv(iv);
-
+ DecryptOptions decryptOptions = DecryptOptions.createAes128CbcOptions(myCipherText, iv);
DecryptResult decryptedResult = cryptographyClient.decrypt(decryptOptions, new Context(key1, value1));
System.out.printf("Received decrypted content of length %d\n", decryptedResult.getPlainText().length);
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClientJavaDocCodeSnippets.java b/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClientJavaDocCodeSnippets.java
index 8ebbd79e84c91..271c35b0b3a33 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClientJavaDocCodeSnippets.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClientJavaDocCodeSnippets.java
@@ -7,8 +7,6 @@
import com.azure.security.keyvault.keys.cryptography.models.EncryptionAlgorithm;
import com.azure.security.keyvault.keys.cryptography.models.KeyWrapAlgorithm;
import com.azure.security.keyvault.keys.cryptography.models.SignatureAlgorithm;
-import com.azure.security.keyvault.keys.cryptography.options.DecryptOptions;
-import com.azure.security.keyvault.keys.cryptography.options.EncryptOptions;
import com.azure.security.keyvault.keys.models.JsonWebKey;
import java.security.MessageDigest;
@@ -64,8 +62,7 @@ public void encrypt() {
(byte) 0x1a, (byte) 0xf3, (byte) 0x8c, (byte) 0x2d, (byte) 0xc2, (byte) 0xb9, (byte) 0x6f, (byte) 0xfd,
(byte) 0xd8, (byte) 0x66, (byte) 0x94, (byte) 0x09, (byte) 0x23, (byte) 0x41, (byte) 0xbc, (byte) 0x04
};
- EncryptOptions encryptOptions = EncryptOptions.createAesCbcOptions(EncryptionAlgorithm.A128CBC, plainTextBytes)
- .setIv(iv);
+ EncryptOptions encryptOptions = EncryptOptions.createAes128CbcOptions(plainTextBytes, iv);
cryptographyAsyncClient.encrypt(encryptOptions)
.subscriberContext(reactor.util.context.Context.of(key1, value1, key2, value2))
@@ -97,8 +94,7 @@ public void decrypt() {
(byte) 0x1a, (byte) 0xf3, (byte) 0x8c, (byte) 0x2d, (byte) 0xc2, (byte) 0xb9, (byte) 0x6f, (byte) 0xfd,
(byte) 0xd8, (byte) 0x66, (byte) 0x94, (byte) 0x09, (byte) 0x23, (byte) 0x41, (byte) 0xbc, (byte) 0x04
};
- DecryptOptions decryptOptions = DecryptOptions.createAesCbcOptions(EncryptionAlgorithm.A128CBC, plainTextBytes)
- .setIv(iv);
+ DecryptOptions decryptOptions = DecryptOptions.createAes128CbcOptions(plainTextBytes, iv);
cryptographyAsyncClient.decrypt(decryptOptions)
.subscriberContext(reactor.util.context.Context.of(key1, value1, key2, value2))
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClientJavaDocCodeSnippets.java b/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClientJavaDocCodeSnippets.java
index c16f6601a6066..6cefc6c630743 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClientJavaDocCodeSnippets.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/samples/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClientJavaDocCodeSnippets.java
@@ -13,8 +13,6 @@
import com.azure.security.keyvault.keys.cryptography.models.UnwrapResult;
import com.azure.security.keyvault.keys.cryptography.models.VerifyResult;
import com.azure.security.keyvault.keys.cryptography.models.WrapResult;
-import com.azure.security.keyvault.keys.cryptography.options.DecryptOptions;
-import com.azure.security.keyvault.keys.cryptography.options.EncryptOptions;
import com.azure.security.keyvault.keys.models.JsonWebKey;
import java.security.MessageDigest;
@@ -67,8 +65,7 @@ public void encrypt() {
(byte) 0x1a, (byte) 0xf3, (byte) 0x8c, (byte) 0x2d, (byte) 0xc2, (byte) 0xb9, (byte) 0x6f, (byte) 0xfd,
(byte) 0xd8, (byte) 0x66, (byte) 0x94, (byte) 0x09, (byte) 0x23, (byte) 0x41, (byte) 0xbc, (byte) 0x04
};
- EncryptOptions encryptOptions = EncryptOptions.createAesCbcOptions(EncryptionAlgorithm.RSA_OAEP, plainTextBytes)
- .setIv(iv);
+ EncryptOptions encryptOptions = EncryptOptions.createAes128CbcOptions(plainTextBytes, iv);
EncryptResult encryptedResult = cryptographyClient.encrypt(encryptOptions);
System.out.printf("Received encrypted content of length %d with algorithm %s \n",
@@ -96,8 +93,7 @@ public void decrypt() {
(byte) 0x1a, (byte) 0xf3, (byte) 0x8c, (byte) 0x2d, (byte) 0xc2, (byte) 0xb9, (byte) 0x6f, (byte) 0xfd,
(byte) 0xd8, (byte) 0x66, (byte) 0x94, (byte) 0x09, (byte) 0x23, (byte) 0x41, (byte) 0xbc, (byte) 0x04
};
- DecryptOptions decryptOptions = DecryptOptions.createAesCbcOptions(EncryptionAlgorithm.A128CBC, encryptedBytes)
- .setIv(iv);
+ DecryptOptions decryptOptions = DecryptOptions.createAes128CbcOptions(encryptedBytes, iv);
DecryptResult decryptedResult = cryptographyClient.decrypt(decryptOptions);
System.out.printf("Received decrypted content of length %d\n", decryptedResult.getPlainText().length);
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/CryptographyClientTest.java b/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/CryptographyClientTest.java
index eab49a0cce938..216db63a4cac9 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/CryptographyClientTest.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/CryptographyClientTest.java
@@ -12,8 +12,6 @@
import com.azure.security.keyvault.keys.cryptography.models.EncryptionAlgorithm;
import com.azure.security.keyvault.keys.cryptography.models.KeyWrapAlgorithm;
import com.azure.security.keyvault.keys.cryptography.models.SignatureAlgorithm;
-import com.azure.security.keyvault.keys.cryptography.options.DecryptOptions;
-import com.azure.security.keyvault.keys.cryptography.options.EncryptOptions;
import com.azure.security.keyvault.keys.models.KeyVaultKey;
import com.azure.security.keyvault.keys.models.JsonWebKey;
import com.azure.security.keyvault.keys.models.KeyCurveName;
@@ -83,13 +81,13 @@ public void encryptDecryptRsa(HttpClient httpClient, CryptographyServiceVersion
byte[] plainText = new byte[100];
new Random(0x1234567L).nextBytes(plainText);
byte[] cipherText = cryptoClient.encrypt(algorithm, plainText).getCipherText();
- byte[] decryptedText = serviceClient.decrypt(DecryptOptions.createOptions(algorithm, cipherText),
- Context.NONE).block().getPlainText();
+ byte[] decryptedText = serviceClient.decrypt(new DecryptOptions(algorithm, cipherText, null, null,
+ null), Context.NONE).block().getPlainText();
assertArrayEquals(decryptedText, plainText);
- cipherText = serviceClient.encrypt(EncryptOptions.createOptions(algorithm, plainText),
- Context.NONE).block().getCipherText();
+ cipherText = serviceClient.encrypt(new EncryptOptions(algorithm, plainText, null, null), Context.NONE)
+ .block().getCipherText();
decryptedText = cryptoClient.decrypt(algorithm, cipherText).getPlainText();
assertArrayEquals(decryptedText, plainText);
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClientTestBase.java b/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClientTestBase.java
index 570d6af559d6f..458e94defd492 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClientTestBase.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClientTestBase.java
@@ -8,8 +8,6 @@
import com.azure.security.keyvault.keys.cryptography.models.DecryptResult;
import com.azure.security.keyvault.keys.cryptography.models.EncryptResult;
import com.azure.security.keyvault.keys.cryptography.models.EncryptionAlgorithm;
-import com.azure.security.keyvault.keys.cryptography.options.DecryptOptions;
-import com.azure.security.keyvault.keys.cryptography.options.EncryptOptions;
import com.azure.security.keyvault.keys.models.JsonWebKey;
import com.azure.security.keyvault.keys.models.KeyOperation;
import org.junit.jupiter.api.Test;
@@ -114,11 +112,10 @@ static void encryptDecryptAesCbc(int keySize, EncryptionAlgorithm algorithm) thr
byte[] plaintext = "My16BitPlaintext".getBytes();
byte[] iv = "My16BytesTestIv.".getBytes();
LocalCryptographyClient localCryptographyClient = initializeCryptographyClient(getTestJsonWebKey(keySize));
- EncryptOptions encryptOptions = EncryptOptions.createAesCbcOptions(algorithm, plaintext).setIv(iv);
+ EncryptOptions encryptOptions = EncryptOptions.createAes128CbcOptions(plaintext, iv);
EncryptResult encryptResult =
localCryptographyClient.encrypt(encryptOptions);
- DecryptOptions decryptOptions = DecryptOptions.createAesCbcOptions(algorithm, encryptResult.getCipherText())
- .setIv(iv);
+ DecryptOptions decryptOptions = DecryptOptions.createAes128CbcOptions(encryptResult.getCipherText(), iv);
DecryptResult decryptResult =
localCryptographyClient.decrypt(decryptOptions);
@@ -129,15 +126,15 @@ static void encryptDecryptAesGcm(int keySize, EncryptionAlgorithm algorithm) thr
byte[] plaintext = "My16BitPlaintext".getBytes();
byte[] iv = "My12BytesIv.".getBytes();
LocalCryptographyClient localCryptographyClient = initializeCryptographyClient(getTestJsonWebKey(keySize));
- EncryptOptions encryptOptions = EncryptOptions.createAesGcmOptions(algorithm, plaintext, iv);
+ EncryptOptions encryptOptions = EncryptOptions.createAes128GcmOptions(plaintext, iv);
EncryptResult encryptResult =
localCryptographyClient.encrypt(encryptOptions);
byte[] authenticationTag = new byte[12];
System.arraycopy(encryptResult.getCipherText(), 0, authenticationTag, 0, authenticationTag.length);
- DecryptOptions decryptOptions = DecryptOptions.createAesGcmOptions(algorithm, encryptResult.getCipherText(), iv)
- .setAuthenticationTag(authenticationTag);
+ DecryptOptions decryptOptions = DecryptOptions.createAes128GcmOptions(encryptResult.getCipherText(), iv,
+ authenticationTag);
DecryptResult decryptResult =
localCryptographyClient.decrypt(decryptOptions);
From ff77ba13802b18d690436a3ec2534f732fb3bc47 Mon Sep 17 00:00:00 2001
From: Victor Colin Amador
Date: Thu, 12 Nov 2020 15:26:52 -0800
Subject: [PATCH 12/15] Added iv, additionalAuthenticatedDate and
authenticationTag to EncryptResult.
---
.../resources/spotbugs/spotbugs-exclude.xml | 9 ---
.../keyvault/keys/cryptography/AesCbc.java | 17 +++---
.../keys/cryptography/AesCbcHmacSha2.java | 27 ++++----
.../keyvault/keys/cryptography/AesCbcPad.java | 17 +++---
.../keyvault/keys/cryptography/AesGcm.java | 32 +++++-----
.../CryptographyServiceClient.java | 4 --
.../keys/cryptography/DecryptOptions.java | 59 ++++--------------
.../keys/cryptography/EncryptOptions.java | 46 +++-----------
.../SymmetricEncryptionAlgorithm.java | 18 +++---
.../SymmetricKeyCryptographyClient.java | 30 +++++----
.../cryptography/models/EncryptResult.java | 61 +++++++++++++++++++
.../LocalCryptographyClientTestBase.java | 15 ++---
12 files changed, 167 insertions(+), 168 deletions(-)
diff --git a/eng/code-quality-reports/src/main/resources/spotbugs/spotbugs-exclude.xml b/eng/code-quality-reports/src/main/resources/spotbugs/spotbugs-exclude.xml
index 9054faef8bcbd..db06cdc17baf9 100755
--- a/eng/code-quality-reports/src/main/resources/spotbugs/spotbugs-exclude.xml
+++ b/eng/code-quality-reports/src/main/resources/spotbugs/spotbugs-exclude.xml
@@ -2414,13 +2414,4 @@
-
-
-
-
-
-
-
-
-
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbc.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbc.java
index a122849be8b56..d72fdf079b7a5 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbc.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbc.java
@@ -71,15 +71,17 @@ public byte[] doFinal(byte[] plaintext) throws IllegalBlockSizeException, BadPad
}
@Override
- public ICryptoTransform createEncryptor(byte[] key, byte[] iv, byte[] authenticationData)
+ public ICryptoTransform createEncryptor(byte[] key, byte[] iv, byte[] additionalAuthenticatedData,
+ byte[] authenticationTag)
throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException,
InvalidAlgorithmParameterException {
- return createEncryptor(key, iv, authenticationData, null);
+ return createEncryptor(key, iv, additionalAuthenticatedData, null, null);
}
@Override
- public ICryptoTransform createEncryptor(byte[] key, byte[] iv, byte[] authenticationData, Provider provider)
+ public ICryptoTransform createEncryptor(byte[] key, byte[] iv, byte[] additionalAuthenticatedData,
+ byte[] authenticationTag, Provider provider)
throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException,
InvalidAlgorithmParameterException {
@@ -91,16 +93,17 @@ public ICryptoTransform createEncryptor(byte[] key, byte[] iv, byte[] authentica
}
@Override
- public ICryptoTransform createDecryptor(byte[] key, byte[] iv, byte[] authenticationData, byte[] authenticationTag)
+ public ICryptoTransform createDecryptor(byte[] key, byte[] iv, byte[] additionalAuthenticatedData,
+ byte[] authenticationTag)
throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException,
InvalidAlgorithmParameterException {
- return createDecryptor(key, iv, authenticationData, authenticationTag, null);
+ return createDecryptor(key, iv, additionalAuthenticatedData, authenticationTag, null);
}
@Override
- public ICryptoTransform createDecryptor(byte[] key, byte[] iv, byte[] authenticationData, byte[] authenticationTag,
- Provider provider)
+ public ICryptoTransform createDecryptor(byte[] key, byte[] iv, byte[] additionalAuthenticatedData,
+ byte[] authenticationTag, Provider provider)
throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException,
InvalidAlgorithmParameterException {
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbcHmacSha2.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbcHmacSha2.java
index 91f9d3e3f53be..96cbdb913d99e 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbcHmacSha2.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbcHmacSha2.java
@@ -188,15 +188,17 @@ protected AesCbcHmacSha2(String name) {
}
@Override
- public ICryptoTransform createDecryptor(byte[] key, byte[] iv, byte[] authenticationData, byte[] authenticationTag)
+ public ICryptoTransform createDecryptor(byte[] key, byte[] iv, byte[] additionalAuthenticatedData,
+ byte[] authenticationTag)
throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException,
InvalidAlgorithmParameterException {
- return createDecryptor(key, iv, authenticationData, authenticationTag, null);
+
+ return createDecryptor(key, iv, additionalAuthenticatedData, authenticationTag, null);
}
@Override
- public ICryptoTransform createDecryptor(byte[] key, byte[] iv, byte[] authenticationData, byte[] authenticationTag,
- Provider provider)
+ public ICryptoTransform createDecryptor(byte[] key, byte[] iv, byte[] additionalAuthenticatedData,
+ byte[] authenticationTag, Provider provider)
throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException,
InvalidAlgorithmParameterException {
if (key == null) {
@@ -207,7 +209,7 @@ public ICryptoTransform createDecryptor(byte[] key, byte[] iv, byte[] authentica
throw logger.logExceptionAsWarning(new IllegalArgumentException("No initialization vector"));
}
- if (authenticationData == null) {
+ if (additionalAuthenticatedData == null) {
throw logger.logExceptionAsWarning(new IllegalArgumentException("No authentication data"));
}
@@ -216,18 +218,21 @@ public ICryptoTransform createDecryptor(byte[] key, byte[] iv, byte[] authentica
}
// Create the Decryptor
- return new AesCbcHmacSha2Decryptor(getName(), key, iv, authenticationData, authenticationTag, provider);
+ return new AesCbcHmacSha2Decryptor(getName(), key, iv, additionalAuthenticatedData, authenticationTag, provider);
}
@Override
- public ICryptoTransform createEncryptor(byte[] key, byte[] iv, byte[] authenticationData)
+ public ICryptoTransform createEncryptor(byte[] key, byte[] iv, byte[] additionalAuthenticatedData,
+ byte[] authenticationTag)
throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException,
InvalidAlgorithmParameterException {
- return createEncryptor(key, iv, authenticationData, null);
+
+ return createEncryptor(key, iv, additionalAuthenticatedData, null, null);
}
@Override
- public ICryptoTransform createEncryptor(byte[] key, byte[] iv, byte[] authenticationData, Provider provider)
+ public ICryptoTransform createEncryptor(byte[] key, byte[] iv, byte[] additionalAuthenticatedData,
+ byte[] authenticationTag, Provider provider)
throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException,
InvalidAlgorithmParameterException {
@@ -239,11 +244,11 @@ public ICryptoTransform createEncryptor(byte[] key, byte[] iv, byte[] authentica
throw logger.logExceptionAsError(new IllegalArgumentException("No initialization vector"));
}
- if (authenticationData == null) {
+ if (additionalAuthenticatedData == null) {
throw logger.logExceptionAsError(new IllegalArgumentException("No authentication data"));
}
// Create the Encryptor
- return new AesCbcHmacSha2Encryptor(getName(), key, iv, authenticationData, provider);
+ return new AesCbcHmacSha2Encryptor(getName(), key, iv, additionalAuthenticatedData, provider);
}
}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbcPad.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbcPad.java
index d62153e713765..114f4f90e32a7 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbcPad.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbcPad.java
@@ -71,15 +71,17 @@ public byte[] doFinal(byte[] plaintext) throws IllegalBlockSizeException, BadPad
}
@Override
- public ICryptoTransform createEncryptor(byte[] key, byte[] iv, byte[] authenticationData)
+ public ICryptoTransform createEncryptor(byte[] key, byte[] iv, byte[] additionalAuthenticatedData,
+ byte[] authenticationTag)
throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException,
InvalidAlgorithmParameterException {
- return createEncryptor(key, iv, authenticationData, null);
+ return createEncryptor(key, iv, additionalAuthenticatedData, null, null);
}
@Override
- public ICryptoTransform createEncryptor(byte[] key, byte[] iv, byte[] authenticationData, Provider provider)
+ public ICryptoTransform createEncryptor(byte[] key, byte[] iv, byte[] additionalAuthenticatedData,
+ byte[] authenticationTag, Provider provider)
throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException,
InvalidAlgorithmParameterException {
@@ -91,16 +93,17 @@ public ICryptoTransform createEncryptor(byte[] key, byte[] iv, byte[] authentica
}
@Override
- public ICryptoTransform createDecryptor(byte[] key, byte[] iv, byte[] authenticationData, byte[] authenticationTag)
+ public ICryptoTransform createDecryptor(byte[] key, byte[] iv, byte[] additionalAuthenticatedData,
+ byte[] authenticationTag)
throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException,
InvalidAlgorithmParameterException {
- return createDecryptor(key, iv, authenticationData, authenticationTag, null);
+ return createDecryptor(key, iv, additionalAuthenticatedData, authenticationTag, null);
}
@Override
- public ICryptoTransform createDecryptor(byte[] key, byte[] iv, byte[] authenticationData, byte[] authenticationTag,
- Provider provider)
+ public ICryptoTransform createDecryptor(byte[] key, byte[] iv, byte[] additionalAuthenticatedData,
+ byte[] authenticationTag, Provider provider)
throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException,
InvalidAlgorithmParameterException {
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesGcm.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesGcm.java
index 91bf80d4f96f1..d0a6ddd5e1465 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesGcm.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesGcm.java
@@ -17,8 +17,6 @@
import java.util.Objects;
abstract class AesGcm extends SymmetricEncryptionAlgorithm {
- static final int DEFAULT_TAG_LENGTH = 96;
-
final int keySizeInBytes;
final int keySize;
@@ -32,7 +30,8 @@ protected AesGcm(String name, int size) {
static class AesGcmEncryptor implements ICryptoTransform {
private final Cipher cipher;
- AesGcmEncryptor(byte[] key, byte[] iv, byte[] authenticationData, Provider provider)
+ AesGcmEncryptor(byte[] key, byte[] iv, byte[] additionalAuthenticatedData, byte[] authenticationTag,
+ Provider provider)
throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException,
InvalidAlgorithmParameterException {
@@ -44,7 +43,7 @@ static class AesGcmEncryptor implements ICryptoTransform {
}
cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(key, "AES"),
- new GCMParameterSpec(DEFAULT_TAG_LENGTH, iv));
+ new GCMParameterSpec(authenticationTag.length << 3, iv));
}
@Override
@@ -56,7 +55,8 @@ public byte[] doFinal(byte[] plaintext) throws IllegalBlockSizeException, BadPad
static class AesGcmDecryptor implements ICryptoTransform {
private final Cipher cipher;
- AesGcmDecryptor(byte[] key, byte[] iv, byte[] authenticationData, byte[] authenticationTag, Provider provider)
+ AesGcmDecryptor(byte[] key, byte[] iv, byte[] additionalAuthenticatedData, byte[] authenticationTag,
+ Provider provider)
throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException,
InvalidAlgorithmParameterException {
@@ -81,15 +81,17 @@ public byte[] doFinal(byte[] plaintext) throws IllegalBlockSizeException, BadPad
}
@Override
- public ICryptoTransform createEncryptor(byte[] key, byte[] iv, byte[] authenticationData)
+ public ICryptoTransform createEncryptor(byte[] key, byte[] iv, byte[] additionalAuthenticatedData,
+ byte[] authenticationTag)
throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException,
InvalidAlgorithmParameterException {
- return createEncryptor(key, iv, authenticationData, null);
+ return createEncryptor(key, iv, additionalAuthenticatedData, authenticationTag, null);
}
@Override
- public ICryptoTransform createEncryptor(byte[] key, byte[] iv, byte[] authenticationData, Provider provider)
+ public ICryptoTransform createEncryptor(byte[] key, byte[] iv, byte[] additionalAuthenticatedData,
+ byte[] authenticationTag, Provider provider)
throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException,
InvalidAlgorithmParameterException {
@@ -97,20 +99,22 @@ public ICryptoTransform createEncryptor(byte[] key, byte[] iv, byte[] authentica
throw new InvalidKeyException("key must be at least " + keySize + " bits in length");
}
- return new AesGcmEncryptor(Arrays.copyOfRange(key, 0, keySizeInBytes), iv, authenticationData, provider);
+ return new AesGcmEncryptor(Arrays.copyOfRange(key, 0, keySizeInBytes), iv, additionalAuthenticatedData,
+ authenticationTag, provider);
}
@Override
- public ICryptoTransform createDecryptor(byte[] key, byte[] iv, byte[] authenticationData, byte[] authenticationTag)
+ public ICryptoTransform createDecryptor(byte[] key, byte[] iv, byte[] additionalAuthenticatedData,
+ byte[] authenticationTag)
throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException,
InvalidAlgorithmParameterException {
- return createDecryptor(key, iv, authenticationData, authenticationTag, null);
+ return createDecryptor(key, iv, additionalAuthenticatedData, authenticationTag, null);
}
@Override
- public ICryptoTransform createDecryptor(byte[] key, byte[] iv, byte[] authenticationData, byte[] authenticationTag,
- Provider provider)
+ public ICryptoTransform createDecryptor(byte[] key, byte[] iv, byte[] additionalAuthenticatedData,
+ byte[] authenticationTag, Provider provider)
throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException,
InvalidAlgorithmParameterException {
@@ -118,7 +122,7 @@ public ICryptoTransform createDecryptor(byte[] key, byte[] iv, byte[] authentica
throw new InvalidKeyException("key must be at least " + keySize + " bits in length");
}
- return new AesGcmDecryptor(Arrays.copyOfRange(key, 0, keySizeInBytes), iv, authenticationData,
+ return new AesGcmDecryptor(Arrays.copyOfRange(key, 0, keySizeInBytes), iv, additionalAuthenticatedData,
authenticationTag, provider);
}
}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyServiceClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyServiceClient.java
index c20507cd74afd..d6b22b16da1c2 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyServiceClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyServiceClient.java
@@ -127,8 +127,6 @@ JsonWebKey transformSecretKey(SecretKey secretKey) throws JsonProcessingExceptio
Mono encrypt(EncryptOptions encryptOptions, Context context) {
Objects.requireNonNull(encryptOptions, "'encryptOptions' cannot be null.");
- Objects.requireNonNull(encryptOptions.getAlgorithm(), "Encryption algorithm cannot be null.");
- Objects.requireNonNull(encryptOptions.getPlainText(), "Plain text content to be encrypted cannot be null.");
EncryptionAlgorithm algorithm = encryptOptions.getAlgorithm();
byte[] iv = encryptOptions.getIv();
@@ -153,8 +151,6 @@ Mono encrypt(EncryptOptions encryptOptions, Context context) {
Mono decrypt(DecryptOptions decryptOptions, Context context) {
Objects.requireNonNull(decryptOptions, "'decryptOptions' cannot be null.");
- Objects.requireNonNull(decryptOptions.getAlgorithm(), "Encryption algorithm cannot be null.");
- Objects.requireNonNull(decryptOptions.getCipherText(), "Cipher text content to be decrypted cannot be null.");
EncryptionAlgorithm algorithm = decryptOptions.getAlgorithm();
byte[] iv = decryptOptions.getIv();
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/DecryptOptions.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/DecryptOptions.java
index 68e66d84b7896..d539aab3aa694 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/DecryptOptions.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/DecryptOptions.java
@@ -3,6 +3,7 @@
package com.azure.security.keyvault.keys.cryptography;
+import com.azure.core.util.CoreUtils;
import com.azure.security.keyvault.keys.cryptography.models.EncryptionAlgorithm;
import java.util.Objects;
@@ -202,35 +203,15 @@ public static DecryptOptions createAes256GcmOptions(byte[] plainText, byte[] iv,
* @param additionalAuthenticatedData Additional data to authenticate when using authenticated crypto algorithms.
*/
DecryptOptions(EncryptionAlgorithm algorithm, byte[] cipherText, byte[] iv, byte[] authenticationTag,
- byte[] additionalAuthenticatedData) {
- Objects.requireNonNull(cipherText, "'cipherText' cannot be null");
+ byte[] additionalAuthenticatedData) {
+ Objects.requireNonNull(algorithm, "Encryption algorithm cannot be null.");
+ Objects.requireNonNull(cipherText, "Cipher text content to be decrypted cannot be null.");
this.algorithm = algorithm;
- this.cipherText = new byte[cipherText.length];
- System.arraycopy(cipherText, 0, this.cipherText, 0, cipherText.length);
-
- if (iv == null) {
- this.iv = null;
- } else {
- this.iv = new byte[iv.length];
- System.arraycopy(iv, 0, this.iv, 0, iv.length);
- }
-
- if (additionalAuthenticatedData == null) {
- this.additionalAuthenticatedData = null;
- } else {
- this.additionalAuthenticatedData = new byte[additionalAuthenticatedData.length];
- System.arraycopy(additionalAuthenticatedData, 0, this.additionalAuthenticatedData, 0,
- additionalAuthenticatedData.length);
- }
-
- if (authenticationTag == null) {
- this.authenticationTag = null;
- } else {
- this.authenticationTag = new byte[authenticationTag.length];
- System.arraycopy(authenticationTag, 0, this.authenticationTag, 0,
- authenticationTag.length);
- }
+ this.cipherText = CoreUtils.clone(cipherText);
+ this.iv = CoreUtils.clone(iv);
+ this.additionalAuthenticatedData = CoreUtils.clone(additionalAuthenticatedData);
+ this.authenticationTag = CoreUtils.clone(authenticationTag);
}
/**
@@ -248,11 +229,7 @@ public EncryptionAlgorithm getAlgorithm() {
* @return The content to be encrypted.
*/
public byte[] getCipherText() {
- if (cipherText == null) {
- return null;
- } else {
- return cipherText.clone();
- }
+ return CoreUtils.clone(cipherText);
}
/**
@@ -261,11 +238,7 @@ public byte[] getCipherText() {
* @return The initialization vector.
*/
public byte[] getIv() {
- if (iv == null) {
- return null;
- } else {
- return iv.clone();
- }
+ return CoreUtils.clone(iv);
}
/**
@@ -274,11 +247,7 @@ public byte[] getIv() {
* @return The additional authenticated data.
*/
public byte[] getAdditionalAuthenticatedData() {
- if (additionalAuthenticatedData == null) {
- return null;
- } else {
- return additionalAuthenticatedData.clone();
- }
+ return CoreUtils.clone(additionalAuthenticatedData);
}
/**
@@ -287,10 +256,6 @@ public byte[] getAdditionalAuthenticatedData() {
* @return The authentication tag.
*/
public byte[] getAuthenticationTag() {
- if (authenticationTag == null) {
- return null;
- } else {
- return authenticationTag.clone();
- }
+ return CoreUtils.clone(authenticationTag);
}
}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EncryptOptions.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EncryptOptions.java
index 560e3470b6db1..0f4a3ffeca1f5 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EncryptOptions.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EncryptOptions.java
@@ -3,6 +3,7 @@
package com.azure.security.keyvault.keys.cryptography;
+import com.azure.core.util.CoreUtils;
import com.azure.security.keyvault.keys.cryptography.models.EncryptionAlgorithm;
import java.util.Objects;
@@ -255,29 +256,14 @@ public static EncryptOptions createAes256GcmOptions(byte[] plainText, byte[] iv,
* @param iv Initialization vector for the encryption operation.
* @param additionalAuthenticatedData Additional data to authenticate when using authenticated crypto algorithms.
*/
- EncryptOptions(EncryptionAlgorithm algorithm, byte[] plainText, byte[] iv,
- byte[] additionalAuthenticatedData) {
- Objects.requireNonNull(plainText, "'plaintext' cannot be null");
+ EncryptOptions(EncryptionAlgorithm algorithm, byte[] plainText, byte[] iv, byte[] additionalAuthenticatedData) {
+ Objects.requireNonNull(algorithm, "Encryption algorithm cannot be null.");
+ Objects.requireNonNull(plainText, "Plain text content to be encrypted cannot be null.");
this.algorithm = algorithm;
- this.plainText = new byte[plainText.length];
-
- System.arraycopy(plainText, 0, this.plainText, 0, plainText.length);
-
- if (iv == null) {
- this.iv = null;
- } else {
- this.iv = new byte[iv.length];
- System.arraycopy(iv, 0, this.iv, 0, iv.length);
- }
-
- if (additionalAuthenticatedData == null) {
- this.additionalAuthenticatedData = null;
- } else {
- this.additionalAuthenticatedData = new byte[additionalAuthenticatedData.length];
- System.arraycopy(additionalAuthenticatedData, 0, this.additionalAuthenticatedData, 0,
- additionalAuthenticatedData.length);
- }
+ this.plainText = CoreUtils.clone(plainText);
+ this.iv = CoreUtils.clone(iv);
+ this.additionalAuthenticatedData = CoreUtils.clone(additionalAuthenticatedData);
}
/**
@@ -295,11 +281,7 @@ public EncryptionAlgorithm getAlgorithm() {
* @return The content to be encrypted.
*/
public byte[] getPlainText() {
- if (plainText == null) {
- return null;
- } else {
- return plainText.clone();
- }
+ return CoreUtils.clone(plainText);
}
/**
@@ -308,11 +290,7 @@ public byte[] getPlainText() {
* @return The initialization vector.
*/
public byte[] getIv() {
- if (iv == null) {
- return null;
- } else {
- return iv.clone();
- }
+ return CoreUtils.clone(iv);
}
/**
@@ -321,10 +299,6 @@ public byte[] getIv() {
* @return The additional authenticated data.
*/
public byte[] getAdditionalAuthenticatedData() {
- if (additionalAuthenticatedData == null) {
- return null;
- } else {
- return additionalAuthenticatedData.clone();
- }
+ return CoreUtils.clone(additionalAuthenticatedData);
}
}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/SymmetricEncryptionAlgorithm.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/SymmetricEncryptionAlgorithm.java
index 205c2f64f6327..5d2a5225fd130 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/SymmetricEncryptionAlgorithm.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/SymmetricEncryptionAlgorithm.java
@@ -28,11 +28,12 @@ abstract class SymmetricEncryptionAlgorithm extends LocalEncryptionAlgorithm {
*
* @param key The key material to be used.
* @param iv The initialization vector to be used.
- * @param authenticationData The authentication data to be used with authenticating encryption implementation
+ * @param additionalAuthenticatedData The authentication data to be used with authenticating encryption implementation
* (ignored for non-authenticating implementation).
* @return A {@link ICryptoTransform} implementation.
*/
- abstract ICryptoTransform createEncryptor(byte[] key, byte[] iv, byte[] authenticationData)
+ abstract ICryptoTransform createEncryptor(byte[] key, byte[] iv, byte[] additionalAuthenticatedData,
+ byte[] authenticationTag)
throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException,
InvalidAlgorithmParameterException;
@@ -42,12 +43,13 @@ abstract ICryptoTransform createEncryptor(byte[] key, byte[] iv, byte[] authenti
*
* @param key The key material to be used.
* @param iv The initialization vector to be used.
- * @param authenticationData The authentication data to be used with authenticating encryption implementation
+ * @param additionalAuthenticatedData The authentication data to be used with authenticating encryption implementation
* (ignored for non-authenticating implementation).
* @param provider The provider to use.
* @return A {@link ICryptoTransform} implementation.
*/
- abstract ICryptoTransform createEncryptor(byte[] key, byte[] iv, byte[] authenticationData, Provider provider)
+ abstract ICryptoTransform createEncryptor(byte[] key, byte[] iv, byte[] additionalAuthenticatedData,
+ byte[] authenticationTag, Provider provider)
throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException,
InvalidAlgorithmParameterException;
@@ -57,13 +59,13 @@ abstract ICryptoTransform createEncryptor(byte[] key, byte[] iv, byte[] authenti
*
* @param key The key material to be used.
* @param iv The initialization vector to be used.
- * @param authenticationData The authentication data to be used with authenticating encryption implementation
+ * @param additionalAuthenticatedData The authentication data to be used with authenticating encryption implementation
* (ignored for non-authenticating implementation).
* @param authenticationTag The authentication tag to verify when using authenticating encryption implementation
* (ignored for non-authenticating implementation).
* @return A {@link ICryptoTransform} implementation.
*/
- abstract ICryptoTransform createDecryptor(byte[] key, byte[] iv, byte[] authenticationData,
+ abstract ICryptoTransform createDecryptor(byte[] key, byte[] iv, byte[] additionalAuthenticatedData,
byte[] authenticationTag)
throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException,
InvalidAlgorithmParameterException;
@@ -74,14 +76,14 @@ abstract ICryptoTransform createDecryptor(byte[] key, byte[] iv, byte[] authenti
*
* @param key The key material to be used.
* @param iv The initialization vector to be used.
- * @param authenticationData The authentication data to be used with authenticating encryption implementation
+ * @param additionalAuthenticatedData The authentication data to be used with authenticating encryption implementation
* (ignored for non-authenticating implementation).
* @param authenticationTag The authentication tag to verify when using authenticating encryption implementation
* (ignored for non-authenticating implementation).
* @param provider The provider to use.
* @return A {@link ICryptoTransform} implementation
*/
- abstract ICryptoTransform createDecryptor(byte[] key, byte[] iv, byte[] authenticationData,
+ abstract ICryptoTransform createDecryptor(byte[] key, byte[] iv, byte[] additionalAuthenticatedData,
byte[] authenticationTag, Provider provider)
throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException,
InvalidAlgorithmParameterException;
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/SymmetricKeyCryptographyClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/SymmetricKeyCryptographyClient.java
index 5879183b4126d..14ff39bf849f5 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/SymmetricKeyCryptographyClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/SymmetricKeyCryptographyClient.java
@@ -22,6 +22,9 @@
import java.util.Objects;
class SymmetricKeyCryptographyClient extends LocalKeyCryptographyClient {
+ private static final int CBC_BLOCK_SIZE = 16;
+ private static final int GCM_NONCE_SIZE = 12;
+
private final ClientLogger logger = new ClientLogger(SymmetricKeyCryptographyClient.class);
private byte[] key;
@@ -73,22 +76,24 @@ Mono encryptAsync(EncryptOptions encryptOptions, Context context,
byte[] iv = encryptOptions.getIv();
byte[] additionalAuthenticatedData = encryptOptions.getAdditionalAuthenticatedData();
+ byte[] authenticationTag = generateRandomByteArray(GCM_NONCE_SIZE);
if (iv == null) {
if (algorithm == EncryptionAlgorithm.A128GCM || algorithm == EncryptionAlgorithm.A192GCM
|| algorithm == EncryptionAlgorithm.A256GCM) {
- iv = generateRandomIvForGcm();
+ iv = generateRandomByteArray(GCM_NONCE_SIZE);
} else if (algorithm == EncryptionAlgorithm.A128CBC || algorithm == EncryptionAlgorithm.A192CBC
|| algorithm == EncryptionAlgorithm.A256CBC || algorithm == EncryptionAlgorithm.A128CBCPAD
|| algorithm == EncryptionAlgorithm.A192CBCPAD || algorithm == EncryptionAlgorithm.A256CBCPAD) {
- iv = generateRandomIvForCbc();
+ iv = generateRandomByteArray(CBC_BLOCK_SIZE);
}
}
try {
- transform = symmetricEncryptionAlgorithm.createEncryptor(this.key, iv, additionalAuthenticatedData, null);
+ transform = symmetricEncryptionAlgorithm.createEncryptor(this.key, iv, additionalAuthenticatedData,
+ authenticationTag);
} catch (Exception e) {
return Mono.error(e);
}
@@ -101,7 +106,8 @@ Mono encryptAsync(EncryptOptions encryptOptions, Context context,
return Mono.error(e);
}
- return Mono.just(new EncryptResult(encrypted, algorithm, jsonWebKey.getId()));
+ return Mono.just(new EncryptResult(encrypted, algorithm, jsonWebKey.getId(), iv, additionalAuthenticatedData,
+ authenticationTag));
}
@Override
@@ -136,12 +142,12 @@ Mono decryptAsync(DecryptOptions decryptOptions, Context context,
if (algorithm == EncryptionAlgorithm.A128GCM || algorithm == EncryptionAlgorithm.A192GCM
|| algorithm == EncryptionAlgorithm.A256GCM) {
- iv = generateRandomIvForGcm();
+ iv = generateRandomByteArray(GCM_NONCE_SIZE);
} else if (algorithm == EncryptionAlgorithm.A128CBC || algorithm == EncryptionAlgorithm.A192CBC
|| algorithm == EncryptionAlgorithm.A256CBC || algorithm == EncryptionAlgorithm.A128CBCPAD
|| algorithm == EncryptionAlgorithm.A192CBCPAD || algorithm == EncryptionAlgorithm.A256CBCPAD) {
- iv = generateRandomIvForCbc();
+ iv = generateRandomByteArray(CBC_BLOCK_SIZE);
}
}
@@ -251,21 +257,13 @@ Mono verifyDataAsync(SignatureAlgorithm algorithm, byte[] data, by
return verifyAsync(algorithm, data, signature, context, key);
}
- private byte[] generateRandomIvForCbc() {
- return generateRandomIv(16);
- }
-
- private byte[] generateRandomIvForGcm() {
- return generateRandomIv(12);
- }
-
- private byte[] generateRandomIv(int ivSize) {
+ private byte[] generateRandomByteArray(int sizeInBytes) {
byte[] iv = new byte[0];
SecureRandom randomSecureRandom;
try {
randomSecureRandom = SecureRandom.getInstance("SHA1PRNG");
- iv = new byte[ivSize];
+ iv = new byte[sizeInBytes];
randomSecureRandom.nextBytes(iv);
} catch (NoSuchAlgorithmException e) {
logger.logThrowableAsError(e);
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/models/EncryptResult.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/models/EncryptResult.java
index 2ac529a70bfeb..6239bbcc85cde 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/models/EncryptResult.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/models/EncryptResult.java
@@ -5,6 +5,7 @@
import com.azure.core.annotation.Immutable;
import com.azure.core.util.CoreUtils;
+import com.fasterxml.jackson.annotation.JsonProperty;
/**
* Represents the details of encrypt operation result.
@@ -26,6 +27,22 @@ public final class EncryptResult {
*/
private final String keyId;
+ /**
+ * Initialization vector for symmetric algorithms.
+ */
+ private final byte[] iv;
+
+ /**
+ * Additional data to authenticate but not encrypt/decrypt when using authenticated crypto algorithms.
+ */
+ private final byte[] additionalAuthenticatedData;
+
+ /**
+ * The tag to authenticate when performing decryption with an authenticated algorithm.
+ */
+ private final byte[] authenticationTag;
+
+
/**
* Creates the instance of Encrypt Result holding encryption operation response information.
* @param cipherText The encrypted content.
@@ -33,9 +50,26 @@ public final class EncryptResult {
* @param keyId The identifier of the key usd for the encryption operation.
*/
public EncryptResult(byte[] cipherText, EncryptionAlgorithm algorithm, String keyId) {
+ this(cipherText, algorithm, keyId, null, null, null);
+ }
+
+ /**
+ * Creates the instance of Encrypt Result holding encryption operation response information.
+ * @param cipherText The encrypted content.
+ * @param algorithm The algorithm used to encrypt the content.
+ * @param keyId The identifier of the key usd for the encryption operation.
+ * @param iv Initialization vector for symmetric algorithms.
+ * @param additionalAuthenticatedData Additional data to authenticate but not encrypt/decrypt when using authenticated crypto algorithms.
+ * @param authenticationTag The tag to authenticate when performing decryption with an authenticated algorithm.
+ */
+ public EncryptResult(byte[] cipherText, EncryptionAlgorithm algorithm, String keyId, byte[] iv,
+ byte[] additionalAuthenticatedData, byte[] authenticationTag) {
this.cipherText = CoreUtils.clone(cipherText);
this.algorithm = algorithm;
this.keyId = keyId;
+ this.iv = CoreUtils.clone(iv);
+ this.additionalAuthenticatedData = CoreUtils.clone(additionalAuthenticatedData);
+ this.authenticationTag = CoreUtils.clone(authenticationTag);
}
/**
@@ -61,4 +95,31 @@ public byte[] getCipherText() {
public EncryptionAlgorithm getAlgorithm() {
return algorithm;
}
+
+ /**
+ * Get the initialization vector used by symmetric algorithms.
+ *
+ * @return The initialization vector.
+ */
+ public byte[] getIv() {
+ return CoreUtils.clone(iv);
+ }
+
+ /**
+ * Get additional data to authenticate the encrypted content.
+ *
+ * @return The additional authenticated data.
+ */
+ public byte[] getAdditionalAuthenticatedData() {
+ return CoreUtils.clone(additionalAuthenticatedData);
+ }
+
+ /**
+ * Get the tag to authenticate the encrypted content.
+ *
+ * @return The authentication tag.
+ */
+ public byte[] getAuthenticationTag() {
+ return CoreUtils.clone(authenticationTag);
+ }
}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClientTestBase.java b/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClientTestBase.java
index 458e94defd492..35b5c0ad77bcf 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClientTestBase.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/test/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClientTestBase.java
@@ -112,10 +112,10 @@ static void encryptDecryptAesCbc(int keySize, EncryptionAlgorithm algorithm) thr
byte[] plaintext = "My16BitPlaintext".getBytes();
byte[] iv = "My16BytesTestIv.".getBytes();
LocalCryptographyClient localCryptographyClient = initializeCryptographyClient(getTestJsonWebKey(keySize));
- EncryptOptions encryptOptions = EncryptOptions.createAes128CbcOptions(plaintext, iv);
+ EncryptOptions encryptOptions = new EncryptOptions(algorithm, plaintext, iv, null);
EncryptResult encryptResult =
localCryptographyClient.encrypt(encryptOptions);
- DecryptOptions decryptOptions = DecryptOptions.createAes128CbcOptions(encryptResult.getCipherText(), iv);
+ DecryptOptions decryptOptions = new DecryptOptions(algorithm, encryptResult.getCipherText(), iv, null, null);
DecryptResult decryptResult =
localCryptographyClient.decrypt(decryptOptions);
@@ -126,15 +126,12 @@ static void encryptDecryptAesGcm(int keySize, EncryptionAlgorithm algorithm) thr
byte[] plaintext = "My16BitPlaintext".getBytes();
byte[] iv = "My12BytesIv.".getBytes();
LocalCryptographyClient localCryptographyClient = initializeCryptographyClient(getTestJsonWebKey(keySize));
- EncryptOptions encryptOptions = EncryptOptions.createAes128GcmOptions(plaintext, iv);
+ EncryptOptions encryptOptions = new EncryptOptions(algorithm, plaintext, iv, null);
EncryptResult encryptResult =
localCryptographyClient.encrypt(encryptOptions);
- byte[] authenticationTag = new byte[12];
-
- System.arraycopy(encryptResult.getCipherText(), 0, authenticationTag, 0, authenticationTag.length);
-
- DecryptOptions decryptOptions = DecryptOptions.createAes128GcmOptions(encryptResult.getCipherText(), iv,
- authenticationTag);
+ byte[] authenticationTag = encryptResult.getAuthenticationTag();
+ DecryptOptions decryptOptions = new DecryptOptions(algorithm, encryptResult.getCipherText(), iv,
+ authenticationTag, null);
DecryptResult decryptResult =
localCryptographyClient.decrypt(decryptOptions);
From 53c8771dbbc4324372056fa9388c25329fc2408d Mon Sep 17 00:00:00 2001
From: Victor Colin Amador
Date: Thu, 12 Nov 2020 16:15:31 -0800
Subject: [PATCH 13/15] Made `plainText` and `cipherText` all lowercase.
---
.../resources/spotbugs/spotbugs-exclude.xml | 9 ++
.../cryptography/CryptographyAsyncClient.java | 18 ++-
.../keys/cryptography/CryptographyClient.java | 24 ++--
.../CryptographyServiceClient.java | 4 +-
.../keys/cryptography/DecryptOptions.java | 120 ++++++++---------
.../keys/cryptography/EncryptOptions.java | 122 +++++++++---------
.../LocalCryptographyAsyncClient.java | 22 ++--
.../cryptography/LocalCryptographyClient.java | 22 ++--
.../RsaKeyCryptographyClient.java | 8 +-
.../SymmetricKeyCryptographyClient.java | 13 +-
.../cryptography/models/EncryptResult.java | 1 -
11 files changed, 183 insertions(+), 180 deletions(-)
diff --git a/eng/code-quality-reports/src/main/resources/spotbugs/spotbugs-exclude.xml b/eng/code-quality-reports/src/main/resources/spotbugs/spotbugs-exclude.xml
index db06cdc17baf9..63ca92a03a8b5 100755
--- a/eng/code-quality-reports/src/main/resources/spotbugs/spotbugs-exclude.xml
+++ b/eng/code-quality-reports/src/main/resources/spotbugs/spotbugs-exclude.xml
@@ -2414,4 +2414,13 @@
+
+
+
+
+
+
+
+
+
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyAsyncClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyAsyncClient.java
index f2e39b9067911..2c2b999c9c0fd 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyAsyncClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyAsyncClient.java
@@ -219,7 +219,7 @@ Mono getSecretKey() {
* contains the encrypted content.
* @throws ResourceNotFoundException If the key cannot be found for encryption.
* @throws UnsupportedOperationException If the encrypt operation is not supported or configured on the key.
- * @throws NullPointerException If {@code algorithm} or {@code plainText} are {@code null}.
+ * @throws NullPointerException If {@code algorithm} or {@code plaintext} are {@code null}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public Mono encrypt(EncryptionAlgorithm algorithm, byte[] plaintext) {
@@ -255,10 +255,12 @@ public Mono encrypt(EncryptionAlgorithm algorithm, byte[] plainte
* contains the encrypted content.
* @throws ResourceNotFoundException If the key cannot be found for encryption.
* @throws UnsupportedOperationException If the encrypt operation is not supported or configured on the key.
- * @throws NullPointerException If {@code algorithm} or {@code plainText} are {@code null}.
+ * @throws NullPointerException If {@code encryptOptions} is {@code null}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public Mono encrypt(EncryptOptions encryptOptions) {
+ Objects.requireNonNull(encryptOptions, "'encryptOptions' cannot be null");
+
try {
return withContext(context -> encrypt(encryptOptions, context));
} catch (RuntimeException ex) {
@@ -307,15 +309,15 @@ Mono encrypt(EncryptOptions encryptOptions, Context context) {
* {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.decrypt#EncryptionAlgorithm-byte}
*
* @param algorithm The algorithm to be used for decryption.
- * @param cipherText The content to be decrypted.
+ * @param ciphertext The content to be decrypted.
* @return A {@link Mono} containing the decrypted blob.
* @throws ResourceNotFoundException If the key cannot be found for decryption.
* @throws UnsupportedOperationException If the decrypt operation is not supported or configured on the key.
- * @throws NullPointerException If {@code algorithm} or {@code cipherText} are {@code null}.
+ * @throws NullPointerException If {@code algorithm} or {@code ciphertext} are {@code null}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
- public Mono decrypt(EncryptionAlgorithm algorithm, byte[] cipherText) {
- return decrypt(new DecryptOptions(algorithm, cipherText, null, null, null));
+ public Mono decrypt(EncryptionAlgorithm algorithm, byte[] ciphertext) {
+ return decrypt(new DecryptOptions(algorithm, ciphertext, null, null, null));
}
/**
@@ -346,10 +348,12 @@ public Mono decrypt(EncryptionAlgorithm algorithm, byte[] cipherT
* @return A {@link Mono} containing the decrypted blob.
* @throws ResourceNotFoundException If the key cannot be found for decryption.
* @throws UnsupportedOperationException If the decrypt operation is not supported or configured on the key.
- * @throws NullPointerException If {@code algorithm} or {@code cipherText} are {@code null}.
+ * @throws NullPointerException If {@code decryptOptions} is {@code null}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public Mono decrypt(DecryptOptions decryptOptions) {
+ Objects.requireNonNull(decryptOptions, "'decryptOptions' cannot be null");
+
try {
return withContext(context -> decrypt(decryptOptions, context));
} catch (RuntimeException ex) {
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyClient.java
index a9d9429541085..790cfe5175367 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyClient.java
@@ -108,7 +108,7 @@ public Response getKeyWithResponse(Context context) {
* content.
* @throws ResourceNotFoundException If the key cannot be found for encryption.
* @throws UnsupportedOperationException If the encrypt operation is not supported or configured on the key.
- * @throws NullPointerException If {@code algorithm} or {@code plainText} are {@code null}.
+ * @throws NullPointerException If {@code algorithm} or {@code plaintext} are {@code null}.
*/
public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plaintext, Context context) {
return encrypt(new EncryptOptions(algorithm, plaintext, null, null), context);
@@ -144,7 +144,7 @@ public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plaintext, Co
* content.
* @throws ResourceNotFoundException If the key cannot be found for encryption.
* @throws UnsupportedOperationException If the encrypt operation is not supported or configured on the key.
- * @throws NullPointerException If {@code algorithm} or {@code plainText} are {@code null}.
+ * @throws NullPointerException If {@code algorithm} or {@code plaintext} are {@code null}.
*/
public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plaintext) {
return encrypt(algorithm, plaintext, Context.NONE);
@@ -180,7 +180,7 @@ public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plaintext) {
* content.
* @throws ResourceNotFoundException If the key cannot be found for encryption.
* @throws UnsupportedOperationException If the encrypt operation is not supported or configured on the key.
- * @throws NullPointerException If {@code algorithm} or {@code plainText} are {@code null}.
+ * @throws NullPointerException If {@code encryptOptions} is {@code null}.
*/
public EncryptResult encrypt(EncryptOptions encryptOptions, Context context) {
return client.encrypt(encryptOptions, context).block();
@@ -211,15 +211,15 @@ public EncryptResult encrypt(EncryptOptions encryptOptions, Context context) {
* {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyClient.decrypt#EncryptionAlgorithm-byte-Context}
*
* @param algorithm The algorithm to be used for decryption.
- * @param cipherText The content to be decrypted.
+ * @param ciphertext The content to be decrypted.
* @param context Additional context that is passed through the Http pipeline during the service call.
* @return The decrypted blob.
* @throws ResourceNotFoundException If the key cannot be found for encryption.
* @throws UnsupportedOperationException If the decrypt operation is not supported or configured on the key.
- * @throws NullPointerException If {@code algorithm} or {@code cipherText} are {@code null}.
+ * @throws NullPointerException If {@code algorithm} or {@code ciphertext} are {@code null}.
*/
- public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] cipherText, Context context) {
- return decrypt(new DecryptOptions(algorithm, cipherText, null, null, null), context);
+ public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] ciphertext, Context context) {
+ return decrypt(new DecryptOptions(algorithm, ciphertext, null, null, null), context);
}
/**
@@ -247,14 +247,14 @@ public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] cipherText, C
* {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyClient.decrypt#EncryptionAlgorithm-byte}
*
* @param algorithm The algorithm to be used for decryption.
- * @param cipherText The content to be decrypted.
+ * @param ciphertext The content to be decrypted.
* @return The decrypted blob.
* @throws ResourceNotFoundException If the key cannot be found for encryption.
* @throws UnsupportedOperationException If the decrypt operation is not supported or configured on the key.
- * @throws NullPointerException If {@code algorithm} or {@code cipherText} are {@code null}.
+ * @throws NullPointerException If {@code algorithm} or {@code ciphertext} are {@code null}.
*/
- public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] cipherText) {
- return decrypt(new DecryptOptions(algorithm, cipherText, null, null, null), Context.NONE);
+ public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] ciphertext) {
+ return decrypt(new DecryptOptions(algorithm, ciphertext, null, null, null), Context.NONE);
}
/**
@@ -286,7 +286,7 @@ public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] cipherText) {
* @return The decrypted blob.
* @throws ResourceNotFoundException If the key cannot be found for encryption.
* @throws UnsupportedOperationException If the decrypt operation is not supported or configured on the key.
- * @throws NullPointerException If {@code algorithm} or {@code cipherText} are {@code null}.
+ * @throws NullPointerException If {@code decryptOptions} is {@code null}.
*/
public DecryptResult decrypt(DecryptOptions decryptOptions, Context context) {
return client.decrypt(decryptOptions, context).block();
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyServiceClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyServiceClient.java
index d6b22b16da1c2..9a4a691d8ff1d 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyServiceClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyServiceClient.java
@@ -133,7 +133,7 @@ Mono encrypt(EncryptOptions encryptOptions, Context context) {
byte[] authenticatedData = encryptOptions.getAdditionalAuthenticatedData();
KeyOperationParameters parameters = new KeyOperationParameters()
.setAlgorithm(algorithm)
- .setValue(encryptOptions.getPlainText())
+ .setValue(encryptOptions.getPlaintext())
.setIv(iv)
.setAdditionalAuthenticatedData(authenticatedData);
context = context == null ? Context.NONE : context;
@@ -158,7 +158,7 @@ Mono decrypt(DecryptOptions decryptOptions, Context context) {
byte[] authenticationTag = decryptOptions.getAuthenticationTag();
KeyOperationParameters parameters = new KeyOperationParameters()
.setAlgorithm(algorithm)
- .setValue(decryptOptions.getCipherText())
+ .setValue(decryptOptions.getCiphertext())
.setIv(iv)
.setAdditionalAuthenticatedData(additionalAuthenticatedData)
.setAuthenticationTag(authenticationTag);
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/DecryptOptions.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/DecryptOptions.java
index d539aab3aa694..54dd9a8246e5b 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/DecryptOptions.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/DecryptOptions.java
@@ -20,7 +20,7 @@ public class DecryptOptions {
/**
* The content to be decrypted.
*/
- private final byte[] cipherText;
+ private final byte[] ciphertext;
/**
* Initialization vector to be used in the decryption operation using a symmetric algorithm.
@@ -41,51 +41,51 @@ public class DecryptOptions {
* Factory method to create an instance of {@link DecryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A128CBC}.
*
- * @param plainText The content to be encryption.
- * @param iv Initialization vector for the encryption operation.
+ * @param ciphertext The content to be decrypted.
+ * @param iv Initialization vector for the decryption operation.
* @return The {@link DecryptOptions}.
*/
- public static DecryptOptions createAes128CbcOptions(byte[] plainText, byte[] iv) {
- return new DecryptOptions(EncryptionAlgorithm.A128CBC, plainText, iv, null, null);
+ public static DecryptOptions createAes128CbcOptions(byte[] ciphertext, byte[] iv) {
+ return new DecryptOptions(EncryptionAlgorithm.A128CBC, ciphertext, iv, null, null);
}
/**
* Factory method to create an instance of {@link DecryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A128CBCPAD}.
*
- * @param plainText The content to be encryption.
- * @param iv Initialization vector for the encryption operation.
+ * @param ciphertext The content to be decrypted.
+ * @param iv Initialization vector for the decryption operation.
* @return The {@link DecryptOptions}.
*/
- public static DecryptOptions createAes128CbcPadOptions(byte[] plainText, byte[] iv) {
- return new DecryptOptions(EncryptionAlgorithm.A128CBCPAD, plainText, iv, null, null);
+ public static DecryptOptions createAes128CbcPadOptions(byte[] ciphertext, byte[] iv) {
+ return new DecryptOptions(EncryptionAlgorithm.A128CBCPAD, ciphertext, iv, null, null);
}
/**
* Factory method to create an instance of {@link DecryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A128GCM}.
*
- * @param plainText The content to be encryption.
- * @param iv Initialization vector for the encryption operation.
+ * @param ciphertext The content to be decrypted.
+ * @param iv Initialization vector for the decryption operation.
* @param authenticationTag The tag to authenticate when performing decryption.
* @return The {@link DecryptOptions}.
*/
- public static DecryptOptions createAes128GcmOptions(byte[] plainText, byte[] iv, byte[] authenticationTag) {
- return createAes128GcmOptions(plainText, iv, authenticationTag, null);
+ public static DecryptOptions createAes128GcmOptions(byte[] ciphertext, byte[] iv, byte[] authenticationTag) {
+ return createAes128GcmOptions(ciphertext, iv, authenticationTag, null);
}
/**
* Factory method to create an instance of {@link DecryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A128GCM}.
*
- * @param plainText The content to be encryption.
- * @param iv Initialization vector for the encryption operation.
+ * @param ciphertext The content to be decrypted.
+ * @param iv Initialization vector for the decryption operation.
* @param authenticationTag The tag to authenticate when performing decryption.
* @param additionalAuthenticatedData Additional data to authenticate when using authenticated crypto algorithms.
* @return The {@link DecryptOptions}.
*/
- public static DecryptOptions createAes128GcmOptions(byte[] plainText, byte[] iv, byte[] authenticationTag,
+ public static DecryptOptions createAes128GcmOptions(byte[] ciphertext, byte[] iv, byte[] authenticationTag,
byte[] additionalAuthenticatedData) {
- return new DecryptOptions(EncryptionAlgorithm.A128GCM, plainText, iv, authenticationTag,
+ return new DecryptOptions(EncryptionAlgorithm.A128GCM, ciphertext, iv, authenticationTag,
additionalAuthenticatedData);
}
@@ -93,103 +93,103 @@ public static DecryptOptions createAes128GcmOptions(byte[] plainText, byte[] iv,
* Factory method to create an instance of {@link DecryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A192CBC}.
*
- * @param plainText The content to be encryption.
- * @param iv Initialization vector for the encryption operation.
+ * @param ciphertext The content to be decrypted.
+ * @param iv Initialization vector for the decryption operation.
* @return The {@link DecryptOptions}.
*/
- public static DecryptOptions createAes192CbcOptions(byte[] plainText, byte[] iv) {
- return new DecryptOptions(EncryptionAlgorithm.A192CBC, plainText, iv, null, null);
+ public static DecryptOptions createAes192CbcOptions(byte[] ciphertext, byte[] iv) {
+ return new DecryptOptions(EncryptionAlgorithm.A192CBC, ciphertext, iv, null, null);
}
/**
* Factory method to create an instance of {@link DecryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A192CBCPAD}.
*
- * @param plainText The content to be encryption.
- * @param iv Initialization vector for the encryption operation.
+ * @param ciphertext The content to be decrypted.
+ * @param iv Initialization vector for the decryption operation.
* @return The {@link DecryptOptions}.
*/
- public static DecryptOptions createAes192CbcPadOptions(byte[] plainText, byte[] iv) {
- return new DecryptOptions(EncryptionAlgorithm.A192CBCPAD, plainText, iv, null, null);
+ public static DecryptOptions createAes192CbcPadOptions(byte[] ciphertext, byte[] iv) {
+ return new DecryptOptions(EncryptionAlgorithm.A192CBCPAD, ciphertext, iv, null, null);
}
/**
* Factory method to create an instance of {@link DecryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A192GCM}.
*
- * @param plainText The content to be encryption.
- * @param iv Initialization vector for the encryption operation.
+ * @param ciphertext The content to be decrypted.
+ * @param iv Initialization vector for the decryption operation.
* @param authenticationTag The tag to authenticate when performing decryption.
* @return The {@link DecryptOptions}.
*/
- public static DecryptOptions createAes192GcmOptions(byte[] plainText, byte[] iv, byte[] authenticationTag) {
- return createAes192GcmOptions(plainText, iv, authenticationTag, null);
+ public static DecryptOptions createAes192GcmOptions(byte[] ciphertext, byte[] iv, byte[] authenticationTag) {
+ return createAes192GcmOptions(ciphertext, iv, authenticationTag, null);
}
/**
* Factory method to create an instance of {@link DecryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A192GCM}.
*
- * @param plainText The content to be encryption.
- * @param iv Initialization vector for the encryption operation.
+ * @param ciphertext The content to be decrypted.
+ * @param iv Initialization vector for the decryption operation.
* @param authenticationTag The tag to authenticate when performing decryption.
* @param additionalAuthenticatedData Additional data to authenticate when using authenticated crypto algorithms.
* @return The {@link DecryptOptions}.
*/
- public static DecryptOptions createAes192GcmOptions(byte[] plainText, byte[] iv, byte[] authenticationTag,
+ public static DecryptOptions createAes192GcmOptions(byte[] ciphertext, byte[] iv, byte[] authenticationTag,
byte[] additionalAuthenticatedData) {
- return new DecryptOptions(EncryptionAlgorithm.A192GCM, plainText, iv, authenticationTag,
+ return new DecryptOptions(EncryptionAlgorithm.A192GCM, ciphertext, iv, authenticationTag,
additionalAuthenticatedData);
}
/**
* Factory method to create an instance of {@link DecryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A256CBC}.
*
- * @param plainText The content to be encryption.
- * @param iv Initialization vector for the encryption operation.
+ * @param ciphertext The content to be decrypted.
+ * @param iv Initialization vector for the decryption operation.
* @return The {@link DecryptOptions}.
*/
- public static DecryptOptions createAes256CbcOptions(byte[] plainText, byte[] iv) {
- return new DecryptOptions(EncryptionAlgorithm.A256CBC, plainText, iv, null, null);
+ public static DecryptOptions createAes256CbcOptions(byte[] ciphertext, byte[] iv) {
+ return new DecryptOptions(EncryptionAlgorithm.A256CBC, ciphertext, iv, null, null);
}
/**
* Factory method to create an instance of {@link DecryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A256CBCPAD}.
*
- * @param plainText The content to be encryption.
- * @param iv Initialization vector for the encryption operation.
+ * @param ciphertext The content to be decrypted.
+ * @param iv Initialization vector for the decryption operation.
* @return The {@link DecryptOptions}.
*/
- public static DecryptOptions createAes256CbcPadOptions(byte[] plainText, byte[] iv) {
- return new DecryptOptions(EncryptionAlgorithm.A256CBCPAD, plainText, iv, null, null);
+ public static DecryptOptions createAes256CbcPadOptions(byte[] ciphertext, byte[] iv) {
+ return new DecryptOptions(EncryptionAlgorithm.A256CBCPAD, ciphertext, iv, null, null);
}
/**
* Factory method to create an instance of {@link DecryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A256GCM}.
*
- * @param plainText The content to be encryption.
- * @param iv Initialization vector for the encryption operation.
+ * @param ciphertext The content to be decrypted.
+ * @param iv Initialization vector for the decryption operation.
* @param authenticationTag The tag to authenticate when performing decryption.
* @return The {@link DecryptOptions}.
*/
- public static DecryptOptions createAes256GcmOptions(byte[] plainText, byte[] iv, byte[] authenticationTag) {
- return createAes256GcmOptions(plainText, iv, authenticationTag, null);
+ public static DecryptOptions createAes256GcmOptions(byte[] ciphertext, byte[] iv, byte[] authenticationTag) {
+ return createAes256GcmOptions(ciphertext, iv, authenticationTag, null);
}
/**
* Factory method to create an instance of {@link DecryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A256GCM}.
*
- * @param plainText The content to be encryption.
- * @param iv Initialization vector for the encryption operation.
+ * @param ciphertext The content to be decrypted.
+ * @param iv Initialization vector for the decryption operation.
* @param authenticationTag The tag to authenticate when performing decryption.
* @param additionalAuthenticatedData Additional data to authenticate when using authenticated crypto algorithms.
* @return The {@link DecryptOptions}.
*/
- public static DecryptOptions createAes256GcmOptions(byte[] plainText, byte[] iv, byte[] authenticationTag,
+ public static DecryptOptions createAes256GcmOptions(byte[] ciphertext, byte[] iv, byte[] authenticationTag,
byte[] additionalAuthenticatedData) {
- return new DecryptOptions(EncryptionAlgorithm.A256GCM, plainText, iv, authenticationTag,
+ return new DecryptOptions(EncryptionAlgorithm.A256GCM, ciphertext, iv, authenticationTag,
additionalAuthenticatedData);
}
@@ -197,39 +197,39 @@ public static DecryptOptions createAes256GcmOptions(byte[] plainText, byte[] iv,
* Creates an instance of {@link DecryptOptions} with the given parameters.
*
* @param algorithm The algorithm to be used for decryption.
- * @param cipherText The content to be decrypted.
- * @param iv Initialization vector for the encryption operation.
+ * @param ciphertext The content to be decrypted.
+ * @param iv Initialization vector for the decryption operation.
* @param authenticationTag The tag to authenticate when performing decryption.
* @param additionalAuthenticatedData Additional data to authenticate when using authenticated crypto algorithms.
*/
- DecryptOptions(EncryptionAlgorithm algorithm, byte[] cipherText, byte[] iv, byte[] authenticationTag,
+ DecryptOptions(EncryptionAlgorithm algorithm, byte[] ciphertext, byte[] iv, byte[] authenticationTag,
byte[] additionalAuthenticatedData) {
Objects.requireNonNull(algorithm, "Encryption algorithm cannot be null.");
- Objects.requireNonNull(cipherText, "Cipher text content to be decrypted cannot be null.");
+ Objects.requireNonNull(ciphertext, "Cipher text content to be decrypted cannot be null.");
this.algorithm = algorithm;
- this.cipherText = CoreUtils.clone(cipherText);
+ this.ciphertext = CoreUtils.clone(ciphertext);
this.iv = CoreUtils.clone(iv);
this.additionalAuthenticatedData = CoreUtils.clone(additionalAuthenticatedData);
this.authenticationTag = CoreUtils.clone(authenticationTag);
}
/**
- * The algorithm to be used for encryption.
+ * The algorithm to be used for decryption.
*
- * @return The algorithm to be used for encryption.
+ * @return The algorithm to be used for decryption.
*/
public EncryptionAlgorithm getAlgorithm() {
return algorithm;
}
/**
- * Get the content to be encrypted.
+ * Get the content to be decrypted.
*
- * @return The content to be encrypted.
+ * @return The content to be decrypted.
*/
- public byte[] getCipherText() {
- return CoreUtils.clone(cipherText);
+ public byte[] getCiphertext() {
+ return CoreUtils.clone(ciphertext);
}
/**
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EncryptOptions.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EncryptOptions.java
index 0f4a3ffeca1f5..92e551609cf31 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EncryptOptions.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EncryptOptions.java
@@ -20,7 +20,7 @@ public class EncryptOptions {
/**
* The content to be encrypted.
*/
- private final byte[] plainText;
+ private final byte[] plaintext;
/**
* Initialization vector to be used in the encryption operation using a symmetric algorithm.
@@ -36,232 +36,232 @@ public class EncryptOptions {
* Factory method to create an instance of {@link EncryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A128CBC}.
*
- * @param plainText The content to be encryption.
+ * @param plaintext The content to be encryption.
* @return The {@link EncryptOptions}.
*/
- public static EncryptOptions createAes128CbcOptions(byte[] plainText) {
- return createAes128CbcOptions(plainText, null);
+ public static EncryptOptions createAes128CbcOptions(byte[] plaintext) {
+ return createAes128CbcOptions(plaintext, null);
}
/**
* Factory method to create an instance of {@link EncryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A128CBC}.
*
- * @param plainText The content to be encryption.
+ * @param plaintext The content to be encryption.
* @param iv Initialization vector for the encryption operation.
* @return The {@link EncryptOptions}.
*/
- public static EncryptOptions createAes128CbcOptions(byte[] plainText, byte[] iv) {
- return new EncryptOptions(EncryptionAlgorithm.A128CBC, plainText, iv, null);
+ public static EncryptOptions createAes128CbcOptions(byte[] plaintext, byte[] iv) {
+ return new EncryptOptions(EncryptionAlgorithm.A128CBC, plaintext, iv, null);
}
/**
* Factory method to create an instance of {@link EncryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A128CBCPAD}.
*
- * @param plainText The content to be encryption.
+ * @param plaintext The content to be encryption.
* @return The {@link EncryptOptions}.
*/
- public static EncryptOptions createAes128CbcPadOptions(byte[] plainText) {
- return createAes128CbcPadOptions(plainText, null);
+ public static EncryptOptions createAes128CbcPadOptions(byte[] plaintext) {
+ return createAes128CbcPadOptions(plaintext, null);
}
/**
* Factory method to create an instance of {@link EncryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A128CBCPAD}.
*
- * @param plainText The content to be encryption.
+ * @param plaintext The content to be encryption.
* @param iv Initialization vector for the encryption operation.
* @return The {@link EncryptOptions}.
*/
- public static EncryptOptions createAes128CbcPadOptions(byte[] plainText, byte[] iv) {
- return new EncryptOptions(EncryptionAlgorithm.A128CBCPAD, plainText, iv, null);
+ public static EncryptOptions createAes128CbcPadOptions(byte[] plaintext, byte[] iv) {
+ return new EncryptOptions(EncryptionAlgorithm.A128CBCPAD, plaintext, iv, null);
}
/**
* Factory method to create an instance of {@link EncryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A128GCM}.
*
- * @param plainText The content to be encryption.
+ * @param plaintext The content to be encryption.
* @param iv Initialization vector for the encryption operation.
* @return The {@link EncryptOptions}.
*/
- public static EncryptOptions createAes128GcmOptions(byte[] plainText, byte[] iv) {
- return createAes128GcmOptions(plainText, iv, null);
+ public static EncryptOptions createAes128GcmOptions(byte[] plaintext, byte[] iv) {
+ return createAes128GcmOptions(plaintext, iv, null);
}
/**
* Factory method to create an instance of {@link EncryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A128GCM}.
*
- * @param plainText The content to be encryption.
+ * @param plaintext The content to be encryption.
* @param iv Initialization vector for the encryption operation.
* @param additionalAuthenticatedData Additional data to authenticate when using authenticated crypto algorithms.
* @return The {@link EncryptOptions}.
*/
- public static EncryptOptions createAes128GcmOptions(byte[] plainText, byte[] iv,
+ public static EncryptOptions createAes128GcmOptions(byte[] plaintext, byte[] iv,
byte[] additionalAuthenticatedData) {
- return new EncryptOptions(EncryptionAlgorithm.A128GCM, plainText, iv, additionalAuthenticatedData);
+ return new EncryptOptions(EncryptionAlgorithm.A128GCM, plaintext, iv, additionalAuthenticatedData);
}
/**
* Factory method to create an instance of {@link EncryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A192CBC}.
*
- * @param plainText The content to be encryption.
+ * @param plaintext The content to be encryption.
* @return The {@link EncryptOptions}.
*/
- public static EncryptOptions createAes192CbcOptions(byte[] plainText) {
- return createAes192CbcOptions(plainText, null);
+ public static EncryptOptions createAes192CbcOptions(byte[] plaintext) {
+ return createAes192CbcOptions(plaintext, null);
}
/**
* Factory method to create an instance of {@link EncryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A192CBC}.
*
- * @param plainText The content to be encryption.
+ * @param plaintext The content to be encryption.
* @param iv Initialization vector for the encryption operation.
* @return The {@link EncryptOptions}.
*/
- public static EncryptOptions createAes192CbcOptions(byte[] plainText, byte[] iv) {
- return new EncryptOptions(EncryptionAlgorithm.A192CBC, plainText, iv, null);
+ public static EncryptOptions createAes192CbcOptions(byte[] plaintext, byte[] iv) {
+ return new EncryptOptions(EncryptionAlgorithm.A192CBC, plaintext, iv, null);
}
/**
* Factory method to create an instance of {@link EncryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A192CBCPAD}.
*
- * @param plainText The content to be encryption.
+ * @param plaintext The content to be encryption.
* @return The {@link EncryptOptions}.
*/
- public static EncryptOptions createAes192CbcPadOptions(byte[] plainText) {
- return createAes192CbcPadOptions(plainText, null);
+ public static EncryptOptions createAes192CbcPadOptions(byte[] plaintext) {
+ return createAes192CbcPadOptions(plaintext, null);
}
/**
* Factory method to create an instance of {@link EncryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A192CBCPAD}.
*
- * @param plainText The content to be encryption.
+ * @param plaintext The content to be encryption.
* @param iv Initialization vector for the encryption operation.
* @return The {@link EncryptOptions}.
*/
- public static EncryptOptions createAes192CbcPadOptions(byte[] plainText, byte[] iv) {
- return new EncryptOptions(EncryptionAlgorithm.A192CBCPAD, plainText, iv, null);
+ public static EncryptOptions createAes192CbcPadOptions(byte[] plaintext, byte[] iv) {
+ return new EncryptOptions(EncryptionAlgorithm.A192CBCPAD, plaintext, iv, null);
}
/**
* Factory method to create an instance of {@link EncryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A192GCM}.
*
- * @param plainText The content to be encryption.
+ * @param plaintext The content to be encryption.
* @param iv Initialization vector for the encryption operation.
* @return The {@link EncryptOptions}.
*/
- public static EncryptOptions createAes192GcmOptions(byte[] plainText, byte[] iv) {
- return createAes192GcmOptions(plainText, iv, null);
+ public static EncryptOptions createAes192GcmOptions(byte[] plaintext, byte[] iv) {
+ return createAes192GcmOptions(plaintext, iv, null);
}
/**
* Factory method to create an instance of {@link EncryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A192GCM}.
*
- * @param plainText The content to be encryption.
+ * @param plaintext The content to be encryption.
* @param iv Initialization vector for the encryption operation.
* @param additionalAuthenticatedData Additional data to authenticate when using authenticated crypto algorithms.
* @return The {@link EncryptOptions}.
*/
- public static EncryptOptions createAes192GcmOptions(byte[] plainText, byte[] iv,
+ public static EncryptOptions createAes192GcmOptions(byte[] plaintext, byte[] iv,
byte[] additionalAuthenticatedData) {
- return new EncryptOptions(EncryptionAlgorithm.A192GCM, plainText, iv, additionalAuthenticatedData);
+ return new EncryptOptions(EncryptionAlgorithm.A192GCM, plaintext, iv, additionalAuthenticatedData);
}
/**
* Factory method to create an instance of {@link EncryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A256CBC}.
*
- * @param plainText The content to be encryption.
+ * @param plaintext The content to be encryption.
* @return The {@link EncryptOptions}.
*/
- public static EncryptOptions createAes256CbcOptions(byte[] plainText) {
- return createAes256CbcOptions(plainText, null);
+ public static EncryptOptions createAes256CbcOptions(byte[] plaintext) {
+ return createAes256CbcOptions(plaintext, null);
}
/**
* Factory method to create an instance of {@link EncryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A256CBC}.
*
- * @param plainText The content to be encryption.
+ * @param plaintext The content to be encryption.
* @param iv Initialization vector for the encryption operation.
* @return The {@link EncryptOptions}.
*/
- public static EncryptOptions createAes256CbcOptions(byte[] plainText, byte[] iv) {
- return new EncryptOptions(EncryptionAlgorithm.A256CBC, plainText, iv, null);
+ public static EncryptOptions createAes256CbcOptions(byte[] plaintext, byte[] iv) {
+ return new EncryptOptions(EncryptionAlgorithm.A256CBC, plaintext, iv, null);
}
/**
* Factory method to create an instance of {@link EncryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A256CBCPAD}.
*
- * @param plainText The content to be encryption.
+ * @param plaintext The content to be encryption.
* @return The {@link EncryptOptions}.
*/
- public static EncryptOptions createAes256CbcPadOptions(byte[] plainText) {
- return createAes256CbcPadOptions(plainText, null);
+ public static EncryptOptions createAes256CbcPadOptions(byte[] plaintext) {
+ return createAes256CbcPadOptions(plaintext, null);
}
/**
* Factory method to create an instance of {@link EncryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A256CBCPAD}.
*
- * @param plainText The content to be encryption.
+ * @param plaintext The content to be encryption.
* @param iv Initialization vector for the encryption operation.
* @return The {@link EncryptOptions}.
*/
- public static EncryptOptions createAes256CbcPadOptions(byte[] plainText, byte[] iv) {
- return new EncryptOptions(EncryptionAlgorithm.A256CBCPAD, plainText, iv, null);
+ public static EncryptOptions createAes256CbcPadOptions(byte[] plaintext, byte[] iv) {
+ return new EncryptOptions(EncryptionAlgorithm.A256CBCPAD, plaintext, iv, null);
}
/**
* Factory method to create an instance of {@link EncryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A256GCM}.
*
- * @param plainText The content to be encryption.
+ * @param plaintext The content to be encryption.
* @param iv Initialization vector for the encryption operation.
* @return The {@link EncryptOptions}.
*/
- public static EncryptOptions createAes256GcmOptions(byte[] plainText, byte[] iv) {
- return createAes256GcmOptions(plainText, iv, null);
+ public static EncryptOptions createAes256GcmOptions(byte[] plaintext, byte[] iv) {
+ return createAes256GcmOptions(plaintext, iv, null);
}
/**
* Factory method to create an instance of {@link EncryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A256GCM}.
*
- * @param plainText The content to be encryption.
+ * @param plaintext The content to be encryption.
* @param iv Initialization vector for the encryption operation.
* @param additionalAuthenticatedData Additional data to authenticate when using authenticated crypto algorithms.
* @return The {@link EncryptOptions}.
*/
- public static EncryptOptions createAes256GcmOptions(byte[] plainText, byte[] iv,
+ public static EncryptOptions createAes256GcmOptions(byte[] plaintext, byte[] iv,
byte[] additionalAuthenticatedData) {
- return new EncryptOptions(EncryptionAlgorithm.A256GCM, plainText, iv, additionalAuthenticatedData);
+ return new EncryptOptions(EncryptionAlgorithm.A256GCM, plaintext, iv, additionalAuthenticatedData);
}
/**
* Creates an instance of {@link EncryptOptions} with the given parameters.
*
* @param algorithm The algorithm to be used for encryption.
- * @param plainText The content to be encrypted.
+ * @param plaintext The content to be encrypted.
* @param iv Initialization vector for the encryption operation.
* @param additionalAuthenticatedData Additional data to authenticate when using authenticated crypto algorithms.
*/
- EncryptOptions(EncryptionAlgorithm algorithm, byte[] plainText, byte[] iv, byte[] additionalAuthenticatedData) {
+ EncryptOptions(EncryptionAlgorithm algorithm, byte[] plaintext, byte[] iv, byte[] additionalAuthenticatedData) {
Objects.requireNonNull(algorithm, "Encryption algorithm cannot be null.");
- Objects.requireNonNull(plainText, "Plain text content to be encrypted cannot be null.");
+ Objects.requireNonNull(plaintext, "Plain text content to be encrypted cannot be null.");
this.algorithm = algorithm;
- this.plainText = CoreUtils.clone(plainText);
+ this.plaintext = CoreUtils.clone(plaintext);
this.iv = CoreUtils.clone(iv);
this.additionalAuthenticatedData = CoreUtils.clone(additionalAuthenticatedData);
}
@@ -280,8 +280,8 @@ public EncryptionAlgorithm getAlgorithm() {
*
* @return The content to be encrypted.
*/
- public byte[] getPlainText() {
- return CoreUtils.clone(plainText);
+ public byte[] getPlaintext() {
+ return CoreUtils.clone(plaintext);
}
/**
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClient.java
index b8f174d1df5ef..491f212e49b41 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClient.java
@@ -69,8 +69,8 @@ Mono getKeyId() {
* @param plaintext The content to be encrypted.
* @return A {@link Mono} containing a {@link EncryptResult} whose {@link EncryptResult#getCipherText() cipher text}
* contains the encrypted content.
- * @throws UnsupportedOperationException if the encrypt operation is not supported or configured on the key.
- * @throws NullPointerException if {@code algorithm} or {@code plainText} is null.
+ * @throws UnsupportedOperationException If the encrypt operation is not supported or configured on the key.
+ * @throws NullPointerException if {@code algorithm} or {@code plaintext} is {@code null}.
*/
public Mono encrypt(EncryptionAlgorithm algorithm, byte[] plaintext) {
return cryptographyAsyncClient.encrypt(algorithm, plaintext);
@@ -103,8 +103,8 @@ public Mono encrypt(EncryptionAlgorithm algorithm, byte[] plainte
* @param encryptOptions The parameters to use in the encryption operation.
* @return A {@link Mono} containing a {@link EncryptResult} whose {@link EncryptResult#getCipherText() cipher text}
* contains the encrypted content.
- * @throws UnsupportedOperationException if the encrypt operation is not supported or configured on the key.
- * @throws NullPointerException if {@code algorithm} or {@code plainText} is null.
+ * @throws UnsupportedOperationException If the encrypt operation is not supported or configured on the key.
+ * @throws NullPointerException if {@code encryptOptions} is {@code null}.
*/
public Mono encrypt(EncryptOptions encryptOptions) {
return cryptographyAsyncClient.encrypt(encryptOptions);
@@ -135,13 +135,13 @@ public Mono encrypt(EncryptOptions encryptOptions) {
* {@codesnippet com.azure.security.keyvault.keys.cryptography.LocalCryptographyAsyncClient.decrypt#EncryptionAlgorithm-byte}
*
* @param algorithm The algorithm to be used for decryption.
- * @param cipherText The content to be decrypted.
+ * @param ciphertext The content to be decrypted.
* @return A {@link Mono} containing the decrypted blob.
- * @throws UnsupportedOperationException if the decrypt operation is not supported or configured on the key.
- * @throws NullPointerException if {@code algorithm} or {@code cipherText} is null.
+ * @throws UnsupportedOperationException If the decrypt operation is not supported or configured on the key.
+ * @throws NullPointerException If {@code algorithm} or {@code ciphertext} are {@code null}.
*/
- public Mono decrypt(EncryptionAlgorithm algorithm, byte[] cipherText) {
- return cryptographyAsyncClient.decrypt(algorithm, cipherText);
+ public Mono decrypt(EncryptionAlgorithm algorithm, byte[] ciphertext) {
+ return cryptographyAsyncClient.decrypt(algorithm, ciphertext);
}
/**
@@ -170,8 +170,8 @@ public Mono decrypt(EncryptionAlgorithm algorithm, byte[] cipherT
*
* @param decryptOptions The parameters to use in the decryption operation.
* @return A {@link Mono} containing the decrypted blob.
- * @throws UnsupportedOperationException if the decrypt operation is not supported or configured on the key.
- * @throws NullPointerException if {@code algorithm} or {@code cipherText} is null.
+ * @throws UnsupportedOperationException If the decrypt operation is not supported or configured on the key.
+ * @throws NullPointerException If {@code decryptOptions} is {@code null}.
*/
public Mono decrypt(DecryptOptions decryptOptions) {
return cryptographyAsyncClient.decrypt(decryptOptions);
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClient.java
index 0dc23643c0e34..2c55c84bfc0c4 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClient.java
@@ -65,8 +65,8 @@ public class LocalCryptographyClient {
* @param plaintext The content to be encrypted.
* @return The {@link EncryptResult} whose {@link EncryptResult#getCipherText() cipher text} contains the encrypted
* content.
- * @throws UnsupportedOperationException if the encrypt operation is not supported or configured on the key.
- * @throws NullPointerException if {@code algorithm} or {@code plainText} is null.
+ * @throws UnsupportedOperationException If the encrypt operation is not supported or configured on the key.
+ * @throws NullPointerException If {@code decryptOptions} or {@code plaintext} is {@code null}.
*/
public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plaintext) {
return client.encrypt(algorithm, plaintext).block();
@@ -99,8 +99,8 @@ public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plaintext) {
* @param encryptOptions The parameters to use in the encryption operation.
* @return The {@link EncryptResult} whose {@link EncryptResult#getCipherText() cipher text} contains the encrypted
* content.
- * @throws UnsupportedOperationException if the encrypt operation is not supported or configured on the key.
- * @throws NullPointerException if {@code algorithm} or {@code plainText} is null.
+ * @throws UnsupportedOperationException If the encrypt operation is not supported or configured on the key.
+ * @throws NullPointerException If {@code decryptOptions} is {@code null}.
*/
public EncryptResult encrypt(EncryptOptions encryptOptions) {
return client.encrypt(encryptOptions).block();
@@ -131,13 +131,13 @@ public EncryptResult encrypt(EncryptOptions encryptOptions) {
* {@codesnippet com.azure.security.keyvault.keys.cryptography.LocalCryptographyClient.decrypt#EncryptionAlgorithm-byte}
*
* @param algorithm The algorithm to be used for decryption.
- * @param cipherText The content to be decrypted.
+ * @param ciphertext The content to be decrypted.
* @return The decrypted blob.
- * @throws UnsupportedOperationException if the decrypt operation is not supported or configured on the key.
- * @throws NullPointerException if {@code algorithm} or {@code cipherText} is null.
+ * @throws UnsupportedOperationException If the decrypt operation is not supported or configured on the key.
+ * @throws NullPointerException If {@code algorithm} or {@code ciphertext} is {@code null}.
*/
- public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] cipherText) {
- return client.decrypt(algorithm, cipherText).block();
+ public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] ciphertext) {
+ return client.decrypt(algorithm, ciphertext).block();
}
/**
@@ -166,8 +166,8 @@ public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] cipherText) {
*
* @param decryptOptions The parameters to use in the decryption operation.
* @return The decrypted blob.
- * @throws UnsupportedOperationException if the decrypt operation is not supported or configured on the key.
- * @throws NullPointerException if {@code algorithm} or {@code cipherText} is null.
+ * @throws UnsupportedOperationException If the decrypt operation is not supported or configured on the key.
+ * @throws NullPointerException If {@code decryptOptions} is {@code null}.
*/
public DecryptResult decrypt(DecryptOptions decryptOptions) {
return client.decrypt(decryptOptions).block();
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/RsaKeyCryptographyClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/RsaKeyCryptographyClient.java
index e6a3d34ee6cbf..98827d4ab14d8 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/RsaKeyCryptographyClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/RsaKeyCryptographyClient.java
@@ -56,7 +56,7 @@ private KeyPair getKeyPair(JsonWebKey key) {
Mono encryptAsync(EncryptOptions encryptOptions, Context context, JsonWebKey jsonWebKey) {
Objects.requireNonNull(encryptOptions, "'encryptOptions' cannot be null.");
Objects.requireNonNull(encryptOptions.getAlgorithm(), "Encryption algorithm cannot be null.");
- Objects.requireNonNull(encryptOptions.getPlainText(), "Plain text content to be encrypted cannot be null.");
+ Objects.requireNonNull(encryptOptions.getPlaintext(), "Plain text content to be encrypted cannot be null.");
keyPair = getKeyPair(jsonWebKey);
@@ -87,7 +87,7 @@ Mono encryptAsync(EncryptOptions encryptOptions, Context context,
try {
transform = algo.createEncryptor(keyPair);
- return Mono.just(new EncryptResult(transform.doFinal(encryptOptions.getPlainText()), algorithm,
+ return Mono.just(new EncryptResult(transform.doFinal(encryptOptions.getPlaintext()), algorithm,
jsonWebKey.getId()));
} catch (InvalidKeyException
| NoSuchAlgorithmException
@@ -102,7 +102,7 @@ Mono encryptAsync(EncryptOptions encryptOptions, Context context,
Mono decryptAsync(DecryptOptions decryptOptions, Context context, JsonWebKey jsonWebKey) {
Objects.requireNonNull(decryptOptions, "'decryptOptions' cannot be null.");
Objects.requireNonNull(decryptOptions.getAlgorithm(), "Encryption algorithm cannot be null.");
- Objects.requireNonNull(decryptOptions.getCipherText(), "Cipher text content to be decrypted cannot be null.");
+ Objects.requireNonNull(decryptOptions.getCiphertext(), "Cipher text content to be decrypted cannot be null.");
keyPair = getKeyPair(jsonWebKey);
@@ -133,7 +133,7 @@ Mono decryptAsync(DecryptOptions decryptOptions, Context context,
try {
transform = algo.createDecryptor(keyPair);
- return Mono.just(new DecryptResult(transform.doFinal(decryptOptions.getCipherText()), algorithm,
+ return Mono.just(new DecryptResult(transform.doFinal(decryptOptions.getCiphertext()), algorithm,
jsonWebKey.getId()));
} catch (InvalidKeyException
| NoSuchAlgorithmException
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/SymmetricKeyCryptographyClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/SymmetricKeyCryptographyClient.java
index 14ff39bf849f5..f253e52f8a23b 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/SymmetricKeyCryptographyClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/SymmetricKeyCryptographyClient.java
@@ -19,7 +19,6 @@
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
-import java.util.Objects;
class SymmetricKeyCryptographyClient extends LocalKeyCryptographyClient {
private static final int CBC_BLOCK_SIZE = 16;
@@ -52,10 +51,6 @@ private byte[] getKey(JsonWebKey key) {
@Override
Mono encryptAsync(EncryptOptions encryptOptions, Context context, JsonWebKey jsonWebKey) {
- Objects.requireNonNull(encryptOptions, "'encryptOptions' cannot be null.");
- Objects.requireNonNull(encryptOptions.getAlgorithm(), "Encryption algorithm cannot be null.");
- Objects.requireNonNull(encryptOptions.getPlainText(), "Plain text content to be encrypted cannot be null.");
-
this.key = getKey(jsonWebKey);
if (key == null || key.length == 0) {
@@ -101,7 +96,7 @@ Mono encryptAsync(EncryptOptions encryptOptions, Context context,
byte[] encrypted;
try {
- encrypted = transform.doFinal(encryptOptions.getPlainText());
+ encrypted = transform.doFinal(encryptOptions.getPlaintext());
} catch (Exception e) {
return Mono.error(e);
}
@@ -112,10 +107,6 @@ Mono encryptAsync(EncryptOptions encryptOptions, Context context,
@Override
Mono decryptAsync(DecryptOptions decryptOptions, Context context, JsonWebKey jsonWebKey) {
- Objects.requireNonNull(decryptOptions, "'decryptOptions' cannot be null.");
- Objects.requireNonNull(decryptOptions.getAlgorithm(), "Encryption algorithm cannot be null.");
- Objects.requireNonNull(decryptOptions.getCipherText(), "Cipher text content to be decrypted cannot be null.");
-
this.key = getKey(jsonWebKey);
if (key == null || key.length == 0) {
@@ -160,7 +151,7 @@ Mono decryptAsync(DecryptOptions decryptOptions, Context context,
byte[] decrypted;
try {
- decrypted = transform.doFinal(decryptOptions.getCipherText());
+ decrypted = transform.doFinal(decryptOptions.getCiphertext());
} catch (Exception e) {
return Mono.error(e);
}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/models/EncryptResult.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/models/EncryptResult.java
index 6239bbcc85cde..bce3f6e444d8b 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/models/EncryptResult.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/models/EncryptResult.java
@@ -5,7 +5,6 @@
import com.azure.core.annotation.Immutable;
import com.azure.core.util.CoreUtils;
-import com.fasterxml.jackson.annotation.JsonProperty;
/**
* Represents the details of encrypt operation result.
From 0bcd9cdafcd48fc0ca019709dbcf7f8eae9cccf8 Mon Sep 17 00:00:00 2001
From: Victor Colin Amador
Date: Thu, 12 Nov 2020 16:58:36 -0800
Subject: [PATCH 14/15] Reverted capitalization change.
---
.../keyvault/keys/cryptography/AesCbc.java | 8 +-
.../keyvault/keys/cryptography/AesCbcPad.java | 8 +-
.../keyvault/keys/cryptography/AesGcm.java | 8 +-
.../keyvault/keys/cryptography/AesKw.java | 8 +-
.../cryptography/CryptographyAsyncClient.java | 20 +--
.../keys/cryptography/CryptographyClient.java | 32 ++---
.../CryptographyServiceClient.java | 4 +-
.../keys/cryptography/DecryptOptions.java | 92 +++++++------
.../keys/cryptography/EncryptOptions.java | 122 +++++++++---------
.../LocalCryptographyAsyncClient.java | 20 +--
.../cryptography/LocalCryptographyClient.java | 16 +--
.../keyvault/keys/cryptography/Rsa15.java | 8 +-
.../RsaKeyCryptographyClient.java | 8 +-
.../keyvault/keys/cryptography/RsaOaep.java | 8 +-
.../SymmetricKeyCryptographyClient.java | 4 +-
15 files changed, 186 insertions(+), 180 deletions(-)
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbc.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbc.java
index d72fdf079b7a5..c98d10ba05877 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbc.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbc.java
@@ -43,8 +43,8 @@ static class AesCbcEncryptor implements ICryptoTransform {
}
@Override
- public byte[] doFinal(byte[] plaintext) throws IllegalBlockSizeException, BadPaddingException {
- return cipher.doFinal(plaintext);
+ public byte[] doFinal(byte[] plainText) throws IllegalBlockSizeException, BadPaddingException {
+ return cipher.doFinal(plainText);
}
}
@@ -65,8 +65,8 @@ static class AesCbcDecryptor implements ICryptoTransform {
}
@Override
- public byte[] doFinal(byte[] plaintext) throws IllegalBlockSizeException, BadPaddingException {
- return cipher.doFinal(plaintext);
+ public byte[] doFinal(byte[] plainText) throws IllegalBlockSizeException, BadPaddingException {
+ return cipher.doFinal(plainText);
}
}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbcPad.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbcPad.java
index 114f4f90e32a7..4e7230dd4072d 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbcPad.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbcPad.java
@@ -43,8 +43,8 @@ static class AesCbcPadEncryptor implements ICryptoTransform {
}
@Override
- public byte[] doFinal(byte[] plaintext) throws IllegalBlockSizeException, BadPaddingException {
- return cipher.doFinal(plaintext);
+ public byte[] doFinal(byte[] plainText) throws IllegalBlockSizeException, BadPaddingException {
+ return cipher.doFinal(plainText);
}
}
@@ -65,8 +65,8 @@ static class AesCbcPadDecryptor implements ICryptoTransform {
}
@Override
- public byte[] doFinal(byte[] plaintext) throws IllegalBlockSizeException, BadPaddingException {
- return cipher.doFinal(plaintext);
+ public byte[] doFinal(byte[] plainText) throws IllegalBlockSizeException, BadPaddingException {
+ return cipher.doFinal(plainText);
}
}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesGcm.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesGcm.java
index d0a6ddd5e1465..eaf161c51339e 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesGcm.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesGcm.java
@@ -47,8 +47,8 @@ static class AesGcmEncryptor implements ICryptoTransform {
}
@Override
- public byte[] doFinal(byte[] plaintext) throws IllegalBlockSizeException, BadPaddingException {
- return cipher.doFinal(plaintext);
+ public byte[] doFinal(byte[] plainText) throws IllegalBlockSizeException, BadPaddingException {
+ return cipher.doFinal(plainText);
}
}
@@ -75,8 +75,8 @@ static class AesGcmDecryptor implements ICryptoTransform {
}
@Override
- public byte[] doFinal(byte[] plaintext) throws IllegalBlockSizeException, BadPaddingException {
- return cipher.doFinal(plaintext);
+ public byte[] doFinal(byte[] plainText) throws IllegalBlockSizeException, BadPaddingException {
+ return cipher.doFinal(plainText);
}
}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesKw.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesKw.java
index e7fe66a1be746..05c16becc1f4b 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesKw.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesKw.java
@@ -48,10 +48,10 @@ static class AesKwDecryptor implements ICryptoTransform {
}
@Override
- public byte[] doFinal(byte[] plaintext)
+ public byte[] doFinal(byte[] plainText)
throws IllegalBlockSizeException, BadPaddingException, InvalidKeyException, NoSuchAlgorithmException {
- return cipher.unwrap(plaintext, "AESWrap", Cipher.SECRET_KEY).getEncoded();
+ return cipher.unwrap(plainText, "AESWrap", Cipher.SECRET_KEY).getEncoded();
}
}
@@ -81,10 +81,10 @@ static class AesKwEncryptor implements ICryptoTransform {
}
@Override
- public byte[] doFinal(byte[] plaintext)
+ public byte[] doFinal(byte[] plainText)
throws IllegalBlockSizeException, BadPaddingException, InvalidKeyException {
- return cipher.wrap(new SecretKeySpec(plaintext, "AES"));
+ return cipher.wrap(new SecretKeySpec(plainText, "AES"));
}
}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyAsyncClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyAsyncClient.java
index 2c2b999c9c0fd..949d4554da6ef 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyAsyncClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyAsyncClient.java
@@ -196,7 +196,7 @@ Mono getSecretKey() {
* portion of the key is used for encryption. This operation requires the keys/encrypt permission.
*
* The {@link EncryptionAlgorithm encryption algorithm} indicates the type of algorithm to use for encrypting the
- * specified {@code plaintext}. Possible values for asymmetric keys include:
+ * specified {@code plainText}. Possible values for asymmetric keys include:
* {@link EncryptionAlgorithm#RSA1_5 RSA1_5}, {@link EncryptionAlgorithm#RSA_OAEP RSA_OAEP} and
* {@link EncryptionAlgorithm#RSA_OAEP_256 RSA_OAEP_256}.
*
@@ -214,16 +214,16 @@ Mono getSecretKey() {
* {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.encrypt#EncryptionAlgorithm-byte}
*
* @param algorithm The algorithm to be used for encryption.
- * @param plaintext The content to be encrypted.
+ * @param plainText The content to be encrypted.
* @return A {@link Mono} containing a {@link EncryptResult} whose {@link EncryptResult#getCipherText() cipher text}
* contains the encrypted content.
* @throws ResourceNotFoundException If the key cannot be found for encryption.
* @throws UnsupportedOperationException If the encrypt operation is not supported or configured on the key.
- * @throws NullPointerException If {@code algorithm} or {@code plaintext} are {@code null}.
+ * @throws NullPointerException If {@code algorithm} or {@code plainText} are {@code null}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
- public Mono encrypt(EncryptionAlgorithm algorithm, byte[] plaintext) {
- return encrypt(new EncryptOptions(algorithm, plaintext, null, null), null);
+ public Mono encrypt(EncryptionAlgorithm algorithm, byte[] plainText) {
+ return encrypt(new EncryptOptions(algorithm, plainText, null, null), null);
}
/**
@@ -233,7 +233,7 @@ public Mono encrypt(EncryptionAlgorithm algorithm, byte[] plainte
* portion of the key is used for encryption. This operation requires the keys/encrypt permission.
*
* The {@link EncryptionAlgorithm encryption algorithm} indicates the type of algorithm to use for encrypting the
- * specified {@code plaintext}. Possible values for asymmetric keys include:
+ * specified {@code plainText}. Possible values for asymmetric keys include:
* {@link EncryptionAlgorithm#RSA1_5 RSA1_5}, {@link EncryptionAlgorithm#RSA_OAEP RSA_OAEP} and
* {@link EncryptionAlgorithm#RSA_OAEP_256 RSA_OAEP_256}.
*
@@ -309,15 +309,15 @@ Mono encrypt(EncryptOptions encryptOptions, Context context) {
* {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.decrypt#EncryptionAlgorithm-byte}
*
* @param algorithm The algorithm to be used for decryption.
- * @param ciphertext The content to be decrypted.
+ * @param cipherText The content to be decrypted.
* @return A {@link Mono} containing the decrypted blob.
* @throws ResourceNotFoundException If the key cannot be found for decryption.
* @throws UnsupportedOperationException If the decrypt operation is not supported or configured on the key.
- * @throws NullPointerException If {@code algorithm} or {@code ciphertext} are {@code null}.
+ * @throws NullPointerException If {@code algorithm} or {@code cipherText} are {@code null}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
- public Mono decrypt(EncryptionAlgorithm algorithm, byte[] ciphertext) {
- return decrypt(new DecryptOptions(algorithm, ciphertext, null, null, null));
+ public Mono decrypt(EncryptionAlgorithm algorithm, byte[] cipherText) {
+ return decrypt(new DecryptOptions(algorithm, cipherText, null, null, null));
}
/**
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyClient.java
index 790cfe5175367..75f6c7e555dc1 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyClient.java
@@ -102,16 +102,16 @@ public Response getKeyWithResponse(Context context) {
* {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyClient.encrypt#EncryptionAlgorithm-byte-Context}
*
* @param algorithm The algorithm to be used for encryption.
- * @param plaintext The content to be encrypted.
+ * @param plainText The content to be encrypted.
* @param context Additional context that is passed through the Http pipeline during the service call.
* @return A {@link EncryptResult} whose {@link EncryptResult#getCipherText() cipher text} contains the encrypted
* content.
* @throws ResourceNotFoundException If the key cannot be found for encryption.
* @throws UnsupportedOperationException If the encrypt operation is not supported or configured on the key.
- * @throws NullPointerException If {@code algorithm} or {@code plaintext} are {@code null}.
+ * @throws NullPointerException If {@code algorithm} or {@code plainText} are {@code null}.
*/
- public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plaintext, Context context) {
- return encrypt(new EncryptOptions(algorithm, plaintext, null, null), context);
+ public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plainText, Context context) {
+ return encrypt(new EncryptOptions(algorithm, plainText, null, null), context);
}
/**
@@ -139,15 +139,15 @@ public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plaintext, Co
* {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyClient.encrypt#EncryptionAlgorithm-byte}
*
* @param algorithm The algorithm to be used for encryption.
- * @param plaintext The content to be encrypted.
+ * @param plainText The content to be encrypted.
* @return The {@link EncryptResult} whose {@link EncryptResult#getCipherText() cipher text} contains the encrypted
* content.
* @throws ResourceNotFoundException If the key cannot be found for encryption.
* @throws UnsupportedOperationException If the encrypt operation is not supported or configured on the key.
- * @throws NullPointerException If {@code algorithm} or {@code plaintext} are {@code null}.
+ * @throws NullPointerException If {@code algorithm} or {@code plainText} are {@code null}.
*/
- public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plaintext) {
- return encrypt(algorithm, plaintext, Context.NONE);
+ public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plainText) {
+ return encrypt(algorithm, plainText, Context.NONE);
}
/**
@@ -211,15 +211,15 @@ public EncryptResult encrypt(EncryptOptions encryptOptions, Context context) {
* {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyClient.decrypt#EncryptionAlgorithm-byte-Context}
*
* @param algorithm The algorithm to be used for decryption.
- * @param ciphertext The content to be decrypted.
+ * @param cipherText The content to be decrypted.
* @param context Additional context that is passed through the Http pipeline during the service call.
* @return The decrypted blob.
* @throws ResourceNotFoundException If the key cannot be found for encryption.
* @throws UnsupportedOperationException If the decrypt operation is not supported or configured on the key.
- * @throws NullPointerException If {@code algorithm} or {@code ciphertext} are {@code null}.
+ * @throws NullPointerException If {@code algorithm} or {@code cipherText} are {@code null}.
*/
- public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] ciphertext, Context context) {
- return decrypt(new DecryptOptions(algorithm, ciphertext, null, null, null), context);
+ public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] cipherText, Context context) {
+ return decrypt(new DecryptOptions(algorithm, cipherText, null, null, null), context);
}
/**
@@ -247,14 +247,14 @@ public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] ciphertext, C
* {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyClient.decrypt#EncryptionAlgorithm-byte}
*
* @param algorithm The algorithm to be used for decryption.
- * @param ciphertext The content to be decrypted.
+ * @param cipherText The content to be decrypted.
* @return The decrypted blob.
* @throws ResourceNotFoundException If the key cannot be found for encryption.
* @throws UnsupportedOperationException If the decrypt operation is not supported or configured on the key.
- * @throws NullPointerException If {@code algorithm} or {@code ciphertext} are {@code null}.
+ * @throws NullPointerException If {@code algorithm} or {@code cipherText} are {@code null}.
*/
- public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] ciphertext) {
- return decrypt(new DecryptOptions(algorithm, ciphertext, null, null, null), Context.NONE);
+ public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] cipherText) {
+ return decrypt(new DecryptOptions(algorithm, cipherText, null, null, null), Context.NONE);
}
/**
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyServiceClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyServiceClient.java
index 9a4a691d8ff1d..d6b22b16da1c2 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyServiceClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyServiceClient.java
@@ -133,7 +133,7 @@ Mono encrypt(EncryptOptions encryptOptions, Context context) {
byte[] authenticatedData = encryptOptions.getAdditionalAuthenticatedData();
KeyOperationParameters parameters = new KeyOperationParameters()
.setAlgorithm(algorithm)
- .setValue(encryptOptions.getPlaintext())
+ .setValue(encryptOptions.getPlainText())
.setIv(iv)
.setAdditionalAuthenticatedData(authenticatedData);
context = context == null ? Context.NONE : context;
@@ -158,7 +158,7 @@ Mono decrypt(DecryptOptions decryptOptions, Context context) {
byte[] authenticationTag = decryptOptions.getAuthenticationTag();
KeyOperationParameters parameters = new KeyOperationParameters()
.setAlgorithm(algorithm)
- .setValue(decryptOptions.getCiphertext())
+ .setValue(decryptOptions.getCipherText())
.setIv(iv)
.setAdditionalAuthenticatedData(additionalAuthenticatedData)
.setAuthenticationTag(authenticationTag);
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/DecryptOptions.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/DecryptOptions.java
index 54dd9a8246e5b..7c7b7092a1590 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/DecryptOptions.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/DecryptOptions.java
@@ -20,7 +20,7 @@ public class DecryptOptions {
/**
* The content to be decrypted.
*/
- private final byte[] ciphertext;
+ private final byte[] cipherText;
/**
* Initialization vector to be used in the decryption operation using a symmetric algorithm.
@@ -41,51 +41,51 @@ public class DecryptOptions {
* Factory method to create an instance of {@link DecryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A128CBC}.
*
- * @param ciphertext The content to be decrypted.
+ * @param cipherText The content to be decrypted.
* @param iv Initialization vector for the decryption operation.
* @return The {@link DecryptOptions}.
*/
- public static DecryptOptions createAes128CbcOptions(byte[] ciphertext, byte[] iv) {
- return new DecryptOptions(EncryptionAlgorithm.A128CBC, ciphertext, iv, null, null);
+ public static DecryptOptions createAes128CbcOptions(byte[] cipherText, byte[] iv) {
+ return new DecryptOptions(EncryptionAlgorithm.A128CBC, cipherText, iv, null, null);
}
/**
* Factory method to create an instance of {@link DecryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A128CBCPAD}.
*
- * @param ciphertext The content to be decrypted.
+ * @param cipherText The content to be decrypted.
* @param iv Initialization vector for the decryption operation.
* @return The {@link DecryptOptions}.
*/
- public static DecryptOptions createAes128CbcPadOptions(byte[] ciphertext, byte[] iv) {
- return new DecryptOptions(EncryptionAlgorithm.A128CBCPAD, ciphertext, iv, null, null);
+ public static DecryptOptions createAes128CbcPadOptions(byte[] cipherText, byte[] iv) {
+ return new DecryptOptions(EncryptionAlgorithm.A128CBCPAD, cipherText, iv, null, null);
}
/**
* Factory method to create an instance of {@link DecryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A128GCM}.
*
- * @param ciphertext The content to be decrypted.
+ * @param cipherText The content to be decrypted.
* @param iv Initialization vector for the decryption operation.
* @param authenticationTag The tag to authenticate when performing decryption.
* @return The {@link DecryptOptions}.
*/
- public static DecryptOptions createAes128GcmOptions(byte[] ciphertext, byte[] iv, byte[] authenticationTag) {
- return createAes128GcmOptions(ciphertext, iv, authenticationTag, null);
+ public static DecryptOptions createAes128GcmOptions(byte[] cipherText, byte[] iv, byte[] authenticationTag) {
+ return createAes128GcmOptions(cipherText, iv, authenticationTag, null);
}
/**
* Factory method to create an instance of {@link DecryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A128GCM}.
*
- * @param ciphertext The content to be decrypted.
+ * @param cipherText The content to be decrypted.
* @param iv Initialization vector for the decryption operation.
* @param authenticationTag The tag to authenticate when performing decryption.
* @param additionalAuthenticatedData Additional data to authenticate when using authenticated crypto algorithms.
* @return The {@link DecryptOptions}.
*/
- public static DecryptOptions createAes128GcmOptions(byte[] ciphertext, byte[] iv, byte[] authenticationTag,
+ public static DecryptOptions createAes128GcmOptions(byte[] cipherText, byte[] iv, byte[] authenticationTag,
byte[] additionalAuthenticatedData) {
- return new DecryptOptions(EncryptionAlgorithm.A128GCM, ciphertext, iv, authenticationTag,
+ return new DecryptOptions(EncryptionAlgorithm.A128GCM, cipherText, iv, authenticationTag,
additionalAuthenticatedData);
}
@@ -93,103 +93,103 @@ public static DecryptOptions createAes128GcmOptions(byte[] ciphertext, byte[] iv
* Factory method to create an instance of {@link DecryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A192CBC}.
*
- * @param ciphertext The content to be decrypted.
+ * @param cipherText The content to be decrypted.
* @param iv Initialization vector for the decryption operation.
* @return The {@link DecryptOptions}.
*/
- public static DecryptOptions createAes192CbcOptions(byte[] ciphertext, byte[] iv) {
- return new DecryptOptions(EncryptionAlgorithm.A192CBC, ciphertext, iv, null, null);
+ public static DecryptOptions createAes192CbcOptions(byte[] cipherText, byte[] iv) {
+ return new DecryptOptions(EncryptionAlgorithm.A192CBC, cipherText, iv, null, null);
}
/**
* Factory method to create an instance of {@link DecryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A192CBCPAD}.
*
- * @param ciphertext The content to be decrypted.
+ * @param cipherText The content to be decrypted.
* @param iv Initialization vector for the decryption operation.
* @return The {@link DecryptOptions}.
*/
- public static DecryptOptions createAes192CbcPadOptions(byte[] ciphertext, byte[] iv) {
- return new DecryptOptions(EncryptionAlgorithm.A192CBCPAD, ciphertext, iv, null, null);
+ public static DecryptOptions createAes192CbcPadOptions(byte[] cipherText, byte[] iv) {
+ return new DecryptOptions(EncryptionAlgorithm.A192CBCPAD, cipherText, iv, null, null);
}
/**
* Factory method to create an instance of {@link DecryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A192GCM}.
*
- * @param ciphertext The content to be decrypted.
+ * @param cipherText The content to be decrypted.
* @param iv Initialization vector for the decryption operation.
* @param authenticationTag The tag to authenticate when performing decryption.
* @return The {@link DecryptOptions}.
*/
- public static DecryptOptions createAes192GcmOptions(byte[] ciphertext, byte[] iv, byte[] authenticationTag) {
- return createAes192GcmOptions(ciphertext, iv, authenticationTag, null);
+ public static DecryptOptions createAes192GcmOptions(byte[] cipherText, byte[] iv, byte[] authenticationTag) {
+ return createAes192GcmOptions(cipherText, iv, authenticationTag, null);
}
/**
* Factory method to create an instance of {@link DecryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A192GCM}.
*
- * @param ciphertext The content to be decrypted.
+ * @param cipherText The content to be decrypted.
* @param iv Initialization vector for the decryption operation.
* @param authenticationTag The tag to authenticate when performing decryption.
* @param additionalAuthenticatedData Additional data to authenticate when using authenticated crypto algorithms.
* @return The {@link DecryptOptions}.
*/
- public static DecryptOptions createAes192GcmOptions(byte[] ciphertext, byte[] iv, byte[] authenticationTag,
+ public static DecryptOptions createAes192GcmOptions(byte[] cipherText, byte[] iv, byte[] authenticationTag,
byte[] additionalAuthenticatedData) {
- return new DecryptOptions(EncryptionAlgorithm.A192GCM, ciphertext, iv, authenticationTag,
+ return new DecryptOptions(EncryptionAlgorithm.A192GCM, cipherText, iv, authenticationTag,
additionalAuthenticatedData);
}
/**
* Factory method to create an instance of {@link DecryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A256CBC}.
*
- * @param ciphertext The content to be decrypted.
+ * @param cipherText The content to be decrypted.
* @param iv Initialization vector for the decryption operation.
* @return The {@link DecryptOptions}.
*/
- public static DecryptOptions createAes256CbcOptions(byte[] ciphertext, byte[] iv) {
- return new DecryptOptions(EncryptionAlgorithm.A256CBC, ciphertext, iv, null, null);
+ public static DecryptOptions createAes256CbcOptions(byte[] cipherText, byte[] iv) {
+ return new DecryptOptions(EncryptionAlgorithm.A256CBC, cipherText, iv, null, null);
}
/**
* Factory method to create an instance of {@link DecryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A256CBCPAD}.
*
- * @param ciphertext The content to be decrypted.
+ * @param cipherText The content to be decrypted.
* @param iv Initialization vector for the decryption operation.
* @return The {@link DecryptOptions}.
*/
- public static DecryptOptions createAes256CbcPadOptions(byte[] ciphertext, byte[] iv) {
- return new DecryptOptions(EncryptionAlgorithm.A256CBCPAD, ciphertext, iv, null, null);
+ public static DecryptOptions createAes256CbcPadOptions(byte[] cipherText, byte[] iv) {
+ return new DecryptOptions(EncryptionAlgorithm.A256CBCPAD, cipherText, iv, null, null);
}
/**
* Factory method to create an instance of {@link DecryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A256GCM}.
*
- * @param ciphertext The content to be decrypted.
+ * @param cipherText The content to be decrypted.
* @param iv Initialization vector for the decryption operation.
* @param authenticationTag The tag to authenticate when performing decryption.
* @return The {@link DecryptOptions}.
*/
- public static DecryptOptions createAes256GcmOptions(byte[] ciphertext, byte[] iv, byte[] authenticationTag) {
- return createAes256GcmOptions(ciphertext, iv, authenticationTag, null);
+ public static DecryptOptions createAes256GcmOptions(byte[] cipherText, byte[] iv, byte[] authenticationTag) {
+ return createAes256GcmOptions(cipherText, iv, authenticationTag, null);
}
/**
* Factory method to create an instance of {@link DecryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A256GCM}.
*
- * @param ciphertext The content to be decrypted.
+ * @param cipherText The content to be decrypted.
* @param iv Initialization vector for the decryption operation.
* @param authenticationTag The tag to authenticate when performing decryption.
* @param additionalAuthenticatedData Additional data to authenticate when using authenticated crypto algorithms.
* @return The {@link DecryptOptions}.
*/
- public static DecryptOptions createAes256GcmOptions(byte[] ciphertext, byte[] iv, byte[] authenticationTag,
+ public static DecryptOptions createAes256GcmOptions(byte[] cipherText, byte[] iv, byte[] authenticationTag,
byte[] additionalAuthenticatedData) {
- return new DecryptOptions(EncryptionAlgorithm.A256GCM, ciphertext, iv, authenticationTag,
+ return new DecryptOptions(EncryptionAlgorithm.A256GCM, cipherText, iv, authenticationTag,
additionalAuthenticatedData);
}
@@ -197,18 +197,24 @@ public static DecryptOptions createAes256GcmOptions(byte[] ciphertext, byte[] iv
* Creates an instance of {@link DecryptOptions} with the given parameters.
*
* @param algorithm The algorithm to be used for decryption.
- * @param ciphertext The content to be decrypted.
+ * @param cipherText The content to be decrypted.
* @param iv Initialization vector for the decryption operation.
* @param authenticationTag The tag to authenticate when performing decryption.
* @param additionalAuthenticatedData Additional data to authenticate when using authenticated crypto algorithms.
*/
- DecryptOptions(EncryptionAlgorithm algorithm, byte[] ciphertext, byte[] iv, byte[] authenticationTag,
+ DecryptOptions(EncryptionAlgorithm algorithm, byte[] cipherText, byte[] iv, byte[] authenticationTag,
byte[] additionalAuthenticatedData) {
Objects.requireNonNull(algorithm, "Encryption algorithm cannot be null.");
- Objects.requireNonNull(ciphertext, "Cipher text content to be decrypted cannot be null.");
+ Objects.requireNonNull(cipherText, "Cipher text content to be decrypted cannot be null.");
+
+ if (algorithm == EncryptionAlgorithm.A128GCM || algorithm == EncryptionAlgorithm.A192GCM
+ || algorithm == EncryptionAlgorithm.A256GCM) {
+
+ Objects.requireNonNull(authenticationTag, "Authentication tag cannot be null for GCM encryption.");
+ }
this.algorithm = algorithm;
- this.ciphertext = CoreUtils.clone(ciphertext);
+ this.cipherText = CoreUtils.clone(cipherText);
this.iv = CoreUtils.clone(iv);
this.additionalAuthenticatedData = CoreUtils.clone(additionalAuthenticatedData);
this.authenticationTag = CoreUtils.clone(authenticationTag);
@@ -228,8 +234,8 @@ public EncryptionAlgorithm getAlgorithm() {
*
* @return The content to be decrypted.
*/
- public byte[] getCiphertext() {
- return CoreUtils.clone(ciphertext);
+ public byte[] getCipherText() {
+ return CoreUtils.clone(cipherText);
}
/**
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EncryptOptions.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EncryptOptions.java
index 92e551609cf31..0f4a3ffeca1f5 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EncryptOptions.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EncryptOptions.java
@@ -20,7 +20,7 @@ public class EncryptOptions {
/**
* The content to be encrypted.
*/
- private final byte[] plaintext;
+ private final byte[] plainText;
/**
* Initialization vector to be used in the encryption operation using a symmetric algorithm.
@@ -36,232 +36,232 @@ public class EncryptOptions {
* Factory method to create an instance of {@link EncryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A128CBC}.
*
- * @param plaintext The content to be encryption.
+ * @param plainText The content to be encryption.
* @return The {@link EncryptOptions}.
*/
- public static EncryptOptions createAes128CbcOptions(byte[] plaintext) {
- return createAes128CbcOptions(plaintext, null);
+ public static EncryptOptions createAes128CbcOptions(byte[] plainText) {
+ return createAes128CbcOptions(plainText, null);
}
/**
* Factory method to create an instance of {@link EncryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A128CBC}.
*
- * @param plaintext The content to be encryption.
+ * @param plainText The content to be encryption.
* @param iv Initialization vector for the encryption operation.
* @return The {@link EncryptOptions}.
*/
- public static EncryptOptions createAes128CbcOptions(byte[] plaintext, byte[] iv) {
- return new EncryptOptions(EncryptionAlgorithm.A128CBC, plaintext, iv, null);
+ public static EncryptOptions createAes128CbcOptions(byte[] plainText, byte[] iv) {
+ return new EncryptOptions(EncryptionAlgorithm.A128CBC, plainText, iv, null);
}
/**
* Factory method to create an instance of {@link EncryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A128CBCPAD}.
*
- * @param plaintext The content to be encryption.
+ * @param plainText The content to be encryption.
* @return The {@link EncryptOptions}.
*/
- public static EncryptOptions createAes128CbcPadOptions(byte[] plaintext) {
- return createAes128CbcPadOptions(plaintext, null);
+ public static EncryptOptions createAes128CbcPadOptions(byte[] plainText) {
+ return createAes128CbcPadOptions(plainText, null);
}
/**
* Factory method to create an instance of {@link EncryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A128CBCPAD}.
*
- * @param plaintext The content to be encryption.
+ * @param plainText The content to be encryption.
* @param iv Initialization vector for the encryption operation.
* @return The {@link EncryptOptions}.
*/
- public static EncryptOptions createAes128CbcPadOptions(byte[] plaintext, byte[] iv) {
- return new EncryptOptions(EncryptionAlgorithm.A128CBCPAD, plaintext, iv, null);
+ public static EncryptOptions createAes128CbcPadOptions(byte[] plainText, byte[] iv) {
+ return new EncryptOptions(EncryptionAlgorithm.A128CBCPAD, plainText, iv, null);
}
/**
* Factory method to create an instance of {@link EncryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A128GCM}.
*
- * @param plaintext The content to be encryption.
+ * @param plainText The content to be encryption.
* @param iv Initialization vector for the encryption operation.
* @return The {@link EncryptOptions}.
*/
- public static EncryptOptions createAes128GcmOptions(byte[] plaintext, byte[] iv) {
- return createAes128GcmOptions(plaintext, iv, null);
+ public static EncryptOptions createAes128GcmOptions(byte[] plainText, byte[] iv) {
+ return createAes128GcmOptions(plainText, iv, null);
}
/**
* Factory method to create an instance of {@link EncryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A128GCM}.
*
- * @param plaintext The content to be encryption.
+ * @param plainText The content to be encryption.
* @param iv Initialization vector for the encryption operation.
* @param additionalAuthenticatedData Additional data to authenticate when using authenticated crypto algorithms.
* @return The {@link EncryptOptions}.
*/
- public static EncryptOptions createAes128GcmOptions(byte[] plaintext, byte[] iv,
+ public static EncryptOptions createAes128GcmOptions(byte[] plainText, byte[] iv,
byte[] additionalAuthenticatedData) {
- return new EncryptOptions(EncryptionAlgorithm.A128GCM, plaintext, iv, additionalAuthenticatedData);
+ return new EncryptOptions(EncryptionAlgorithm.A128GCM, plainText, iv, additionalAuthenticatedData);
}
/**
* Factory method to create an instance of {@link EncryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A192CBC}.
*
- * @param plaintext The content to be encryption.
+ * @param plainText The content to be encryption.
* @return The {@link EncryptOptions}.
*/
- public static EncryptOptions createAes192CbcOptions(byte[] plaintext) {
- return createAes192CbcOptions(plaintext, null);
+ public static EncryptOptions createAes192CbcOptions(byte[] plainText) {
+ return createAes192CbcOptions(plainText, null);
}
/**
* Factory method to create an instance of {@link EncryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A192CBC}.
*
- * @param plaintext The content to be encryption.
+ * @param plainText The content to be encryption.
* @param iv Initialization vector for the encryption operation.
* @return The {@link EncryptOptions}.
*/
- public static EncryptOptions createAes192CbcOptions(byte[] plaintext, byte[] iv) {
- return new EncryptOptions(EncryptionAlgorithm.A192CBC, plaintext, iv, null);
+ public static EncryptOptions createAes192CbcOptions(byte[] plainText, byte[] iv) {
+ return new EncryptOptions(EncryptionAlgorithm.A192CBC, plainText, iv, null);
}
/**
* Factory method to create an instance of {@link EncryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A192CBCPAD}.
*
- * @param plaintext The content to be encryption.
+ * @param plainText The content to be encryption.
* @return The {@link EncryptOptions}.
*/
- public static EncryptOptions createAes192CbcPadOptions(byte[] plaintext) {
- return createAes192CbcPadOptions(plaintext, null);
+ public static EncryptOptions createAes192CbcPadOptions(byte[] plainText) {
+ return createAes192CbcPadOptions(plainText, null);
}
/**
* Factory method to create an instance of {@link EncryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A192CBCPAD}.
*
- * @param plaintext The content to be encryption.
+ * @param plainText The content to be encryption.
* @param iv Initialization vector for the encryption operation.
* @return The {@link EncryptOptions}.
*/
- public static EncryptOptions createAes192CbcPadOptions(byte[] plaintext, byte[] iv) {
- return new EncryptOptions(EncryptionAlgorithm.A192CBCPAD, plaintext, iv, null);
+ public static EncryptOptions createAes192CbcPadOptions(byte[] plainText, byte[] iv) {
+ return new EncryptOptions(EncryptionAlgorithm.A192CBCPAD, plainText, iv, null);
}
/**
* Factory method to create an instance of {@link EncryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A192GCM}.
*
- * @param plaintext The content to be encryption.
+ * @param plainText The content to be encryption.
* @param iv Initialization vector for the encryption operation.
* @return The {@link EncryptOptions}.
*/
- public static EncryptOptions createAes192GcmOptions(byte[] plaintext, byte[] iv) {
- return createAes192GcmOptions(plaintext, iv, null);
+ public static EncryptOptions createAes192GcmOptions(byte[] plainText, byte[] iv) {
+ return createAes192GcmOptions(plainText, iv, null);
}
/**
* Factory method to create an instance of {@link EncryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A192GCM}.
*
- * @param plaintext The content to be encryption.
+ * @param plainText The content to be encryption.
* @param iv Initialization vector for the encryption operation.
* @param additionalAuthenticatedData Additional data to authenticate when using authenticated crypto algorithms.
* @return The {@link EncryptOptions}.
*/
- public static EncryptOptions createAes192GcmOptions(byte[] plaintext, byte[] iv,
+ public static EncryptOptions createAes192GcmOptions(byte[] plainText, byte[] iv,
byte[] additionalAuthenticatedData) {
- return new EncryptOptions(EncryptionAlgorithm.A192GCM, plaintext, iv, additionalAuthenticatedData);
+ return new EncryptOptions(EncryptionAlgorithm.A192GCM, plainText, iv, additionalAuthenticatedData);
}
/**
* Factory method to create an instance of {@link EncryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A256CBC}.
*
- * @param plaintext The content to be encryption.
+ * @param plainText The content to be encryption.
* @return The {@link EncryptOptions}.
*/
- public static EncryptOptions createAes256CbcOptions(byte[] plaintext) {
- return createAes256CbcOptions(plaintext, null);
+ public static EncryptOptions createAes256CbcOptions(byte[] plainText) {
+ return createAes256CbcOptions(plainText, null);
}
/**
* Factory method to create an instance of {@link EncryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A256CBC}.
*
- * @param plaintext The content to be encryption.
+ * @param plainText The content to be encryption.
* @param iv Initialization vector for the encryption operation.
* @return The {@link EncryptOptions}.
*/
- public static EncryptOptions createAes256CbcOptions(byte[] plaintext, byte[] iv) {
- return new EncryptOptions(EncryptionAlgorithm.A256CBC, plaintext, iv, null);
+ public static EncryptOptions createAes256CbcOptions(byte[] plainText, byte[] iv) {
+ return new EncryptOptions(EncryptionAlgorithm.A256CBC, plainText, iv, null);
}
/**
* Factory method to create an instance of {@link EncryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A256CBCPAD}.
*
- * @param plaintext The content to be encryption.
+ * @param plainText The content to be encryption.
* @return The {@link EncryptOptions}.
*/
- public static EncryptOptions createAes256CbcPadOptions(byte[] plaintext) {
- return createAes256CbcPadOptions(plaintext, null);
+ public static EncryptOptions createAes256CbcPadOptions(byte[] plainText) {
+ return createAes256CbcPadOptions(plainText, null);
}
/**
* Factory method to create an instance of {@link EncryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A256CBCPAD}.
*
- * @param plaintext The content to be encryption.
+ * @param plainText The content to be encryption.
* @param iv Initialization vector for the encryption operation.
* @return The {@link EncryptOptions}.
*/
- public static EncryptOptions createAes256CbcPadOptions(byte[] plaintext, byte[] iv) {
- return new EncryptOptions(EncryptionAlgorithm.A256CBCPAD, plaintext, iv, null);
+ public static EncryptOptions createAes256CbcPadOptions(byte[] plainText, byte[] iv) {
+ return new EncryptOptions(EncryptionAlgorithm.A256CBCPAD, plainText, iv, null);
}
/**
* Factory method to create an instance of {@link EncryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A256GCM}.
*
- * @param plaintext The content to be encryption.
+ * @param plainText The content to be encryption.
* @param iv Initialization vector for the encryption operation.
* @return The {@link EncryptOptions}.
*/
- public static EncryptOptions createAes256GcmOptions(byte[] plaintext, byte[] iv) {
- return createAes256GcmOptions(plaintext, iv, null);
+ public static EncryptOptions createAes256GcmOptions(byte[] plainText, byte[] iv) {
+ return createAes256GcmOptions(plainText, iv, null);
}
/**
* Factory method to create an instance of {@link EncryptOptions} with the given parameters for
* {@link EncryptionAlgorithm#A256GCM}.
*
- * @param plaintext The content to be encryption.
+ * @param plainText The content to be encryption.
* @param iv Initialization vector for the encryption operation.
* @param additionalAuthenticatedData Additional data to authenticate when using authenticated crypto algorithms.
* @return The {@link EncryptOptions}.
*/
- public static EncryptOptions createAes256GcmOptions(byte[] plaintext, byte[] iv,
+ public static EncryptOptions createAes256GcmOptions(byte[] plainText, byte[] iv,
byte[] additionalAuthenticatedData) {
- return new EncryptOptions(EncryptionAlgorithm.A256GCM, plaintext, iv, additionalAuthenticatedData);
+ return new EncryptOptions(EncryptionAlgorithm.A256GCM, plainText, iv, additionalAuthenticatedData);
}
/**
* Creates an instance of {@link EncryptOptions} with the given parameters.
*
* @param algorithm The algorithm to be used for encryption.
- * @param plaintext The content to be encrypted.
+ * @param plainText The content to be encrypted.
* @param iv Initialization vector for the encryption operation.
* @param additionalAuthenticatedData Additional data to authenticate when using authenticated crypto algorithms.
*/
- EncryptOptions(EncryptionAlgorithm algorithm, byte[] plaintext, byte[] iv, byte[] additionalAuthenticatedData) {
+ EncryptOptions(EncryptionAlgorithm algorithm, byte[] plainText, byte[] iv, byte[] additionalAuthenticatedData) {
Objects.requireNonNull(algorithm, "Encryption algorithm cannot be null.");
- Objects.requireNonNull(plaintext, "Plain text content to be encrypted cannot be null.");
+ Objects.requireNonNull(plainText, "Plain text content to be encrypted cannot be null.");
this.algorithm = algorithm;
- this.plaintext = CoreUtils.clone(plaintext);
+ this.plainText = CoreUtils.clone(plainText);
this.iv = CoreUtils.clone(iv);
this.additionalAuthenticatedData = CoreUtils.clone(additionalAuthenticatedData);
}
@@ -280,8 +280,8 @@ public EncryptionAlgorithm getAlgorithm() {
*
* @return The content to be encrypted.
*/
- public byte[] getPlaintext() {
- return CoreUtils.clone(plaintext);
+ public byte[] getPlainText() {
+ return CoreUtils.clone(plainText);
}
/**
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClient.java
index 491f212e49b41..1d9f755a0885d 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClient.java
@@ -48,7 +48,7 @@ Mono getKeyId() {
* portion of the key is used for encryption. This operation requires the keys/encrypt permission.
*
* The {@link EncryptionAlgorithm encryption algorithm} indicates the type of algorithm to use for encrypting the
- * specified {@code plaintext}. Possible values for asymmetric keys include:
+ * specified {@code plainText}. Possible values for asymmetric keys include:
* {@link EncryptionAlgorithm#RSA1_5 RSA1_5}, {@link EncryptionAlgorithm#RSA_OAEP RSA_OAEP} and
* {@link EncryptionAlgorithm#RSA_OAEP_256 RSA_OAEP_256}.
*
@@ -66,14 +66,14 @@ Mono getKeyId() {
* {@codesnippet com.azure.security.keyvault.keys.cryptography.LocalCryptographyAsyncClient.encrypt#EncryptionAlgorithm-byte}
*
* @param algorithm The algorithm to be used for encryption.
- * @param plaintext The content to be encrypted.
+ * @param plainText The content to be encrypted.
* @return A {@link Mono} containing a {@link EncryptResult} whose {@link EncryptResult#getCipherText() cipher text}
* contains the encrypted content.
* @throws UnsupportedOperationException If the encrypt operation is not supported or configured on the key.
- * @throws NullPointerException if {@code algorithm} or {@code plaintext} is {@code null}.
+ * @throws NullPointerException if {@code algorithm} or {@code plainText} is {@code null}.
*/
- public Mono encrypt(EncryptionAlgorithm algorithm, byte[] plaintext) {
- return cryptographyAsyncClient.encrypt(algorithm, plaintext);
+ public Mono encrypt(EncryptionAlgorithm algorithm, byte[] plainText) {
+ return cryptographyAsyncClient.encrypt(algorithm, plainText);
}
/**
@@ -83,7 +83,7 @@ public Mono encrypt(EncryptionAlgorithm algorithm, byte[] plainte
* portion of the key is used for encryption. This operation requires the keys/encrypt permission.
*
* The {@link EncryptionAlgorithm encryption algorithm} indicates the type of algorithm to use for encrypting the
- * specified {@code plaintext}. Possible values for asymmetric keys include:
+ * specified {@code plainText}. Possible values for asymmetric keys include:
* {@link EncryptionAlgorithm#RSA1_5 RSA1_5}, {@link EncryptionAlgorithm#RSA_OAEP RSA_OAEP} and
* {@link EncryptionAlgorithm#RSA_OAEP_256 RSA_OAEP_256}.
*
@@ -135,13 +135,13 @@ public Mono encrypt(EncryptOptions encryptOptions) {
* {@codesnippet com.azure.security.keyvault.keys.cryptography.LocalCryptographyAsyncClient.decrypt#EncryptionAlgorithm-byte}
*
* @param algorithm The algorithm to be used for decryption.
- * @param ciphertext The content to be decrypted.
+ * @param cipherText The content to be decrypted.
* @return A {@link Mono} containing the decrypted blob.
* @throws UnsupportedOperationException If the decrypt operation is not supported or configured on the key.
- * @throws NullPointerException If {@code algorithm} or {@code ciphertext} are {@code null}.
+ * @throws NullPointerException If {@code algorithm} or {@code cipherText} are {@code null}.
*/
- public Mono decrypt(EncryptionAlgorithm algorithm, byte[] ciphertext) {
- return cryptographyAsyncClient.decrypt(algorithm, ciphertext);
+ public Mono decrypt(EncryptionAlgorithm algorithm, byte[] cipherText) {
+ return cryptographyAsyncClient.decrypt(algorithm, cipherText);
}
/**
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClient.java
index 2c55c84bfc0c4..3ddb58fed44bc 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClient.java
@@ -62,14 +62,14 @@ public class LocalCryptographyClient {
* {@codesnippet com.azure.security.keyvault.keys.cryptography.LocalCryptographyClient.encrypt#EncryptionAlgorithm-byte}
*
* @param algorithm The algorithm to be used for encryption.
- * @param plaintext The content to be encrypted.
+ * @param plainText The content to be encrypted.
* @return The {@link EncryptResult} whose {@link EncryptResult#getCipherText() cipher text} contains the encrypted
* content.
* @throws UnsupportedOperationException If the encrypt operation is not supported or configured on the key.
- * @throws NullPointerException If {@code decryptOptions} or {@code plaintext} is {@code null}.
+ * @throws NullPointerException If {@code decryptOptions} or {@code plainText} is {@code null}.
*/
- public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plaintext) {
- return client.encrypt(algorithm, plaintext).block();
+ public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plainText) {
+ return client.encrypt(algorithm, plainText).block();
}
/**
@@ -131,13 +131,13 @@ public EncryptResult encrypt(EncryptOptions encryptOptions) {
* {@codesnippet com.azure.security.keyvault.keys.cryptography.LocalCryptographyClient.decrypt#EncryptionAlgorithm-byte}
*
* @param algorithm The algorithm to be used for decryption.
- * @param ciphertext The content to be decrypted.
+ * @param cipherText The content to be decrypted.
* @return The decrypted blob.
* @throws UnsupportedOperationException If the decrypt operation is not supported or configured on the key.
- * @throws NullPointerException If {@code algorithm} or {@code ciphertext} is {@code null}.
+ * @throws NullPointerException If {@code algorithm} or {@code cipherText} is {@code null}.
*/
- public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] ciphertext) {
- return client.decrypt(algorithm, ciphertext).block();
+ public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] cipherText) {
+ return client.decrypt(algorithm, cipherText).block();
}
/**
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/Rsa15.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/Rsa15.java
index 5245441cd8809..ebc63e4e9eea8 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/Rsa15.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/Rsa15.java
@@ -33,9 +33,9 @@ static class Rsa15Decryptor implements ICryptoTransform {
}
@Override
- public byte[] doFinal(byte[] plaintext) throws IllegalBlockSizeException, BadPaddingException {
+ public byte[] doFinal(byte[] plainText) throws IllegalBlockSizeException, BadPaddingException {
- return cipher.doFinal(plaintext);
+ return cipher.doFinal(plainText);
}
}
@@ -59,9 +59,9 @@ static class Rsa15Encryptor implements ICryptoTransform {
}
@Override
- public byte[] doFinal(byte[] plaintext) throws IllegalBlockSizeException, BadPaddingException {
+ public byte[] doFinal(byte[] plainText) throws IllegalBlockSizeException, BadPaddingException {
- return cipher.doFinal(plaintext);
+ return cipher.doFinal(plainText);
}
}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/RsaKeyCryptographyClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/RsaKeyCryptographyClient.java
index 98827d4ab14d8..e6a3d34ee6cbf 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/RsaKeyCryptographyClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/RsaKeyCryptographyClient.java
@@ -56,7 +56,7 @@ private KeyPair getKeyPair(JsonWebKey key) {
Mono encryptAsync(EncryptOptions encryptOptions, Context context, JsonWebKey jsonWebKey) {
Objects.requireNonNull(encryptOptions, "'encryptOptions' cannot be null.");
Objects.requireNonNull(encryptOptions.getAlgorithm(), "Encryption algorithm cannot be null.");
- Objects.requireNonNull(encryptOptions.getPlaintext(), "Plain text content to be encrypted cannot be null.");
+ Objects.requireNonNull(encryptOptions.getPlainText(), "Plain text content to be encrypted cannot be null.");
keyPair = getKeyPair(jsonWebKey);
@@ -87,7 +87,7 @@ Mono encryptAsync(EncryptOptions encryptOptions, Context context,
try {
transform = algo.createEncryptor(keyPair);
- return Mono.just(new EncryptResult(transform.doFinal(encryptOptions.getPlaintext()), algorithm,
+ return Mono.just(new EncryptResult(transform.doFinal(encryptOptions.getPlainText()), algorithm,
jsonWebKey.getId()));
} catch (InvalidKeyException
| NoSuchAlgorithmException
@@ -102,7 +102,7 @@ Mono encryptAsync(EncryptOptions encryptOptions, Context context,
Mono decryptAsync(DecryptOptions decryptOptions, Context context, JsonWebKey jsonWebKey) {
Objects.requireNonNull(decryptOptions, "'decryptOptions' cannot be null.");
Objects.requireNonNull(decryptOptions.getAlgorithm(), "Encryption algorithm cannot be null.");
- Objects.requireNonNull(decryptOptions.getCiphertext(), "Cipher text content to be decrypted cannot be null.");
+ Objects.requireNonNull(decryptOptions.getCipherText(), "Cipher text content to be decrypted cannot be null.");
keyPair = getKeyPair(jsonWebKey);
@@ -133,7 +133,7 @@ Mono decryptAsync(DecryptOptions decryptOptions, Context context,
try {
transform = algo.createDecryptor(keyPair);
- return Mono.just(new DecryptResult(transform.doFinal(decryptOptions.getCiphertext()), algorithm,
+ return Mono.just(new DecryptResult(transform.doFinal(decryptOptions.getCipherText()), algorithm,
jsonWebKey.getId()));
} catch (InvalidKeyException
| NoSuchAlgorithmException
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/RsaOaep.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/RsaOaep.java
index a43a023fffd7f..d626676372059 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/RsaOaep.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/RsaOaep.java
@@ -33,9 +33,9 @@ static class RsaOaepDecryptor implements ICryptoTransform {
}
@Override
- public byte[] doFinal(byte[] plaintext) throws IllegalBlockSizeException, BadPaddingException {
+ public byte[] doFinal(byte[] plainText) throws IllegalBlockSizeException, BadPaddingException {
- return cipher.doFinal(plaintext);
+ return cipher.doFinal(plainText);
}
}
@@ -59,9 +59,9 @@ static class RsaOaepEncryptor implements ICryptoTransform {
}
@Override
- public byte[] doFinal(byte[] plaintext) throws IllegalBlockSizeException, BadPaddingException {
+ public byte[] doFinal(byte[] plainText) throws IllegalBlockSizeException, BadPaddingException {
- return cipher.doFinal(plaintext);
+ return cipher.doFinal(plainText);
}
}
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/SymmetricKeyCryptographyClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/SymmetricKeyCryptographyClient.java
index f253e52f8a23b..18c0d58f01903 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/SymmetricKeyCryptographyClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/SymmetricKeyCryptographyClient.java
@@ -96,7 +96,7 @@ Mono encryptAsync(EncryptOptions encryptOptions, Context context,
byte[] encrypted;
try {
- encrypted = transform.doFinal(encryptOptions.getPlaintext());
+ encrypted = transform.doFinal(encryptOptions.getPlainText());
} catch (Exception e) {
return Mono.error(e);
}
@@ -151,7 +151,7 @@ Mono decryptAsync(DecryptOptions decryptOptions, Context context,
byte[] decrypted;
try {
- decrypted = transform.doFinal(decryptOptions.getCiphertext());
+ decrypted = transform.doFinal(decryptOptions.getCipherText());
} catch (Exception e) {
return Mono.error(e);
}
From 155c40fdb631cd41e2c2d302f8f878b7466e79d8 Mon Sep 17 00:00:00 2001
From: Victor Colin Amador
Date: Thu, 12 Nov 2020 17:00:50 -0800
Subject: [PATCH 15/15] Added null check for `iv` in local decryption.
---
.../SymmetricKeyCryptographyClient.java | 16 ++--------------
1 file changed, 2 insertions(+), 14 deletions(-)
diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/SymmetricKeyCryptographyClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/SymmetricKeyCryptographyClient.java
index 18c0d58f01903..57316a94f979a 100644
--- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/SymmetricKeyCryptographyClient.java
+++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/SymmetricKeyCryptographyClient.java
@@ -19,6 +19,7 @@
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
+import java.util.Objects;
class SymmetricKeyCryptographyClient extends LocalKeyCryptographyClient {
private static final int CBC_BLOCK_SIZE = 16;
@@ -125,23 +126,10 @@ Mono decryptAsync(DecryptOptions decryptOptions, Context context,
ICryptoTransform transform;
- byte[] iv = decryptOptions.getIv();
+ byte[] iv = Objects.requireNonNull(decryptOptions.getIv(), "Initialization vector cannot be null in local decryption operations.");
byte[] additionalAuthenticatedData = decryptOptions.getAdditionalAuthenticatedData();
byte[] authenticationTag = decryptOptions.getAuthenticationTag();
- if (iv == null) {
- if (algorithm == EncryptionAlgorithm.A128GCM || algorithm == EncryptionAlgorithm.A192GCM
- || algorithm == EncryptionAlgorithm.A256GCM) {
-
- iv = generateRandomByteArray(GCM_NONCE_SIZE);
- } else if (algorithm == EncryptionAlgorithm.A128CBC || algorithm == EncryptionAlgorithm.A192CBC
- || algorithm == EncryptionAlgorithm.A256CBC || algorithm == EncryptionAlgorithm.A128CBCPAD
- || algorithm == EncryptionAlgorithm.A192CBCPAD || algorithm == EncryptionAlgorithm.A256CBCPAD) {
-
- iv = generateRandomByteArray(CBC_BLOCK_SIZE);
- }
- }
-
try {
transform = symmetricEncryptionAlgorithm.createDecryptor(this.key, iv, additionalAuthenticatedData, authenticationTag);
} catch (Exception e) {