From 65f70eca78c6c636807ce7b24c3e4b4310cd1737 Mon Sep 17 00:00:00 2001 From: vcolin7 Date: Thu, 12 Nov 2020 17:50:09 -0800 Subject: [PATCH] Added small changes that missed PR #17209 (#17552) * Added support for encryption AES encryption algorithms. * Added CryptographyOptions and ensured the initialization vector is populated before attempting to perform any local cryptography operations on symmetric keys. * Added APIs that accept CryptographyOptions to CryptographyClient. * Fixed Javadoc issues. * Fixed checkstyle issues. Added samples. * Added checkstyle exceptions. * Fixed test and spotbugs issues. * Applied PR feedback and added local tests. * Made the EncryptOptions and DecryptOptions constructor package-private, as well as their children's, and made them have factory methods for creating the former to help with discoverability. * Fixed build issues. * Changed EncryptOptions and DecryptOptions to use a factory model. * Added iv, additionalAuthenticatedDate and authenticationTag to EncryptResult. * Made `plainText` and `cipherText` all lowercase. * Reverted capitalization change. * Added null check for `iv` in local decryption. --- .../keyvault/keys/cryptography/AesCbc.java | 8 +- .../keyvault/keys/cryptography/AesCbcPad.java | 8 +- .../keyvault/keys/cryptography/AesGcm.java | 8 +- .../keyvault/keys/cryptography/AesKw.java | 8 +- .../cryptography/CryptographyAsyncClient.java | 20 +-- .../keys/cryptography/CryptographyClient.java | 32 ++--- .../CryptographyServiceClient.java | 4 +- .../keys/cryptography/DecryptOptions.java | 92 +++++++------ .../keys/cryptography/EncryptOptions.java | 122 +++++++++--------- .../LocalCryptographyAsyncClient.java | 20 +-- .../cryptography/LocalCryptographyClient.java | 16 +-- .../keyvault/keys/cryptography/Rsa15.java | 8 +- .../RsaKeyCryptographyClient.java | 8 +- .../keyvault/keys/cryptography/RsaOaep.java | 8 +- .../SymmetricKeyCryptographyClient.java | 20 +-- 15 files changed, 188 insertions(+), 194 deletions(-) diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbc.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbc.java index d72fdf079b7a5..c98d10ba05877 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbc.java +++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbc.java @@ -43,8 +43,8 @@ static class AesCbcEncryptor implements ICryptoTransform { } @Override - public byte[] doFinal(byte[] plaintext) throws IllegalBlockSizeException, BadPaddingException { - return cipher.doFinal(plaintext); + public byte[] doFinal(byte[] plainText) throws IllegalBlockSizeException, BadPaddingException { + return cipher.doFinal(plainText); } } @@ -65,8 +65,8 @@ static class AesCbcDecryptor implements ICryptoTransform { } @Override - public byte[] doFinal(byte[] plaintext) throws IllegalBlockSizeException, BadPaddingException { - return cipher.doFinal(plaintext); + public byte[] doFinal(byte[] plainText) throws IllegalBlockSizeException, BadPaddingException { + return cipher.doFinal(plainText); } } diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbcPad.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbcPad.java index 114f4f90e32a7..4e7230dd4072d 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbcPad.java +++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbcPad.java @@ -43,8 +43,8 @@ static class AesCbcPadEncryptor implements ICryptoTransform { } @Override - public byte[] doFinal(byte[] plaintext) throws IllegalBlockSizeException, BadPaddingException { - return cipher.doFinal(plaintext); + public byte[] doFinal(byte[] plainText) throws IllegalBlockSizeException, BadPaddingException { + return cipher.doFinal(plainText); } } @@ -65,8 +65,8 @@ static class AesCbcPadDecryptor implements ICryptoTransform { } @Override - public byte[] doFinal(byte[] plaintext) throws IllegalBlockSizeException, BadPaddingException { - return cipher.doFinal(plaintext); + public byte[] doFinal(byte[] plainText) throws IllegalBlockSizeException, BadPaddingException { + return cipher.doFinal(plainText); } } diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesGcm.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesGcm.java index d0a6ddd5e1465..eaf161c51339e 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesGcm.java +++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesGcm.java @@ -47,8 +47,8 @@ static class AesGcmEncryptor implements ICryptoTransform { } @Override - public byte[] doFinal(byte[] plaintext) throws IllegalBlockSizeException, BadPaddingException { - return cipher.doFinal(plaintext); + public byte[] doFinal(byte[] plainText) throws IllegalBlockSizeException, BadPaddingException { + return cipher.doFinal(plainText); } } @@ -75,8 +75,8 @@ static class AesGcmDecryptor implements ICryptoTransform { } @Override - public byte[] doFinal(byte[] plaintext) throws IllegalBlockSizeException, BadPaddingException { - return cipher.doFinal(plaintext); + public byte[] doFinal(byte[] plainText) throws IllegalBlockSizeException, BadPaddingException { + return cipher.doFinal(plainText); } } diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesKw.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesKw.java index e7fe66a1be746..05c16becc1f4b 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesKw.java +++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesKw.java @@ -48,10 +48,10 @@ static class AesKwDecryptor implements ICryptoTransform { } @Override - public byte[] doFinal(byte[] plaintext) + public byte[] doFinal(byte[] plainText) throws IllegalBlockSizeException, BadPaddingException, InvalidKeyException, NoSuchAlgorithmException { - return cipher.unwrap(plaintext, "AESWrap", Cipher.SECRET_KEY).getEncoded(); + return cipher.unwrap(plainText, "AESWrap", Cipher.SECRET_KEY).getEncoded(); } } @@ -81,10 +81,10 @@ static class AesKwEncryptor implements ICryptoTransform { } @Override - public byte[] doFinal(byte[] plaintext) + public byte[] doFinal(byte[] plainText) throws IllegalBlockSizeException, BadPaddingException, InvalidKeyException { - return cipher.wrap(new SecretKeySpec(plaintext, "AES")); + return cipher.wrap(new SecretKeySpec(plainText, "AES")); } } diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyAsyncClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyAsyncClient.java index 2c2b999c9c0fd..949d4554da6ef 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyAsyncClient.java +++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyAsyncClient.java @@ -196,7 +196,7 @@ Mono getSecretKey() { * portion of the key is used for encryption. This operation requires the keys/encrypt permission. * *

The {@link EncryptionAlgorithm encryption algorithm} indicates the type of algorithm to use for encrypting the - * specified {@code plaintext}. Possible values for asymmetric keys include: + * specified {@code plainText}. Possible values for asymmetric keys include: * {@link EncryptionAlgorithm#RSA1_5 RSA1_5}, {@link EncryptionAlgorithm#RSA_OAEP RSA_OAEP} and * {@link EncryptionAlgorithm#RSA_OAEP_256 RSA_OAEP_256}. * @@ -214,16 +214,16 @@ Mono getSecretKey() { * {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.encrypt#EncryptionAlgorithm-byte} * * @param algorithm The algorithm to be used for encryption. - * @param plaintext The content to be encrypted. + * @param plainText The content to be encrypted. * @return A {@link Mono} containing a {@link EncryptResult} whose {@link EncryptResult#getCipherText() cipher text} * contains the encrypted content. * @throws ResourceNotFoundException If the key cannot be found for encryption. * @throws UnsupportedOperationException If the encrypt operation is not supported or configured on the key. - * @throws NullPointerException If {@code algorithm} or {@code plaintext} are {@code null}. + * @throws NullPointerException If {@code algorithm} or {@code plainText} are {@code null}. */ @ServiceMethod(returns = ReturnType.SINGLE) - public Mono encrypt(EncryptionAlgorithm algorithm, byte[] plaintext) { - return encrypt(new EncryptOptions(algorithm, plaintext, null, null), null); + public Mono encrypt(EncryptionAlgorithm algorithm, byte[] plainText) { + return encrypt(new EncryptOptions(algorithm, plainText, null, null), null); } /** @@ -233,7 +233,7 @@ public Mono encrypt(EncryptionAlgorithm algorithm, byte[] plainte * portion of the key is used for encryption. This operation requires the keys/encrypt permission. * *

The {@link EncryptionAlgorithm encryption algorithm} indicates the type of algorithm to use for encrypting the - * specified {@code plaintext}. Possible values for asymmetric keys include: + * specified {@code plainText}. Possible values for asymmetric keys include: * {@link EncryptionAlgorithm#RSA1_5 RSA1_5}, {@link EncryptionAlgorithm#RSA_OAEP RSA_OAEP} and * {@link EncryptionAlgorithm#RSA_OAEP_256 RSA_OAEP_256}. * @@ -309,15 +309,15 @@ Mono encrypt(EncryptOptions encryptOptions, Context context) { * {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.decrypt#EncryptionAlgorithm-byte} * * @param algorithm The algorithm to be used for decryption. - * @param ciphertext The content to be decrypted. + * @param cipherText The content to be decrypted. * @return A {@link Mono} containing the decrypted blob. * @throws ResourceNotFoundException If the key cannot be found for decryption. * @throws UnsupportedOperationException If the decrypt operation is not supported or configured on the key. - * @throws NullPointerException If {@code algorithm} or {@code ciphertext} are {@code null}. + * @throws NullPointerException If {@code algorithm} or {@code cipherText} are {@code null}. */ @ServiceMethod(returns = ReturnType.SINGLE) - public Mono decrypt(EncryptionAlgorithm algorithm, byte[] ciphertext) { - return decrypt(new DecryptOptions(algorithm, ciphertext, null, null, null)); + public Mono decrypt(EncryptionAlgorithm algorithm, byte[] cipherText) { + return decrypt(new DecryptOptions(algorithm, cipherText, null, null, null)); } /** diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyClient.java index 790cfe5175367..75f6c7e555dc1 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyClient.java +++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyClient.java @@ -102,16 +102,16 @@ public Response getKeyWithResponse(Context context) { * {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyClient.encrypt#EncryptionAlgorithm-byte-Context} * * @param algorithm The algorithm to be used for encryption. - * @param plaintext The content to be encrypted. + * @param plainText The content to be encrypted. * @param context Additional context that is passed through the Http pipeline during the service call. * @return A {@link EncryptResult} whose {@link EncryptResult#getCipherText() cipher text} contains the encrypted * content. * @throws ResourceNotFoundException If the key cannot be found for encryption. * @throws UnsupportedOperationException If the encrypt operation is not supported or configured on the key. - * @throws NullPointerException If {@code algorithm} or {@code plaintext} are {@code null}. + * @throws NullPointerException If {@code algorithm} or {@code plainText} are {@code null}. */ - public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plaintext, Context context) { - return encrypt(new EncryptOptions(algorithm, plaintext, null, null), context); + public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plainText, Context context) { + return encrypt(new EncryptOptions(algorithm, plainText, null, null), context); } /** @@ -139,15 +139,15 @@ public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plaintext, Co * {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyClient.encrypt#EncryptionAlgorithm-byte} * * @param algorithm The algorithm to be used for encryption. - * @param plaintext The content to be encrypted. + * @param plainText The content to be encrypted. * @return The {@link EncryptResult} whose {@link EncryptResult#getCipherText() cipher text} contains the encrypted * content. * @throws ResourceNotFoundException If the key cannot be found for encryption. * @throws UnsupportedOperationException If the encrypt operation is not supported or configured on the key. - * @throws NullPointerException If {@code algorithm} or {@code plaintext} are {@code null}. + * @throws NullPointerException If {@code algorithm} or {@code plainText} are {@code null}. */ - public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plaintext) { - return encrypt(algorithm, plaintext, Context.NONE); + public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plainText) { + return encrypt(algorithm, plainText, Context.NONE); } /** @@ -211,15 +211,15 @@ public EncryptResult encrypt(EncryptOptions encryptOptions, Context context) { * {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyClient.decrypt#EncryptionAlgorithm-byte-Context} * * @param algorithm The algorithm to be used for decryption. - * @param ciphertext The content to be decrypted. + * @param cipherText The content to be decrypted. * @param context Additional context that is passed through the Http pipeline during the service call. * @return The decrypted blob. * @throws ResourceNotFoundException If the key cannot be found for encryption. * @throws UnsupportedOperationException If the decrypt operation is not supported or configured on the key. - * @throws NullPointerException If {@code algorithm} or {@code ciphertext} are {@code null}. + * @throws NullPointerException If {@code algorithm} or {@code cipherText} are {@code null}. */ - public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] ciphertext, Context context) { - return decrypt(new DecryptOptions(algorithm, ciphertext, null, null, null), context); + public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] cipherText, Context context) { + return decrypt(new DecryptOptions(algorithm, cipherText, null, null, null), context); } /** @@ -247,14 +247,14 @@ public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] ciphertext, C * {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyClient.decrypt#EncryptionAlgorithm-byte} * * @param algorithm The algorithm to be used for decryption. - * @param ciphertext The content to be decrypted. + * @param cipherText The content to be decrypted. * @return The decrypted blob. * @throws ResourceNotFoundException If the key cannot be found for encryption. * @throws UnsupportedOperationException If the decrypt operation is not supported or configured on the key. - * @throws NullPointerException If {@code algorithm} or {@code ciphertext} are {@code null}. + * @throws NullPointerException If {@code algorithm} or {@code cipherText} are {@code null}. */ - public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] ciphertext) { - return decrypt(new DecryptOptions(algorithm, ciphertext, null, null, null), Context.NONE); + public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] cipherText) { + return decrypt(new DecryptOptions(algorithm, cipherText, null, null, null), Context.NONE); } /** diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyServiceClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyServiceClient.java index 9a4a691d8ff1d..d6b22b16da1c2 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyServiceClient.java +++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyServiceClient.java @@ -133,7 +133,7 @@ Mono encrypt(EncryptOptions encryptOptions, Context context) { byte[] authenticatedData = encryptOptions.getAdditionalAuthenticatedData(); KeyOperationParameters parameters = new KeyOperationParameters() .setAlgorithm(algorithm) - .setValue(encryptOptions.getPlaintext()) + .setValue(encryptOptions.getPlainText()) .setIv(iv) .setAdditionalAuthenticatedData(authenticatedData); context = context == null ? Context.NONE : context; @@ -158,7 +158,7 @@ Mono decrypt(DecryptOptions decryptOptions, Context context) { byte[] authenticationTag = decryptOptions.getAuthenticationTag(); KeyOperationParameters parameters = new KeyOperationParameters() .setAlgorithm(algorithm) - .setValue(decryptOptions.getCiphertext()) + .setValue(decryptOptions.getCipherText()) .setIv(iv) .setAdditionalAuthenticatedData(additionalAuthenticatedData) .setAuthenticationTag(authenticationTag); diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/DecryptOptions.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/DecryptOptions.java index 54dd9a8246e5b..7c7b7092a1590 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/DecryptOptions.java +++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/DecryptOptions.java @@ -20,7 +20,7 @@ public class DecryptOptions { /** * The content to be decrypted. */ - private final byte[] ciphertext; + private final byte[] cipherText; /** * Initialization vector to be used in the decryption operation using a symmetric algorithm. @@ -41,51 +41,51 @@ public class DecryptOptions { * Factory method to create an instance of {@link DecryptOptions} with the given parameters for * {@link EncryptionAlgorithm#A128CBC}. * - * @param ciphertext The content to be decrypted. + * @param cipherText The content to be decrypted. * @param iv Initialization vector for the decryption operation. * @return The {@link DecryptOptions}. */ - public static DecryptOptions createAes128CbcOptions(byte[] ciphertext, byte[] iv) { - return new DecryptOptions(EncryptionAlgorithm.A128CBC, ciphertext, iv, null, null); + public static DecryptOptions createAes128CbcOptions(byte[] cipherText, byte[] iv) { + return new DecryptOptions(EncryptionAlgorithm.A128CBC, cipherText, iv, null, null); } /** * Factory method to create an instance of {@link DecryptOptions} with the given parameters for * {@link EncryptionAlgorithm#A128CBCPAD}. * - * @param ciphertext The content to be decrypted. + * @param cipherText The content to be decrypted. * @param iv Initialization vector for the decryption operation. * @return The {@link DecryptOptions}. */ - public static DecryptOptions createAes128CbcPadOptions(byte[] ciphertext, byte[] iv) { - return new DecryptOptions(EncryptionAlgorithm.A128CBCPAD, ciphertext, iv, null, null); + public static DecryptOptions createAes128CbcPadOptions(byte[] cipherText, byte[] iv) { + return new DecryptOptions(EncryptionAlgorithm.A128CBCPAD, cipherText, iv, null, null); } /** * Factory method to create an instance of {@link DecryptOptions} with the given parameters for * {@link EncryptionAlgorithm#A128GCM}. * - * @param ciphertext The content to be decrypted. + * @param cipherText The content to be decrypted. * @param iv Initialization vector for the decryption operation. * @param authenticationTag The tag to authenticate when performing decryption. * @return The {@link DecryptOptions}. */ - public static DecryptOptions createAes128GcmOptions(byte[] ciphertext, byte[] iv, byte[] authenticationTag) { - return createAes128GcmOptions(ciphertext, iv, authenticationTag, null); + public static DecryptOptions createAes128GcmOptions(byte[] cipherText, byte[] iv, byte[] authenticationTag) { + return createAes128GcmOptions(cipherText, iv, authenticationTag, null); } /** * Factory method to create an instance of {@link DecryptOptions} with the given parameters for * {@link EncryptionAlgorithm#A128GCM}. * - * @param ciphertext The content to be decrypted. + * @param cipherText The content to be decrypted. * @param iv Initialization vector for the decryption operation. * @param authenticationTag The tag to authenticate when performing decryption. * @param additionalAuthenticatedData Additional data to authenticate when using authenticated crypto algorithms. * @return The {@link DecryptOptions}. */ - public static DecryptOptions createAes128GcmOptions(byte[] ciphertext, byte[] iv, byte[] authenticationTag, + public static DecryptOptions createAes128GcmOptions(byte[] cipherText, byte[] iv, byte[] authenticationTag, byte[] additionalAuthenticatedData) { - return new DecryptOptions(EncryptionAlgorithm.A128GCM, ciphertext, iv, authenticationTag, + return new DecryptOptions(EncryptionAlgorithm.A128GCM, cipherText, iv, authenticationTag, additionalAuthenticatedData); } @@ -93,103 +93,103 @@ public static DecryptOptions createAes128GcmOptions(byte[] ciphertext, byte[] iv * Factory method to create an instance of {@link DecryptOptions} with the given parameters for * {@link EncryptionAlgorithm#A192CBC}. * - * @param ciphertext The content to be decrypted. + * @param cipherText The content to be decrypted. * @param iv Initialization vector for the decryption operation. * @return The {@link DecryptOptions}. */ - public static DecryptOptions createAes192CbcOptions(byte[] ciphertext, byte[] iv) { - return new DecryptOptions(EncryptionAlgorithm.A192CBC, ciphertext, iv, null, null); + public static DecryptOptions createAes192CbcOptions(byte[] cipherText, byte[] iv) { + return new DecryptOptions(EncryptionAlgorithm.A192CBC, cipherText, iv, null, null); } /** * Factory method to create an instance of {@link DecryptOptions} with the given parameters for * {@link EncryptionAlgorithm#A192CBCPAD}. * - * @param ciphertext The content to be decrypted. + * @param cipherText The content to be decrypted. * @param iv Initialization vector for the decryption operation. * @return The {@link DecryptOptions}. */ - public static DecryptOptions createAes192CbcPadOptions(byte[] ciphertext, byte[] iv) { - return new DecryptOptions(EncryptionAlgorithm.A192CBCPAD, ciphertext, iv, null, null); + public static DecryptOptions createAes192CbcPadOptions(byte[] cipherText, byte[] iv) { + return new DecryptOptions(EncryptionAlgorithm.A192CBCPAD, cipherText, iv, null, null); } /** * Factory method to create an instance of {@link DecryptOptions} with the given parameters for * {@link EncryptionAlgorithm#A192GCM}. * - * @param ciphertext The content to be decrypted. + * @param cipherText The content to be decrypted. * @param iv Initialization vector for the decryption operation. * @param authenticationTag The tag to authenticate when performing decryption. * @return The {@link DecryptOptions}. */ - public static DecryptOptions createAes192GcmOptions(byte[] ciphertext, byte[] iv, byte[] authenticationTag) { - return createAes192GcmOptions(ciphertext, iv, authenticationTag, null); + public static DecryptOptions createAes192GcmOptions(byte[] cipherText, byte[] iv, byte[] authenticationTag) { + return createAes192GcmOptions(cipherText, iv, authenticationTag, null); } /** * Factory method to create an instance of {@link DecryptOptions} with the given parameters for * {@link EncryptionAlgorithm#A192GCM}. * - * @param ciphertext The content to be decrypted. + * @param cipherText The content to be decrypted. * @param iv Initialization vector for the decryption operation. * @param authenticationTag The tag to authenticate when performing decryption. * @param additionalAuthenticatedData Additional data to authenticate when using authenticated crypto algorithms. * @return The {@link DecryptOptions}. */ - public static DecryptOptions createAes192GcmOptions(byte[] ciphertext, byte[] iv, byte[] authenticationTag, + public static DecryptOptions createAes192GcmOptions(byte[] cipherText, byte[] iv, byte[] authenticationTag, byte[] additionalAuthenticatedData) { - return new DecryptOptions(EncryptionAlgorithm.A192GCM, ciphertext, iv, authenticationTag, + return new DecryptOptions(EncryptionAlgorithm.A192GCM, cipherText, iv, authenticationTag, additionalAuthenticatedData); } /** * Factory method to create an instance of {@link DecryptOptions} with the given parameters for * {@link EncryptionAlgorithm#A256CBC}. * - * @param ciphertext The content to be decrypted. + * @param cipherText The content to be decrypted. * @param iv Initialization vector for the decryption operation. * @return The {@link DecryptOptions}. */ - public static DecryptOptions createAes256CbcOptions(byte[] ciphertext, byte[] iv) { - return new DecryptOptions(EncryptionAlgorithm.A256CBC, ciphertext, iv, null, null); + public static DecryptOptions createAes256CbcOptions(byte[] cipherText, byte[] iv) { + return new DecryptOptions(EncryptionAlgorithm.A256CBC, cipherText, iv, null, null); } /** * Factory method to create an instance of {@link DecryptOptions} with the given parameters for * {@link EncryptionAlgorithm#A256CBCPAD}. * - * @param ciphertext The content to be decrypted. + * @param cipherText The content to be decrypted. * @param iv Initialization vector for the decryption operation. * @return The {@link DecryptOptions}. */ - public static DecryptOptions createAes256CbcPadOptions(byte[] ciphertext, byte[] iv) { - return new DecryptOptions(EncryptionAlgorithm.A256CBCPAD, ciphertext, iv, null, null); + public static DecryptOptions createAes256CbcPadOptions(byte[] cipherText, byte[] iv) { + return new DecryptOptions(EncryptionAlgorithm.A256CBCPAD, cipherText, iv, null, null); } /** * Factory method to create an instance of {@link DecryptOptions} with the given parameters for * {@link EncryptionAlgorithm#A256GCM}. * - * @param ciphertext The content to be decrypted. + * @param cipherText The content to be decrypted. * @param iv Initialization vector for the decryption operation. * @param authenticationTag The tag to authenticate when performing decryption. * @return The {@link DecryptOptions}. */ - public static DecryptOptions createAes256GcmOptions(byte[] ciphertext, byte[] iv, byte[] authenticationTag) { - return createAes256GcmOptions(ciphertext, iv, authenticationTag, null); + public static DecryptOptions createAes256GcmOptions(byte[] cipherText, byte[] iv, byte[] authenticationTag) { + return createAes256GcmOptions(cipherText, iv, authenticationTag, null); } /** * Factory method to create an instance of {@link DecryptOptions} with the given parameters for * {@link EncryptionAlgorithm#A256GCM}. * - * @param ciphertext The content to be decrypted. + * @param cipherText The content to be decrypted. * @param iv Initialization vector for the decryption operation. * @param authenticationTag The tag to authenticate when performing decryption. * @param additionalAuthenticatedData Additional data to authenticate when using authenticated crypto algorithms. * @return The {@link DecryptOptions}. */ - public static DecryptOptions createAes256GcmOptions(byte[] ciphertext, byte[] iv, byte[] authenticationTag, + public static DecryptOptions createAes256GcmOptions(byte[] cipherText, byte[] iv, byte[] authenticationTag, byte[] additionalAuthenticatedData) { - return new DecryptOptions(EncryptionAlgorithm.A256GCM, ciphertext, iv, authenticationTag, + return new DecryptOptions(EncryptionAlgorithm.A256GCM, cipherText, iv, authenticationTag, additionalAuthenticatedData); } @@ -197,18 +197,24 @@ public static DecryptOptions createAes256GcmOptions(byte[] ciphertext, byte[] iv * Creates an instance of {@link DecryptOptions} with the given parameters. * * @param algorithm The algorithm to be used for decryption. - * @param ciphertext The content to be decrypted. + * @param cipherText The content to be decrypted. * @param iv Initialization vector for the decryption operation. * @param authenticationTag The tag to authenticate when performing decryption. * @param additionalAuthenticatedData Additional data to authenticate when using authenticated crypto algorithms. */ - DecryptOptions(EncryptionAlgorithm algorithm, byte[] ciphertext, byte[] iv, byte[] authenticationTag, + DecryptOptions(EncryptionAlgorithm algorithm, byte[] cipherText, byte[] iv, byte[] authenticationTag, byte[] additionalAuthenticatedData) { Objects.requireNonNull(algorithm, "Encryption algorithm cannot be null."); - Objects.requireNonNull(ciphertext, "Cipher text content to be decrypted cannot be null."); + Objects.requireNonNull(cipherText, "Cipher text content to be decrypted cannot be null."); + + if (algorithm == EncryptionAlgorithm.A128GCM || algorithm == EncryptionAlgorithm.A192GCM + || algorithm == EncryptionAlgorithm.A256GCM) { + + Objects.requireNonNull(authenticationTag, "Authentication tag cannot be null for GCM encryption."); + } this.algorithm = algorithm; - this.ciphertext = CoreUtils.clone(ciphertext); + this.cipherText = CoreUtils.clone(cipherText); this.iv = CoreUtils.clone(iv); this.additionalAuthenticatedData = CoreUtils.clone(additionalAuthenticatedData); this.authenticationTag = CoreUtils.clone(authenticationTag); @@ -228,8 +234,8 @@ public EncryptionAlgorithm getAlgorithm() { * * @return The content to be decrypted. */ - public byte[] getCiphertext() { - return CoreUtils.clone(ciphertext); + public byte[] getCipherText() { + return CoreUtils.clone(cipherText); } /** diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EncryptOptions.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EncryptOptions.java index 92e551609cf31..0f4a3ffeca1f5 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EncryptOptions.java +++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/EncryptOptions.java @@ -20,7 +20,7 @@ public class EncryptOptions { /** * The content to be encrypted. */ - private final byte[] plaintext; + private final byte[] plainText; /** * Initialization vector to be used in the encryption operation using a symmetric algorithm. @@ -36,232 +36,232 @@ public class EncryptOptions { * Factory method to create an instance of {@link EncryptOptions} with the given parameters for * {@link EncryptionAlgorithm#A128CBC}. * - * @param plaintext The content to be encryption. + * @param plainText The content to be encryption. * @return The {@link EncryptOptions}. */ - public static EncryptOptions createAes128CbcOptions(byte[] plaintext) { - return createAes128CbcOptions(plaintext, null); + public static EncryptOptions createAes128CbcOptions(byte[] plainText) { + return createAes128CbcOptions(plainText, null); } /** * Factory method to create an instance of {@link EncryptOptions} with the given parameters for * {@link EncryptionAlgorithm#A128CBC}. * - * @param plaintext The content to be encryption. + * @param plainText The content to be encryption. * @param iv Initialization vector for the encryption operation. * @return The {@link EncryptOptions}. */ - public static EncryptOptions createAes128CbcOptions(byte[] plaintext, byte[] iv) { - return new EncryptOptions(EncryptionAlgorithm.A128CBC, plaintext, iv, null); + public static EncryptOptions createAes128CbcOptions(byte[] plainText, byte[] iv) { + return new EncryptOptions(EncryptionAlgorithm.A128CBC, plainText, iv, null); } /** * Factory method to create an instance of {@link EncryptOptions} with the given parameters for * {@link EncryptionAlgorithm#A128CBCPAD}. * - * @param plaintext The content to be encryption. + * @param plainText The content to be encryption. * @return The {@link EncryptOptions}. */ - public static EncryptOptions createAes128CbcPadOptions(byte[] plaintext) { - return createAes128CbcPadOptions(plaintext, null); + public static EncryptOptions createAes128CbcPadOptions(byte[] plainText) { + return createAes128CbcPadOptions(plainText, null); } /** * Factory method to create an instance of {@link EncryptOptions} with the given parameters for * {@link EncryptionAlgorithm#A128CBCPAD}. * - * @param plaintext The content to be encryption. + * @param plainText The content to be encryption. * @param iv Initialization vector for the encryption operation. * @return The {@link EncryptOptions}. */ - public static EncryptOptions createAes128CbcPadOptions(byte[] plaintext, byte[] iv) { - return new EncryptOptions(EncryptionAlgorithm.A128CBCPAD, plaintext, iv, null); + public static EncryptOptions createAes128CbcPadOptions(byte[] plainText, byte[] iv) { + return new EncryptOptions(EncryptionAlgorithm.A128CBCPAD, plainText, iv, null); } /** * Factory method to create an instance of {@link EncryptOptions} with the given parameters for * {@link EncryptionAlgorithm#A128GCM}. * - * @param plaintext The content to be encryption. + * @param plainText The content to be encryption. * @param iv Initialization vector for the encryption operation. * @return The {@link EncryptOptions}. */ - public static EncryptOptions createAes128GcmOptions(byte[] plaintext, byte[] iv) { - return createAes128GcmOptions(plaintext, iv, null); + public static EncryptOptions createAes128GcmOptions(byte[] plainText, byte[] iv) { + return createAes128GcmOptions(plainText, iv, null); } /** * Factory method to create an instance of {@link EncryptOptions} with the given parameters for * {@link EncryptionAlgorithm#A128GCM}. * - * @param plaintext The content to be encryption. + * @param plainText The content to be encryption. * @param iv Initialization vector for the encryption operation. * @param additionalAuthenticatedData Additional data to authenticate when using authenticated crypto algorithms. * @return The {@link EncryptOptions}. */ - public static EncryptOptions createAes128GcmOptions(byte[] plaintext, byte[] iv, + public static EncryptOptions createAes128GcmOptions(byte[] plainText, byte[] iv, byte[] additionalAuthenticatedData) { - return new EncryptOptions(EncryptionAlgorithm.A128GCM, plaintext, iv, additionalAuthenticatedData); + return new EncryptOptions(EncryptionAlgorithm.A128GCM, plainText, iv, additionalAuthenticatedData); } /** * Factory method to create an instance of {@link EncryptOptions} with the given parameters for * {@link EncryptionAlgorithm#A192CBC}. * - * @param plaintext The content to be encryption. + * @param plainText The content to be encryption. * @return The {@link EncryptOptions}. */ - public static EncryptOptions createAes192CbcOptions(byte[] plaintext) { - return createAes192CbcOptions(plaintext, null); + public static EncryptOptions createAes192CbcOptions(byte[] plainText) { + return createAes192CbcOptions(plainText, null); } /** * Factory method to create an instance of {@link EncryptOptions} with the given parameters for * {@link EncryptionAlgorithm#A192CBC}. * - * @param plaintext The content to be encryption. + * @param plainText The content to be encryption. * @param iv Initialization vector for the encryption operation. * @return The {@link EncryptOptions}. */ - public static EncryptOptions createAes192CbcOptions(byte[] plaintext, byte[] iv) { - return new EncryptOptions(EncryptionAlgorithm.A192CBC, plaintext, iv, null); + public static EncryptOptions createAes192CbcOptions(byte[] plainText, byte[] iv) { + return new EncryptOptions(EncryptionAlgorithm.A192CBC, plainText, iv, null); } /** * Factory method to create an instance of {@link EncryptOptions} with the given parameters for * {@link EncryptionAlgorithm#A192CBCPAD}. * - * @param plaintext The content to be encryption. + * @param plainText The content to be encryption. * @return The {@link EncryptOptions}. */ - public static EncryptOptions createAes192CbcPadOptions(byte[] plaintext) { - return createAes192CbcPadOptions(plaintext, null); + public static EncryptOptions createAes192CbcPadOptions(byte[] plainText) { + return createAes192CbcPadOptions(plainText, null); } /** * Factory method to create an instance of {@link EncryptOptions} with the given parameters for * {@link EncryptionAlgorithm#A192CBCPAD}. * - * @param plaintext The content to be encryption. + * @param plainText The content to be encryption. * @param iv Initialization vector for the encryption operation. * @return The {@link EncryptOptions}. */ - public static EncryptOptions createAes192CbcPadOptions(byte[] plaintext, byte[] iv) { - return new EncryptOptions(EncryptionAlgorithm.A192CBCPAD, plaintext, iv, null); + public static EncryptOptions createAes192CbcPadOptions(byte[] plainText, byte[] iv) { + return new EncryptOptions(EncryptionAlgorithm.A192CBCPAD, plainText, iv, null); } /** * Factory method to create an instance of {@link EncryptOptions} with the given parameters for * {@link EncryptionAlgorithm#A192GCM}. * - * @param plaintext The content to be encryption. + * @param plainText The content to be encryption. * @param iv Initialization vector for the encryption operation. * @return The {@link EncryptOptions}. */ - public static EncryptOptions createAes192GcmOptions(byte[] plaintext, byte[] iv) { - return createAes192GcmOptions(plaintext, iv, null); + public static EncryptOptions createAes192GcmOptions(byte[] plainText, byte[] iv) { + return createAes192GcmOptions(plainText, iv, null); } /** * Factory method to create an instance of {@link EncryptOptions} with the given parameters for * {@link EncryptionAlgorithm#A192GCM}. * - * @param plaintext The content to be encryption. + * @param plainText The content to be encryption. * @param iv Initialization vector for the encryption operation. * @param additionalAuthenticatedData Additional data to authenticate when using authenticated crypto algorithms. * @return The {@link EncryptOptions}. */ - public static EncryptOptions createAes192GcmOptions(byte[] plaintext, byte[] iv, + public static EncryptOptions createAes192GcmOptions(byte[] plainText, byte[] iv, byte[] additionalAuthenticatedData) { - return new EncryptOptions(EncryptionAlgorithm.A192GCM, plaintext, iv, additionalAuthenticatedData); + return new EncryptOptions(EncryptionAlgorithm.A192GCM, plainText, iv, additionalAuthenticatedData); } /** * Factory method to create an instance of {@link EncryptOptions} with the given parameters for * {@link EncryptionAlgorithm#A256CBC}. * - * @param plaintext The content to be encryption. + * @param plainText The content to be encryption. * @return The {@link EncryptOptions}. */ - public static EncryptOptions createAes256CbcOptions(byte[] plaintext) { - return createAes256CbcOptions(plaintext, null); + public static EncryptOptions createAes256CbcOptions(byte[] plainText) { + return createAes256CbcOptions(plainText, null); } /** * Factory method to create an instance of {@link EncryptOptions} with the given parameters for * {@link EncryptionAlgorithm#A256CBC}. * - * @param plaintext The content to be encryption. + * @param plainText The content to be encryption. * @param iv Initialization vector for the encryption operation. * @return The {@link EncryptOptions}. */ - public static EncryptOptions createAes256CbcOptions(byte[] plaintext, byte[] iv) { - return new EncryptOptions(EncryptionAlgorithm.A256CBC, plaintext, iv, null); + public static EncryptOptions createAes256CbcOptions(byte[] plainText, byte[] iv) { + return new EncryptOptions(EncryptionAlgorithm.A256CBC, plainText, iv, null); } /** * Factory method to create an instance of {@link EncryptOptions} with the given parameters for * {@link EncryptionAlgorithm#A256CBCPAD}. * - * @param plaintext The content to be encryption. + * @param plainText The content to be encryption. * @return The {@link EncryptOptions}. */ - public static EncryptOptions createAes256CbcPadOptions(byte[] plaintext) { - return createAes256CbcPadOptions(plaintext, null); + public static EncryptOptions createAes256CbcPadOptions(byte[] plainText) { + return createAes256CbcPadOptions(plainText, null); } /** * Factory method to create an instance of {@link EncryptOptions} with the given parameters for * {@link EncryptionAlgorithm#A256CBCPAD}. * - * @param plaintext The content to be encryption. + * @param plainText The content to be encryption. * @param iv Initialization vector for the encryption operation. * @return The {@link EncryptOptions}. */ - public static EncryptOptions createAes256CbcPadOptions(byte[] plaintext, byte[] iv) { - return new EncryptOptions(EncryptionAlgorithm.A256CBCPAD, plaintext, iv, null); + public static EncryptOptions createAes256CbcPadOptions(byte[] plainText, byte[] iv) { + return new EncryptOptions(EncryptionAlgorithm.A256CBCPAD, plainText, iv, null); } /** * Factory method to create an instance of {@link EncryptOptions} with the given parameters for * {@link EncryptionAlgorithm#A256GCM}. * - * @param plaintext The content to be encryption. + * @param plainText The content to be encryption. * @param iv Initialization vector for the encryption operation. * @return The {@link EncryptOptions}. */ - public static EncryptOptions createAes256GcmOptions(byte[] plaintext, byte[] iv) { - return createAes256GcmOptions(plaintext, iv, null); + public static EncryptOptions createAes256GcmOptions(byte[] plainText, byte[] iv) { + return createAes256GcmOptions(plainText, iv, null); } /** * Factory method to create an instance of {@link EncryptOptions} with the given parameters for * {@link EncryptionAlgorithm#A256GCM}. * - * @param plaintext The content to be encryption. + * @param plainText The content to be encryption. * @param iv Initialization vector for the encryption operation. * @param additionalAuthenticatedData Additional data to authenticate when using authenticated crypto algorithms. * @return The {@link EncryptOptions}. */ - public static EncryptOptions createAes256GcmOptions(byte[] plaintext, byte[] iv, + public static EncryptOptions createAes256GcmOptions(byte[] plainText, byte[] iv, byte[] additionalAuthenticatedData) { - return new EncryptOptions(EncryptionAlgorithm.A256GCM, plaintext, iv, additionalAuthenticatedData); + return new EncryptOptions(EncryptionAlgorithm.A256GCM, plainText, iv, additionalAuthenticatedData); } /** * Creates an instance of {@link EncryptOptions} with the given parameters. * * @param algorithm The algorithm to be used for encryption. - * @param plaintext The content to be encrypted. + * @param plainText The content to be encrypted. * @param iv Initialization vector for the encryption operation. * @param additionalAuthenticatedData Additional data to authenticate when using authenticated crypto algorithms. */ - EncryptOptions(EncryptionAlgorithm algorithm, byte[] plaintext, byte[] iv, byte[] additionalAuthenticatedData) { + EncryptOptions(EncryptionAlgorithm algorithm, byte[] plainText, byte[] iv, byte[] additionalAuthenticatedData) { Objects.requireNonNull(algorithm, "Encryption algorithm cannot be null."); - Objects.requireNonNull(plaintext, "Plain text content to be encrypted cannot be null."); + Objects.requireNonNull(plainText, "Plain text content to be encrypted cannot be null."); this.algorithm = algorithm; - this.plaintext = CoreUtils.clone(plaintext); + this.plainText = CoreUtils.clone(plainText); this.iv = CoreUtils.clone(iv); this.additionalAuthenticatedData = CoreUtils.clone(additionalAuthenticatedData); } @@ -280,8 +280,8 @@ public EncryptionAlgorithm getAlgorithm() { * * @return The content to be encrypted. */ - public byte[] getPlaintext() { - return CoreUtils.clone(plaintext); + public byte[] getPlainText() { + return CoreUtils.clone(plainText); } /** diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClient.java index 491f212e49b41..1d9f755a0885d 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClient.java +++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyAsyncClient.java @@ -48,7 +48,7 @@ Mono getKeyId() { * portion of the key is used for encryption. This operation requires the keys/encrypt permission. * *

The {@link EncryptionAlgorithm encryption algorithm} indicates the type of algorithm to use for encrypting the - * specified {@code plaintext}. Possible values for asymmetric keys include: + * specified {@code plainText}. Possible values for asymmetric keys include: * {@link EncryptionAlgorithm#RSA1_5 RSA1_5}, {@link EncryptionAlgorithm#RSA_OAEP RSA_OAEP} and * {@link EncryptionAlgorithm#RSA_OAEP_256 RSA_OAEP_256}. * @@ -66,14 +66,14 @@ Mono getKeyId() { * {@codesnippet com.azure.security.keyvault.keys.cryptography.LocalCryptographyAsyncClient.encrypt#EncryptionAlgorithm-byte} * * @param algorithm The algorithm to be used for encryption. - * @param plaintext The content to be encrypted. + * @param plainText The content to be encrypted. * @return A {@link Mono} containing a {@link EncryptResult} whose {@link EncryptResult#getCipherText() cipher text} * contains the encrypted content. * @throws UnsupportedOperationException If the encrypt operation is not supported or configured on the key. - * @throws NullPointerException if {@code algorithm} or {@code plaintext} is {@code null}. + * @throws NullPointerException if {@code algorithm} or {@code plainText} is {@code null}. */ - public Mono encrypt(EncryptionAlgorithm algorithm, byte[] plaintext) { - return cryptographyAsyncClient.encrypt(algorithm, plaintext); + public Mono encrypt(EncryptionAlgorithm algorithm, byte[] plainText) { + return cryptographyAsyncClient.encrypt(algorithm, plainText); } /** @@ -83,7 +83,7 @@ public Mono encrypt(EncryptionAlgorithm algorithm, byte[] plainte * portion of the key is used for encryption. This operation requires the keys/encrypt permission. * *

The {@link EncryptionAlgorithm encryption algorithm} indicates the type of algorithm to use for encrypting the - * specified {@code plaintext}. Possible values for asymmetric keys include: + * specified {@code plainText}. Possible values for asymmetric keys include: * {@link EncryptionAlgorithm#RSA1_5 RSA1_5}, {@link EncryptionAlgorithm#RSA_OAEP RSA_OAEP} and * {@link EncryptionAlgorithm#RSA_OAEP_256 RSA_OAEP_256}. * @@ -135,13 +135,13 @@ public Mono encrypt(EncryptOptions encryptOptions) { * {@codesnippet com.azure.security.keyvault.keys.cryptography.LocalCryptographyAsyncClient.decrypt#EncryptionAlgorithm-byte} * * @param algorithm The algorithm to be used for decryption. - * @param ciphertext The content to be decrypted. + * @param cipherText The content to be decrypted. * @return A {@link Mono} containing the decrypted blob. * @throws UnsupportedOperationException If the decrypt operation is not supported or configured on the key. - * @throws NullPointerException If {@code algorithm} or {@code ciphertext} are {@code null}. + * @throws NullPointerException If {@code algorithm} or {@code cipherText} are {@code null}. */ - public Mono decrypt(EncryptionAlgorithm algorithm, byte[] ciphertext) { - return cryptographyAsyncClient.decrypt(algorithm, ciphertext); + public Mono decrypt(EncryptionAlgorithm algorithm, byte[] cipherText) { + return cryptographyAsyncClient.decrypt(algorithm, cipherText); } /** diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClient.java index 2c55c84bfc0c4..3ddb58fed44bc 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClient.java +++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/LocalCryptographyClient.java @@ -62,14 +62,14 @@ public class LocalCryptographyClient { * {@codesnippet com.azure.security.keyvault.keys.cryptography.LocalCryptographyClient.encrypt#EncryptionAlgorithm-byte} * * @param algorithm The algorithm to be used for encryption. - * @param plaintext The content to be encrypted. + * @param plainText The content to be encrypted. * @return The {@link EncryptResult} whose {@link EncryptResult#getCipherText() cipher text} contains the encrypted * content. * @throws UnsupportedOperationException If the encrypt operation is not supported or configured on the key. - * @throws NullPointerException If {@code decryptOptions} or {@code plaintext} is {@code null}. + * @throws NullPointerException If {@code decryptOptions} or {@code plainText} is {@code null}. */ - public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plaintext) { - return client.encrypt(algorithm, plaintext).block(); + public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plainText) { + return client.encrypt(algorithm, plainText).block(); } /** @@ -131,13 +131,13 @@ public EncryptResult encrypt(EncryptOptions encryptOptions) { * {@codesnippet com.azure.security.keyvault.keys.cryptography.LocalCryptographyClient.decrypt#EncryptionAlgorithm-byte} * * @param algorithm The algorithm to be used for decryption. - * @param ciphertext The content to be decrypted. + * @param cipherText The content to be decrypted. * @return The decrypted blob. * @throws UnsupportedOperationException If the decrypt operation is not supported or configured on the key. - * @throws NullPointerException If {@code algorithm} or {@code ciphertext} is {@code null}. + * @throws NullPointerException If {@code algorithm} or {@code cipherText} is {@code null}. */ - public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] ciphertext) { - return client.decrypt(algorithm, ciphertext).block(); + public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] cipherText) { + return client.decrypt(algorithm, cipherText).block(); } /** diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/Rsa15.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/Rsa15.java index 5245441cd8809..ebc63e4e9eea8 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/Rsa15.java +++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/Rsa15.java @@ -33,9 +33,9 @@ static class Rsa15Decryptor implements ICryptoTransform { } @Override - public byte[] doFinal(byte[] plaintext) throws IllegalBlockSizeException, BadPaddingException { + public byte[] doFinal(byte[] plainText) throws IllegalBlockSizeException, BadPaddingException { - return cipher.doFinal(plaintext); + return cipher.doFinal(plainText); } } @@ -59,9 +59,9 @@ static class Rsa15Encryptor implements ICryptoTransform { } @Override - public byte[] doFinal(byte[] plaintext) throws IllegalBlockSizeException, BadPaddingException { + public byte[] doFinal(byte[] plainText) throws IllegalBlockSizeException, BadPaddingException { - return cipher.doFinal(plaintext); + return cipher.doFinal(plainText); } } diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/RsaKeyCryptographyClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/RsaKeyCryptographyClient.java index 98827d4ab14d8..e6a3d34ee6cbf 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/RsaKeyCryptographyClient.java +++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/RsaKeyCryptographyClient.java @@ -56,7 +56,7 @@ private KeyPair getKeyPair(JsonWebKey key) { Mono encryptAsync(EncryptOptions encryptOptions, Context context, JsonWebKey jsonWebKey) { Objects.requireNonNull(encryptOptions, "'encryptOptions' cannot be null."); Objects.requireNonNull(encryptOptions.getAlgorithm(), "Encryption algorithm cannot be null."); - Objects.requireNonNull(encryptOptions.getPlaintext(), "Plain text content to be encrypted cannot be null."); + Objects.requireNonNull(encryptOptions.getPlainText(), "Plain text content to be encrypted cannot be null."); keyPair = getKeyPair(jsonWebKey); @@ -87,7 +87,7 @@ Mono encryptAsync(EncryptOptions encryptOptions, Context context, try { transform = algo.createEncryptor(keyPair); - return Mono.just(new EncryptResult(transform.doFinal(encryptOptions.getPlaintext()), algorithm, + return Mono.just(new EncryptResult(transform.doFinal(encryptOptions.getPlainText()), algorithm, jsonWebKey.getId())); } catch (InvalidKeyException | NoSuchAlgorithmException @@ -102,7 +102,7 @@ Mono encryptAsync(EncryptOptions encryptOptions, Context context, Mono decryptAsync(DecryptOptions decryptOptions, Context context, JsonWebKey jsonWebKey) { Objects.requireNonNull(decryptOptions, "'decryptOptions' cannot be null."); Objects.requireNonNull(decryptOptions.getAlgorithm(), "Encryption algorithm cannot be null."); - Objects.requireNonNull(decryptOptions.getCiphertext(), "Cipher text content to be decrypted cannot be null."); + Objects.requireNonNull(decryptOptions.getCipherText(), "Cipher text content to be decrypted cannot be null."); keyPair = getKeyPair(jsonWebKey); @@ -133,7 +133,7 @@ Mono decryptAsync(DecryptOptions decryptOptions, Context context, try { transform = algo.createDecryptor(keyPair); - return Mono.just(new DecryptResult(transform.doFinal(decryptOptions.getCiphertext()), algorithm, + return Mono.just(new DecryptResult(transform.doFinal(decryptOptions.getCipherText()), algorithm, jsonWebKey.getId())); } catch (InvalidKeyException | NoSuchAlgorithmException diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/RsaOaep.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/RsaOaep.java index a43a023fffd7f..d626676372059 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/RsaOaep.java +++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/RsaOaep.java @@ -33,9 +33,9 @@ static class RsaOaepDecryptor implements ICryptoTransform { } @Override - public byte[] doFinal(byte[] plaintext) throws IllegalBlockSizeException, BadPaddingException { + public byte[] doFinal(byte[] plainText) throws IllegalBlockSizeException, BadPaddingException { - return cipher.doFinal(plaintext); + return cipher.doFinal(plainText); } } @@ -59,9 +59,9 @@ static class RsaOaepEncryptor implements ICryptoTransform { } @Override - public byte[] doFinal(byte[] plaintext) throws IllegalBlockSizeException, BadPaddingException { + public byte[] doFinal(byte[] plainText) throws IllegalBlockSizeException, BadPaddingException { - return cipher.doFinal(plaintext); + return cipher.doFinal(plainText); } } diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/SymmetricKeyCryptographyClient.java b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/SymmetricKeyCryptographyClient.java index f253e52f8a23b..57316a94f979a 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/SymmetricKeyCryptographyClient.java +++ b/sdk/keyvault/azure-security-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/SymmetricKeyCryptographyClient.java @@ -19,6 +19,7 @@ import java.security.NoSuchAlgorithmException; import java.security.SecureRandom; +import java.util.Objects; class SymmetricKeyCryptographyClient extends LocalKeyCryptographyClient { private static final int CBC_BLOCK_SIZE = 16; @@ -96,7 +97,7 @@ Mono encryptAsync(EncryptOptions encryptOptions, Context context, byte[] encrypted; try { - encrypted = transform.doFinal(encryptOptions.getPlaintext()); + encrypted = transform.doFinal(encryptOptions.getPlainText()); } catch (Exception e) { return Mono.error(e); } @@ -125,23 +126,10 @@ Mono decryptAsync(DecryptOptions decryptOptions, Context context, ICryptoTransform transform; - byte[] iv = decryptOptions.getIv(); + byte[] iv = Objects.requireNonNull(decryptOptions.getIv(), "Initialization vector cannot be null in local decryption operations."); byte[] additionalAuthenticatedData = decryptOptions.getAdditionalAuthenticatedData(); byte[] authenticationTag = decryptOptions.getAuthenticationTag(); - if (iv == null) { - if (algorithm == EncryptionAlgorithm.A128GCM || algorithm == EncryptionAlgorithm.A192GCM - || algorithm == EncryptionAlgorithm.A256GCM) { - - iv = generateRandomByteArray(GCM_NONCE_SIZE); - } else if (algorithm == EncryptionAlgorithm.A128CBC || algorithm == EncryptionAlgorithm.A192CBC - || algorithm == EncryptionAlgorithm.A256CBC || algorithm == EncryptionAlgorithm.A128CBCPAD - || algorithm == EncryptionAlgorithm.A192CBCPAD || algorithm == EncryptionAlgorithm.A256CBCPAD) { - - iv = generateRandomByteArray(CBC_BLOCK_SIZE); - } - } - try { transform = symmetricEncryptionAlgorithm.createDecryptor(this.key, iv, additionalAuthenticatedData, authenticationTag); } catch (Exception e) { @@ -151,7 +139,7 @@ Mono decryptAsync(DecryptOptions decryptOptions, Context context, byte[] decrypted; try { - decrypted = transform.doFinal(decryptOptions.getCiphertext()); + decrypted = transform.doFinal(decryptOptions.getCipherText()); } catch (Exception e) { return Mono.error(e); }