Package de.otto.kafka.messaging.e2ee
Interface KafkaEncryptionHelper
public interface KafkaEncryptionHelper
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final StringName of Kafka Header for the cipher metadata for the partition keystatic final StringName of Kafka Header for the cipher metadata for the payload (or value)static final StringName of Kafka Header for the initialization vector for the partition keystatic final StringName of Kafka Header for the initialization vector for the payload (or value) -
Method Summary
Static MethodsModifier and TypeMethodDescriptionstatic AesEncryptedPayloadaesEncryptedPayloadOfKafka(byte[] encryptedPayload, byte[] kafkaHeaderInitializationVector, byte[] kafkaHeaderCiphersText) static AesEncryptedPayloadaesEncryptedPayloadOfKafka(byte[] encryptedPayload, String kafkaHeaderInitializationVector, String kafkaHeaderCiphersText) static AesEncryptedPayloadaesEncryptedPayloadOfKafkaForKey(byte[] encryptedPayload, Map<String, ?> kafkaHeaders) static AesEncryptedPayloadaesEncryptedPayloadOfKafkaForValue(byte[] encryptedPayload, Map<String, ?> kafkaHeaders) static StringbyteArrayToUtf8String(byte[] kafkaHeaderValue) static EncryptionCipherSpecextractCipherSpec(byte[] cipherHeaderValue) static EncryptionCipherSpecextractCipherSpec(String ciphersText) static StringextractEncryptionKeyAttributeName(String ciphersText) static byte[]extractIv(byte[] ivRaw) static byte[]static StringextractKafkaHeaderValueText(Map<String, ?> kafkaHeaders, String headerName) find and extract the value of the specified kafka headerstatic intextractKeyVersion(byte[] cipherHeaderValue) static intextractKeyVersion(String ciphersText) static StringheaderNameCiphers(boolean isForKey) static StringheaderNameIv(boolean isForKey) static byte[]mapToCipherHeaderValue(AesEncryptedPayload encryptedPayload) static StringmapToCipherHeaderValueText(AesEncryptedPayload encryptedPayload) static StringmapToCipherHeaderValueText(EncryptionCipherSpec cipherSpec) static byte[]mapToIvHeaderValue(AesEncryptedPayload encryptedPayload) static StringmapToIvHeaderValueText(AesEncryptedPayload encryptedPayload) mapToKafkaHeadersForKey(AesEncryptedPayload encryptedPayload) mapToKafkaHeadersForValue(AesEncryptedPayload encryptedPayload)
-
Field Details
-
KAFKA_HEADER_IV_KEY
Name of Kafka Header for the initialization vector for the partition key- See Also:
-
KAFKA_HEADER_IV_VALUE
Name of Kafka Header for the initialization vector for the payload (or value)- See Also:
-
KAFKA_HEADER_CIPHER_KEY
Name of Kafka Header for the cipher metadata for the partition key- See Also:
-
KAFKA_HEADER_CIPHER_VALUE
Name of Kafka Header for the cipher metadata for the payload (or value)- See Also:
-
-
Method Details
-
headerNameIv
-
headerNameCiphers
-
aesEncryptedPayloadOfKafka
static AesEncryptedPayload aesEncryptedPayloadOfKafka(byte[] encryptedPayload, String kafkaHeaderInitializationVector, String kafkaHeaderCiphersText) - Parameters:
encryptedPayload- the encrypted payloadkafkaHeaderInitializationVector- value of kafka header of "initialization vector"kafkaHeaderCiphersText- value of kafka header of "ciphers"- Returns:
- a AesEncryptedPayload instance with the given values
-
aesEncryptedPayloadOfKafka
static AesEncryptedPayload aesEncryptedPayloadOfKafka(byte[] encryptedPayload, byte[] kafkaHeaderInitializationVector, byte[] kafkaHeaderCiphersText) - Parameters:
encryptedPayload- the encrypted payloadkafkaHeaderInitializationVector- value of kafka header of "initialization vector"kafkaHeaderCiphersText- value of kafka header of "ciphers"- Returns:
- a AesEncryptedPayload instance with the given values
-
aesEncryptedPayloadOfKafkaForKey
static AesEncryptedPayload aesEncryptedPayloadOfKafkaForKey(byte[] encryptedPayload, Map<String, ?> kafkaHeaders) - Parameters:
encryptedPayload- the encrypted payloadkafkaHeaders- all kafka headers including "initialization vector" and "ciphers"- Returns:
- a AesEncryptedPayload instance with the given values to represent an encrypted kafka key
- See Also:
-
aesEncryptedPayloadOfKafkaForValue
static AesEncryptedPayload aesEncryptedPayloadOfKafkaForValue(byte[] encryptedPayload, Map<String, ?> kafkaHeaders) - Parameters:
encryptedPayload- the encrypted payloadkafkaHeaders- all kafka headers including "initialization vector" and "ciphers"- Returns:
- a AesEncryptedPayload instance with the given values to represent an encrypted kafka value a.k.a. payload
- See Also:
-
extractKafkaHeaderValueText
find and extract the value of the specified kafka header- Parameters:
kafkaHeaders- all kafka headersheaderName- name of the kafka header that are of interest- Returns:
- the found header or
null
-
byteArrayToUtf8String
- Parameters:
kafkaHeaderValue- a Kafka header value as raw byte array ornull- Returns:
- the header value as String can be
null
-
mapToKafkaHeadersForKey
- Parameters:
encryptedPayload- a AesEncryptedPayload object for a Kafka key- Returns:
- the kafka headers needed for given AesEncryptedPayload
- See Also:
-
mapToKafkaHeadersForValue
- Parameters:
encryptedPayload- a AesEncryptedPayload object for a Kafka value a.k.a. payload- Returns:
- the kafka headers needed for given AesEncryptedPayload
- See Also:
-
mapToIvHeaderValueText
- Parameters:
encryptedPayload- the payload- Returns:
- the value for the initialization vector. Note: you should check
AesEncryptedPayload.isEncrypted()before calling this method. - See Also:
-
mapToIvHeaderValue
- Parameters:
encryptedPayload- the payload- Returns:
- the value for the initialization vector. Note: you should check
AesEncryptedPayload.isEncrypted()before calling this method. - See Also:
-
mapToCipherHeaderValueText
- Parameters:
encryptedPayload- the payload- Returns:
- the value for the cipher metadata. Note: you should check
AesEncryptedPayload.isEncrypted()before calling this method. - See Also:
-
mapToCipherHeaderValueText
- Parameters:
cipherSpec- the cipher spec- Returns:
- the value for the cipher metadata.
- See Also:
-
mapToCipherHeaderValue
- Parameters:
encryptedPayload- the payload- Returns:
- the value for the cipher metadata. Note: you should check
AesEncryptedPayload.isEncrypted()before calling this method. - See Also:
-
extractIv
static byte[] extractIv(byte[] ivRaw) - Parameters:
ivRaw- the raw kafka header value of the initialization vector- Returns:
- the initialization vector
- See Also:
-
extractIv
- Parameters:
ivText- the kafka header value of the initialization vector- Returns:
- the initialization vector
- See Also:
-
extractKeyVersion
static int extractKeyVersion(byte[] cipherHeaderValue) - Parameters:
cipherHeaderValue- the raw kafka header value of the cipher metadata.- Returns:
- the key version used to encrypt the payload
- See Also:
-
extractKeyVersion
- Parameters:
ciphersText- the kafka header value of the cipher metadata.- Returns:
- the key version used to encrypt the payload
- See Also:
-
extractEncryptionKeyAttributeName
- Parameters:
ciphersText- the kafka header value of the cipher metadata.- Returns:
- the encryptionKeyAttributeName used to fetch the key from the vault
- See Also:
-
extractCipherSpec
- Parameters:
cipherHeaderValue- the kafka header value of the cipher metadata.- Returns:
- the EncryptionCipherSpec used to fetch the key from the vault
- See Also:
-
extractCipherSpec
- Parameters:
ciphersText- the kafka header value of the cipher metadata.- Returns:
- the EncryptionCipherSpec used to fetch the key from the vault
- See Also:
-