Package de.otto.kafka.messaging.e2ee

Class AesEncryptedPayload

java.lang.Object
de.otto.kafka.messaging.e2ee.AesEncryptedPayload
public final class AesEncryptedPayload extends Object
record to hold all the data needed for an encrypted payload. But it can also hold an unencrypted payload.
See Also:

  • Constructor Details

    • AesEncryptedPayload

      public AesEncryptedPayload(byte[] plainPayload)
      Parameters:
      plainPayload - the plain text as byte array.

    • AesEncryptedPayload

      public AesEncryptedPayload(byte[] encryptedPayload, byte[] initializationVector, int keyVersion)
      Parameters:
      encryptedPayload - an encrypted payload as byte array
      initializationVector - the raw initialization vector
      keyVersion - the vault version of the encryption key entry

    • AesEncryptedPayload

      public AesEncryptedPayload(byte[] encryptedPayload, byte[] initializationVector, int keyVersion, String encryptionKeyAttributeName)
      Parameters:
      encryptedPayload - an encrypted payload as byte array
      initializationVector - the raw initialization vector
      keyVersion - the vault version of the encryption key entry
      encryptionKeyAttributeName - JSON property name of the key within Vault. Can be null for Field-Level-Encryption.

    • AesEncryptedPayload

      public AesEncryptedPayload(byte[] encryptedPayload, String initializationVectorBase64, int keyVersion)
      Parameters:
      encryptedPayload - an encrypted payload as byte array
      initializationVectorBase64 - the initialization vector base64 encoded
      keyVersion - the vault version of the encryption key entry

    • AesEncryptedPayload

      public AesEncryptedPayload(byte[] encryptedPayload, String initializationVectorBase64, int keyVersion, String encryptionKeyAttributeName)
      Parameters:
      encryptedPayload - an encrypted payload as byte array
      initializationVectorBase64 - the initialization vector base64 encoded
      keyVersion - the vault version of the encryption key entry
      encryptionKeyAttributeName - JSON property name of the key within Vault. Can be null for Field-Level-Encryption.

  • Method Details

    • ofUnencryptedPayload

      public static AesEncryptedPayload ofUnencryptedPayload(byte[] plainPayload)
      Parameters:
      plainPayload - the plain payload as byte array
      Returns:
      an AesEncryptedPayload of an unencrypted payload

    • ofEncryptedPayload

      public static AesEncryptedPayload ofEncryptedPayload(byte[] encryptedPayload, byte[] initializationVector, EncryptionKeyProvider.KeyVersion keyVersion)
      Parameters:
      encryptedPayload - an encrypted payload as byte array
      initializationVector - the raw initialization vector
      keyVersion - the vault data for the encryption key
      Returns:
      an AesEncryptedPayload of an encrypted payload

    • ofEncryptedPayload

      public static AesEncryptedPayload ofEncryptedPayload(byte[] encryptedPayload, String initializationVectorBase64, int keyVersion)
      Parameters:
      encryptedPayload - an encrypted payload as byte array
      initializationVectorBase64 - the initialization vector base64 encoded
      keyVersion - the vault metadata for the encryption key
      Returns:
      an AesEncryptedPayload of an encrypted payload

    • ofEncryptedPayload

      public static AesEncryptedPayload ofEncryptedPayload(byte[] encryptedPayload, String initializationVectorBase64, int keyVersion, String encryptionKeyAttributeName)
      Parameters:
      encryptedPayload - an encrypted payload as byte array
      initializationVectorBase64 - the initialization vector base64 encoded
      keyVersion - the vault version of the encryption key entry
      encryptionKeyAttributeName - JSON property name of the key within Vault. Can be null for Field-Level-Encryption.
      Returns:
      an AesEncryptedPayload of an encrypted payload

    • ofEncryptedPayload

      public static AesEncryptedPayload ofEncryptedPayload(byte[] encryptedPayload, byte[] initializationVector, EncryptionCipherSpec cipherSpec)
      Parameters:
      encryptedPayload - an encrypted payload as byte array
      initializationVector - the raw initialization vector
      cipherSpec - the vault metadata for the encryption key
      Returns:
      an AesEncryptedPayload of an encrypted payload

    • ofEncryptedPayload

      public static AesEncryptedPayload ofEncryptedPayload(byte[] encryptedPayload, String initializationVectorBase64, EncryptionCipherSpec cipherSpec)
      Parameters:
      encryptedPayload - an encrypted payload as byte array
      initializationVectorBase64 - the initialization vector base64 encoded
      cipherSpec - the vault metadata for the encryption key
      Returns:
      an AesEncryptedPayload of an encrypted payload

    • isEncrypted

      public boolean isEncrypted()
      Returns:
      true when this object holds an encrypted value. false when this object hold an unencrypted value.

    • encryptedPayload

      public byte[] encryptedPayload()
      Returns:
      the value - which might is encrypted
      See Also:

    • initializationVector

      public byte[] initializationVector()
      Returns:
      the raw initialization vector or null when the value is encrypted
      See Also:

    • initializationVectorBase64

      public String initializationVectorBase64()
      Returns:
      the initialization vector base64 encoded or null when the value is encrypted
      See Also:

    • keyVersion

      public int keyVersion()
      Returns:
      the vault version of the encryption key entry

    • encryptionKeyAttributeName

      public String encryptionKeyAttributeName()
      Returns:
      name of the encryption key property within the vault. When null, then the default value must be used.

    • toString

      public String toString()
      Overrides:
      toString in class Object