Skip to content

Commit

Permalink
Added small changes that missed PR #17209 (#17552)
Browse files Browse the repository at this point in the history
* Added support for encryption AES encryption algorithms.

* Added CryptographyOptions and ensured the initialization vector is populated before attempting to perform any local cryptography operations on symmetric keys.

* Added APIs that accept CryptographyOptions to CryptographyClient.

* Fixed Javadoc issues.

* Fixed checkstyle issues. Added samples.

* Added checkstyle exceptions.

* Fixed test and spotbugs issues.

* Applied PR feedback and added local tests.

* Made the EncryptOptions and DecryptOptions constructor package-private, as well as their children's, and made them have factory methods for creating the former to help with discoverability.

* Fixed build issues.

* Changed EncryptOptions and DecryptOptions to use a factory model.

* Added iv, additionalAuthenticatedDate and authenticationTag to EncryptResult.

* Made `plainText` and `cipherText` all lowercase.

* Reverted capitalization change.

* Added null check for `iv` in local decryption.
  • Loading branch information
vcolin7 authored Nov 13, 2020
1 parent eb98c16 commit 65f70ec
Show file tree
Hide file tree
Showing 15 changed files with 188 additions and 194 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -43,8 +43,8 @@ static class AesCbcEncryptor implements ICryptoTransform {
}

@Override
public byte[] doFinal(byte[] plaintext) throws IllegalBlockSizeException, BadPaddingException {
return cipher.doFinal(plaintext);
public byte[] doFinal(byte[] plainText) throws IllegalBlockSizeException, BadPaddingException {
return cipher.doFinal(plainText);
}
}

Expand All @@ -65,8 +65,8 @@ static class AesCbcDecryptor implements ICryptoTransform {
}

@Override
public byte[] doFinal(byte[] plaintext) throws IllegalBlockSizeException, BadPaddingException {
return cipher.doFinal(plaintext);
public byte[] doFinal(byte[] plainText) throws IllegalBlockSizeException, BadPaddingException {
return cipher.doFinal(plainText);
}
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -43,8 +43,8 @@ static class AesCbcPadEncryptor implements ICryptoTransform {
}

@Override
public byte[] doFinal(byte[] plaintext) throws IllegalBlockSizeException, BadPaddingException {
return cipher.doFinal(plaintext);
public byte[] doFinal(byte[] plainText) throws IllegalBlockSizeException, BadPaddingException {
return cipher.doFinal(plainText);
}
}

Expand All @@ -65,8 +65,8 @@ static class AesCbcPadDecryptor implements ICryptoTransform {
}

@Override
public byte[] doFinal(byte[] plaintext) throws IllegalBlockSizeException, BadPaddingException {
return cipher.doFinal(plaintext);
public byte[] doFinal(byte[] plainText) throws IllegalBlockSizeException, BadPaddingException {
return cipher.doFinal(plainText);
}
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -47,8 +47,8 @@ static class AesGcmEncryptor implements ICryptoTransform {
}

@Override
public byte[] doFinal(byte[] plaintext) throws IllegalBlockSizeException, BadPaddingException {
return cipher.doFinal(plaintext);
public byte[] doFinal(byte[] plainText) throws IllegalBlockSizeException, BadPaddingException {
return cipher.doFinal(plainText);
}
}

Expand All @@ -75,8 +75,8 @@ static class AesGcmDecryptor implements ICryptoTransform {
}

@Override
public byte[] doFinal(byte[] plaintext) throws IllegalBlockSizeException, BadPaddingException {
return cipher.doFinal(plaintext);
public byte[] doFinal(byte[] plainText) throws IllegalBlockSizeException, BadPaddingException {
return cipher.doFinal(plainText);
}
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -48,10 +48,10 @@ static class AesKwDecryptor implements ICryptoTransform {
}

@Override
public byte[] doFinal(byte[] plaintext)
public byte[] doFinal(byte[] plainText)
throws IllegalBlockSizeException, BadPaddingException, InvalidKeyException, NoSuchAlgorithmException {

return cipher.unwrap(plaintext, "AESWrap", Cipher.SECRET_KEY).getEncoded();
return cipher.unwrap(plainText, "AESWrap", Cipher.SECRET_KEY).getEncoded();
}

}
Expand Down Expand Up @@ -81,10 +81,10 @@ static class AesKwEncryptor implements ICryptoTransform {
}

@Override
public byte[] doFinal(byte[] plaintext)
public byte[] doFinal(byte[] plainText)
throws IllegalBlockSizeException, BadPaddingException, InvalidKeyException {

return cipher.wrap(new SecretKeySpec(plaintext, "AES"));
return cipher.wrap(new SecretKeySpec(plainText, "AES"));
}

}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -196,7 +196,7 @@ Mono<JsonWebKey> getSecretKey() {
* portion of the key is used for encryption. This operation requires the keys/encrypt permission.
*
* <p>The {@link EncryptionAlgorithm encryption algorithm} indicates the type of algorithm to use for encrypting the
* specified {@code plaintext}. Possible values for asymmetric keys include:
* specified {@code plainText}. Possible values for asymmetric keys include:
* {@link EncryptionAlgorithm#RSA1_5 RSA1_5}, {@link EncryptionAlgorithm#RSA_OAEP RSA_OAEP} and
* {@link EncryptionAlgorithm#RSA_OAEP_256 RSA_OAEP_256}.
*
Expand All @@ -214,16 +214,16 @@ Mono<JsonWebKey> getSecretKey() {
* {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.encrypt#EncryptionAlgorithm-byte}
*
* @param algorithm The algorithm to be used for encryption.
* @param plaintext The content to be encrypted.
* @param plainText The content to be encrypted.
* @return A {@link Mono} containing a {@link EncryptResult} whose {@link EncryptResult#getCipherText() cipher text}
* contains the encrypted content.
* @throws ResourceNotFoundException If the key cannot be found for encryption.
* @throws UnsupportedOperationException If the encrypt operation is not supported or configured on the key.
* @throws NullPointerException If {@code algorithm} or {@code plaintext} are {@code null}.
* @throws NullPointerException If {@code algorithm} or {@code plainText} are {@code null}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public Mono<EncryptResult> encrypt(EncryptionAlgorithm algorithm, byte[] plaintext) {
return encrypt(new EncryptOptions(algorithm, plaintext, null, null), null);
public Mono<EncryptResult> encrypt(EncryptionAlgorithm algorithm, byte[] plainText) {
return encrypt(new EncryptOptions(algorithm, plainText, null, null), null);
}

/**
Expand All @@ -233,7 +233,7 @@ public Mono<EncryptResult> encrypt(EncryptionAlgorithm algorithm, byte[] plainte
* portion of the key is used for encryption. This operation requires the keys/encrypt permission.
*
* <p>The {@link EncryptionAlgorithm encryption algorithm} indicates the type of algorithm to use for encrypting the
* specified {@code plaintext}. Possible values for asymmetric keys include:
* specified {@code plainText}. Possible values for asymmetric keys include:
* {@link EncryptionAlgorithm#RSA1_5 RSA1_5}, {@link EncryptionAlgorithm#RSA_OAEP RSA_OAEP} and
* {@link EncryptionAlgorithm#RSA_OAEP_256 RSA_OAEP_256}.
*
Expand Down Expand Up @@ -309,15 +309,15 @@ Mono<EncryptResult> encrypt(EncryptOptions encryptOptions, Context context) {
* {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.decrypt#EncryptionAlgorithm-byte}
*
* @param algorithm The algorithm to be used for decryption.
* @param ciphertext The content to be decrypted.
* @param cipherText The content to be decrypted.
* @return A {@link Mono} containing the decrypted blob.
* @throws ResourceNotFoundException If the key cannot be found for decryption.
* @throws UnsupportedOperationException If the decrypt operation is not supported or configured on the key.
* @throws NullPointerException If {@code algorithm} or {@code ciphertext} are {@code null}.
* @throws NullPointerException If {@code algorithm} or {@code cipherText} are {@code null}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public Mono<DecryptResult> decrypt(EncryptionAlgorithm algorithm, byte[] ciphertext) {
return decrypt(new DecryptOptions(algorithm, ciphertext, null, null, null));
public Mono<DecryptResult> decrypt(EncryptionAlgorithm algorithm, byte[] cipherText) {
return decrypt(new DecryptOptions(algorithm, cipherText, null, null, null));
}

/**
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -102,16 +102,16 @@ public Response<KeyVaultKey> getKeyWithResponse(Context context) {
* {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyClient.encrypt#EncryptionAlgorithm-byte-Context}
*
* @param algorithm The algorithm to be used for encryption.
* @param plaintext The content to be encrypted.
* @param plainText The content to be encrypted.
* @param context Additional context that is passed through the Http pipeline during the service call.
* @return A {@link EncryptResult} whose {@link EncryptResult#getCipherText() cipher text} contains the encrypted
* content.
* @throws ResourceNotFoundException If the key cannot be found for encryption.
* @throws UnsupportedOperationException If the encrypt operation is not supported or configured on the key.
* @throws NullPointerException If {@code algorithm} or {@code plaintext} are {@code null}.
* @throws NullPointerException If {@code algorithm} or {@code plainText} are {@code null}.
*/
public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plaintext, Context context) {
return encrypt(new EncryptOptions(algorithm, plaintext, null, null), context);
public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plainText, Context context) {
return encrypt(new EncryptOptions(algorithm, plainText, null, null), context);
}

/**
Expand Down Expand Up @@ -139,15 +139,15 @@ public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plaintext, Co
* {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyClient.encrypt#EncryptionAlgorithm-byte}
*
* @param algorithm The algorithm to be used for encryption.
* @param plaintext The content to be encrypted.
* @param plainText The content to be encrypted.
* @return The {@link EncryptResult} whose {@link EncryptResult#getCipherText() cipher text} contains the encrypted
* content.
* @throws ResourceNotFoundException If the key cannot be found for encryption.
* @throws UnsupportedOperationException If the encrypt operation is not supported or configured on the key.
* @throws NullPointerException If {@code algorithm} or {@code plaintext} are {@code null}.
* @throws NullPointerException If {@code algorithm} or {@code plainText} are {@code null}.
*/
public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plaintext) {
return encrypt(algorithm, plaintext, Context.NONE);
public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plainText) {
return encrypt(algorithm, plainText, Context.NONE);
}

/**
Expand Down Expand Up @@ -211,15 +211,15 @@ public EncryptResult encrypt(EncryptOptions encryptOptions, Context context) {
* {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyClient.decrypt#EncryptionAlgorithm-byte-Context}
*
* @param algorithm The algorithm to be used for decryption.
* @param ciphertext The content to be decrypted.
* @param cipherText The content to be decrypted.
* @param context Additional context that is passed through the Http pipeline during the service call.
* @return The decrypted blob.
* @throws ResourceNotFoundException If the key cannot be found for encryption.
* @throws UnsupportedOperationException If the decrypt operation is not supported or configured on the key.
* @throws NullPointerException If {@code algorithm} or {@code ciphertext} are {@code null}.
* @throws NullPointerException If {@code algorithm} or {@code cipherText} are {@code null}.
*/
public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] ciphertext, Context context) {
return decrypt(new DecryptOptions(algorithm, ciphertext, null, null, null), context);
public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] cipherText, Context context) {
return decrypt(new DecryptOptions(algorithm, cipherText, null, null, null), context);
}

/**
Expand Down Expand Up @@ -247,14 +247,14 @@ public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] ciphertext, C
* {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyClient.decrypt#EncryptionAlgorithm-byte}
*
* @param algorithm The algorithm to be used for decryption.
* @param ciphertext The content to be decrypted.
* @param cipherText The content to be decrypted.
* @return The decrypted blob.
* @throws ResourceNotFoundException If the key cannot be found for encryption.
* @throws UnsupportedOperationException If the decrypt operation is not supported or configured on the key.
* @throws NullPointerException If {@code algorithm} or {@code ciphertext} are {@code null}.
* @throws NullPointerException If {@code algorithm} or {@code cipherText} are {@code null}.
*/
public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] ciphertext) {
return decrypt(new DecryptOptions(algorithm, ciphertext, null, null, null), Context.NONE);
public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] cipherText) {
return decrypt(new DecryptOptions(algorithm, cipherText, null, null, null), Context.NONE);
}

/**
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -133,7 +133,7 @@ Mono<EncryptResult> encrypt(EncryptOptions encryptOptions, Context context) {
byte[] authenticatedData = encryptOptions.getAdditionalAuthenticatedData();
KeyOperationParameters parameters = new KeyOperationParameters()
.setAlgorithm(algorithm)
.setValue(encryptOptions.getPlaintext())
.setValue(encryptOptions.getPlainText())
.setIv(iv)
.setAdditionalAuthenticatedData(authenticatedData);
context = context == null ? Context.NONE : context;
Expand All @@ -158,7 +158,7 @@ Mono<DecryptResult> decrypt(DecryptOptions decryptOptions, Context context) {
byte[] authenticationTag = decryptOptions.getAuthenticationTag();
KeyOperationParameters parameters = new KeyOperationParameters()
.setAlgorithm(algorithm)
.setValue(decryptOptions.getCiphertext())
.setValue(decryptOptions.getCipherText())
.setIv(iv)
.setAdditionalAuthenticatedData(additionalAuthenticatedData)
.setAuthenticationTag(authenticationTag);
Expand Down
Loading

0 comments on commit 65f70ec

Please sign in to comment.