Class DefaultFallbackEncryptor

java.lang.Object
org.alfresco.encryption.DefaultFallbackEncryptor
All Implemented Interfaces:
Encryptor, FallbackEncryptor

public class DefaultFallbackEncryptor extends Object implements FallbackEncryptor
The fallback encryptor provides a fallback mechanism for decryption, first using the default encryption keys and, if they fail (perhaps because they have been changed), falling back to a backup set of keys. Note that encryption will be performed only using the default encryption keys.
Since:
4.0
  • Constructor Details

    • DefaultFallbackEncryptor

      public DefaultFallbackEncryptor()
    • DefaultFallbackEncryptor

      public DefaultFallbackEncryptor(Encryptor main, Encryptor fallback)
  • Method Details

    • setFallback

      public void setFallback(Encryptor fallback)
    • setMain

      public void setMain(Encryptor main)
    • encrypt

      public Pair<byte[],AlgorithmParameters> encrypt(String keyAlias, AlgorithmParameters params, byte[] input)
      Encrypt some bytes
      Specified by:
      encrypt in interface Encryptor
      Parameters:
      keyAlias - the encryption key alias
      input - the data to encrypt
      Returns:
      the encrypted data and parameters used
    • decrypt

      public byte[] decrypt(String keyAlias, AlgorithmParameters params, byte[] input)
      Decrypt some bytes
      Specified by:
      decrypt in interface Encryptor
      Parameters:
      keyAlias - the encryption key alias
      input - the data to decrypt
      Returns:
      the unencrypted data
    • decrypt

      public InputStream decrypt(String keyAlias, AlgorithmParameters params, InputStream in)
      Decrypt an input stream
      Specified by:
      decrypt in interface Encryptor
      Parameters:
      keyAlias - the encryption key alias
      in - the data to decrypt
      Returns:
      the unencrypted data
    • encryptObject

      public Pair<byte[],AlgorithmParameters> encryptObject(String keyAlias, AlgorithmParameters params, Object input)
      Encrypt an object
      Specified by:
      encryptObject in interface Encryptor
      Parameters:
      keyAlias - the encryption key alias
      input - the object to write to bytes
      Returns:
      the encrypted data and parameters used
    • decryptObject

      public Object decryptObject(String keyAlias, AlgorithmParameters params, byte[] input)
      Decrypt data as an object
      Specified by:
      decryptObject in interface Encryptor
      Parameters:
      keyAlias - the encryption key alias
      input - the data to decrypt
      Returns:
      the unencrypted data deserialized
    • sealObject

      public Serializable sealObject(String keyAlias, AlgorithmParameters params, Serializable input)
      Convenience method to seal on object up cryptographically.

      Note that the original object may be returned directly if there is no key associated with the alias.

      Specified by:
      sealObject in interface Encryptor
      Parameters:
      keyAlias - the encryption key alias
      input - the object to encrypt and seal
      Returns:
      the sealed object that can be decrypted with the original key
    • unsealObject

      public Serializable unsealObject(String keyAlias, Serializable input) throws InvalidKeyException
      Convenience method to unseal on object sealed up cryptographically.

      Note that the algorithm parameters not provided on the assumption that a symmetric key algorithm is in use - only the key is required for unsealing.

      Note that the original object may be returned directly if there is no key associated with the alias or if the input object is not a SealedObject.

      Specified by:
      unsealObject in interface Encryptor
      Parameters:
      keyAlias - the encryption key alias
      input - the object to decrypt and unseal
      Returns:
      the original unsealed object that was encrypted with the original key
      Throws:
      InvalidKeyException
    • decodeAlgorithmParameters

      public AlgorithmParameters decodeAlgorithmParameters(byte[] encoded)
      Decodes encoded cipher algorithm parameters
      Specified by:
      decodeAlgorithmParameters in interface Encryptor
      Parameters:
      encoded - the encoded cipher algorithm parameters
      Returns:
      the decoded cipher algorithmParameters
    • keyAvailable

      public boolean keyAvailable(String keyAlias)
      Specified by:
      keyAvailable in interface Encryptor
    • backupKeyAvailable

      public boolean backupKeyAvailable(String keyAlias)
      Is the backup key available in order to fall back to?
      Specified by:
      backupKeyAvailable in interface FallbackEncryptor
      Returns:
      boolean