public abstract class ContentCryptoScheme extends Object
| Modifier and Type | Field and Description | 
|---|---|
| static ContentCryptoScheme | AES_CBCEncryption Only (EO) scheme. | 
| static ContentCryptoScheme | AES_CTRThis is an auxiliary scheme used for range retrieval when object is
 encrypted via AES/GCM. | 
| static ContentCryptoScheme | AES_GCMAuthenticated Encryption (AE) scheme. | 
| static long | MAX_GCM_BLOCKSThe maximum number of 16-byte blocks that can be encrypted with a
 GCM cipher. | 
| static long | MAX_GCM_BYTESThe maximum number of bytes that can be encrypted with a
 GCM cipher. | 
| Constructor and Description | 
|---|
| ContentCryptoScheme() | 
| Modifier and Type | Method and Description | 
|---|---|
| byte[] | adjustIV(byte[] iv,
        long startingBytePos) | 
| CipherLite | createCipherLite(SecretKey cek,
                byte[] iv,
                int cipherMode)Creates and initializes a cipher lite for content encrypt/decryption. | 
| CipherLite | createCipherLite(SecretKey cek,
                byte[] iv,
                int cipherMode,
                Provider provider,
                boolean alwaysUseProvider)Creates and initializes a  CipherLitefor content
 encrypt/decryption. | 
| static ContentCryptoScheme | fromCEKAlgo(String cekAlgo)Returns the content crypto scheme of the given content encryption algorithm. | 
| static ContentCryptoScheme | fromCEKAlgo(String cekAlgo,
           boolean isRangeGet) | 
| abstract int | getBlockSizeInBytes() | 
| abstract String | getCipherAlgorithm() | 
| abstract int | getIVLengthInBytes() | 
| abstract String | getKeyGeneratorAlgorithm() | 
| abstract int | getKeyLengthInBits() | 
| String | getKeySpec()A convenient method motivated by KMS. | 
| String | getPreferredCipherProvider()Returns the preferred security provider to use for this crypto scheme. | 
| int | getTagLengthInBits() | 
| static byte[] | incrementBlocks(byte[] counter,
               long blockDelta)Increment the rightmost 32 bits of a 16-byte counter by the specified
 delta. | 
| String | toString() | 
public static final long MAX_GCM_BLOCKS
Reference: NIST Special Publication 800-38D..
public static final long MAX_GCM_BYTES
public static final ContentCryptoScheme AES_CBC
public static final ContentCryptoScheme AES_GCM
public static final ContentCryptoScheme AES_CTR
public abstract String getKeyGeneratorAlgorithm()
public abstract String getCipherAlgorithm()
public String getPreferredCipherProvider()
AesGcm prefers to use the
 BouncyCastle provider.public abstract int getKeyLengthInBits()
public abstract int getBlockSizeInBytes()
public abstract int getIVLengthInBytes()
public int getTagLengthInBits()
public byte[] adjustIV(byte[] iv,
                       long startingBytePos)
public static byte[] incrementBlocks(byte[] counter,
                                     long blockDelta)
counter - a 16-byte counter used in AES/CTRblockDelta - the number of blocks (16-byte) to incrementpublic static ContentCryptoScheme fromCEKAlgo(String cekAlgo)
public static ContentCryptoScheme fromCEKAlgo(String cekAlgo, boolean isRangeGet)
public CipherLite createCipherLite(SecretKey cek, byte[] iv, int cipherMode, Provider provider, boolean alwaysUseProvider)
CipherLite for content
 encrypt/decryption.cek - content encrypting keyiv - initialization vectorcipherMode - such as Cipher.ENCRYPT_MODEprovider - the security provider the user specified. For backwards
            compatibility, if this scheme defines a preferred provider,
            the user-specified provider is by default ignored.alwaysUseProvider - if true, always use the user-specified provider above, even
            if this scheme has a preferred provider.public CipherLite createCipherLite(SecretKey cek, byte[] iv, int cipherMode) throws InvalidKeyException, NoSuchAlgorithmException, NoSuchProviderException, NoSuchPaddingException, InvalidAlgorithmParameterException
cek - content encrypting keyiv - initialization vectorcipherMode - such as Cipher.ENCRYPT_MODEInvalidKeyExceptionNoSuchAlgorithmExceptionNoSuchProviderExceptionNoSuchPaddingExceptionInvalidAlgorithmParameterExceptionpublic final String getKeySpec()