Added small changes that missed PR #17209 (#17552)

* Added support for encryption AES encryption algorithms. * Added CryptographyOptions and ensured the initialization vector is populated before attempting to perform any local cryptography operations on symmetric keys. * Added APIs that accept CryptographyOptions to CryptographyClient. * Fixed Javadoc issues. * Fixed checkstyle issues. Added samples. * Added checkstyle exceptions. * Fixed test and spotbugs issues. * Applied PR feedback and added local tests. * Made the EncryptOptions and DecryptOptions constructor package-private, as well as their children's, and made them have factory methods for creating the former to help with discoverability. * Fixed build issues. * Changed EncryptOptions and DecryptOptions to use a factory model. * Added iv, additionalAuthenticatedDate and authenticationTag to EncryptResult. * Made `plainText` and `cipherText` all lowercase. * Reverted capitalization change. * Added null check for `iv` in local decryption.
Azure · Nov 13, 2020 · 65f70ec · 65f70ec
1 parent eb98c16
commit 65f70ec
Show file tree

Hide file tree

Showing 15 changed files with 188 additions and 194 deletions.
diff --git a/...ity-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbc.java b/...ity-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbc.java
@@ -43,8 +43,8 @@ static class AesCbcEncryptor implements ICryptoTransform {
         }
 
         @Override
-        public byte[] doFinal(byte[] plaintext) throws IllegalBlockSizeException, BadPaddingException {
-            return cipher.doFinal(plaintext);
+        public byte[] doFinal(byte[] plainText) throws IllegalBlockSizeException, BadPaddingException {
+            return cipher.doFinal(plainText);
         }
     }
 
@@ -65,8 +65,8 @@ static class AesCbcDecryptor implements ICryptoTransform {
         }
 
         @Override
-        public byte[] doFinal(byte[] plaintext) throws IllegalBlockSizeException, BadPaddingException {
-            return cipher.doFinal(plaintext);
+        public byte[] doFinal(byte[] plainText) throws IllegalBlockSizeException, BadPaddingException {
+            return cipher.doFinal(plainText);
         }
     }
 

diff --git a/...-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbcPad.java b/...-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesCbcPad.java
@@ -43,8 +43,8 @@ static class AesCbcPadEncryptor implements ICryptoTransform {
         }
 
         @Override
-        public byte[] doFinal(byte[] plaintext) throws IllegalBlockSizeException, BadPaddingException {
-            return cipher.doFinal(plaintext);
+        public byte[] doFinal(byte[] plainText) throws IllegalBlockSizeException, BadPaddingException {
+            return cipher.doFinal(plainText);
         }
     }
 
@@ -65,8 +65,8 @@ static class AesCbcPadDecryptor implements ICryptoTransform {
         }
 
         @Override
-        public byte[] doFinal(byte[] plaintext) throws IllegalBlockSizeException, BadPaddingException {
-            return cipher.doFinal(plaintext);
+        public byte[] doFinal(byte[] plainText) throws IllegalBlockSizeException, BadPaddingException {
+            return cipher.doFinal(plainText);
         }
     }
 

diff --git a/...ity-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesGcm.java b/...ity-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesGcm.java
@@ -47,8 +47,8 @@ static class AesGcmEncryptor implements ICryptoTransform {
         }
 
         @Override
-        public byte[] doFinal(byte[] plaintext) throws IllegalBlockSizeException, BadPaddingException {
-            return cipher.doFinal(plaintext);
+        public byte[] doFinal(byte[] plainText) throws IllegalBlockSizeException, BadPaddingException {
+            return cipher.doFinal(plainText);
         }
     }
 
@@ -75,8 +75,8 @@ static class AesGcmDecryptor implements ICryptoTransform {
         }
 
         @Override
-        public byte[] doFinal(byte[] plaintext) throws IllegalBlockSizeException, BadPaddingException {
-            return cipher.doFinal(plaintext);
+        public byte[] doFinal(byte[] plainText) throws IllegalBlockSizeException, BadPaddingException {
+            return cipher.doFinal(plainText);
         }
     }
 

diff --git a/...rity-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesKw.java b/...rity-keyvault-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/AesKw.java
@@ -48,10 +48,10 @@ static class AesKwDecryptor implements ICryptoTransform {
         }
 
         @Override
-        public byte[] doFinal(byte[] plaintext)
+        public byte[] doFinal(byte[] plainText)
             throws IllegalBlockSizeException, BadPaddingException, InvalidKeyException, NoSuchAlgorithmException {
 
-            return cipher.unwrap(plaintext, "AESWrap", Cipher.SECRET_KEY).getEncoded();
+            return cipher.unwrap(plainText, "AESWrap", Cipher.SECRET_KEY).getEncoded();
         }
 
     }
@@ -81,10 +81,10 @@ static class AesKwEncryptor implements ICryptoTransform {
         }
 
         @Override
-        public byte[] doFinal(byte[] plaintext)
+        public byte[] doFinal(byte[] plainText)
             throws IllegalBlockSizeException, BadPaddingException, InvalidKeyException {
 
-            return cipher.wrap(new SecretKeySpec(plaintext, "AES"));
+            return cipher.wrap(new SecretKeySpec(plainText, "AES"));
         }
 
     }

diff --git a/.../src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyAsyncClient.java b/.../src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyAsyncClient.java
@@ -196,7 +196,7 @@ Mono<JsonWebKey> getSecretKey() {
      * portion of the key is used for encryption. This operation requires the keys/encrypt permission.
      *
      * <p>The {@link EncryptionAlgorithm encryption algorithm} indicates the type of algorithm to use for encrypting the
-     * specified {@code plaintext}. Possible values for asymmetric keys include:
+     * specified {@code plainText}. Possible values for asymmetric keys include:
      * {@link EncryptionAlgorithm#RSA1_5 RSA1_5}, {@link EncryptionAlgorithm#RSA_OAEP RSA_OAEP} and
      * {@link EncryptionAlgorithm#RSA_OAEP_256 RSA_OAEP_256}.
      *
@@ -214,16 +214,16 @@ Mono<JsonWebKey> getSecretKey() {
      * {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.encrypt#EncryptionAlgorithm-byte}
      *
      * @param algorithm The algorithm to be used for encryption.
-     * @param plaintext The content to be encrypted.
+     * @param plainText The content to be encrypted.
      * @return A {@link Mono} containing a {@link EncryptResult} whose {@link EncryptResult#getCipherText() cipher text}
      * contains the encrypted content.
      * @throws ResourceNotFoundException If the key cannot be found for encryption.
      * @throws UnsupportedOperationException If the encrypt operation is not supported or configured on the key.
-     * @throws NullPointerException If {@code algorithm} or {@code plaintext} are {@code null}.
+     * @throws NullPointerException If {@code algorithm} or {@code plainText} are {@code null}.
      */
     @ServiceMethod(returns = ReturnType.SINGLE)
-    public Mono<EncryptResult> encrypt(EncryptionAlgorithm algorithm, byte[] plaintext) {
-        return encrypt(new EncryptOptions(algorithm, plaintext, null, null), null);
+    public Mono<EncryptResult> encrypt(EncryptionAlgorithm algorithm, byte[] plainText) {
+        return encrypt(new EncryptOptions(algorithm, plainText, null, null), null);
     }
 
     /**
@@ -233,7 +233,7 @@ public Mono<EncryptResult> encrypt(EncryptionAlgorithm algorithm, byte[] plainte
      * portion of the key is used for encryption. This operation requires the keys/encrypt permission.
      *
      * <p>The {@link EncryptionAlgorithm encryption algorithm} indicates the type of algorithm to use for encrypting the
-     * specified {@code plaintext}. Possible values for asymmetric keys include:
+     * specified {@code plainText}. Possible values for asymmetric keys include:
      * {@link EncryptionAlgorithm#RSA1_5 RSA1_5}, {@link EncryptionAlgorithm#RSA_OAEP RSA_OAEP} and
      * {@link EncryptionAlgorithm#RSA_OAEP_256 RSA_OAEP_256}.
      *
@@ -309,15 +309,15 @@ Mono<EncryptResult> encrypt(EncryptOptions encryptOptions, Context context) {
      * {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyAsyncClient.decrypt#EncryptionAlgorithm-byte}
      *
      * @param algorithm The algorithm to be used for decryption.
-     * @param ciphertext The content to be decrypted.
+     * @param cipherText The content to be decrypted.
      * @return A {@link Mono} containing the decrypted blob.
      * @throws ResourceNotFoundException If the key cannot be found for decryption.
      * @throws UnsupportedOperationException If the decrypt operation is not supported or configured on the key.
-     * @throws NullPointerException If {@code algorithm} or {@code ciphertext} are {@code null}.
+     * @throws NullPointerException If {@code algorithm} or {@code cipherText} are {@code null}.
      */
     @ServiceMethod(returns = ReturnType.SINGLE)
-    public Mono<DecryptResult> decrypt(EncryptionAlgorithm algorithm, byte[] ciphertext) {
-        return decrypt(new DecryptOptions(algorithm, ciphertext, null, null, null));
+    public Mono<DecryptResult> decrypt(EncryptionAlgorithm algorithm, byte[] cipherText) {
+        return decrypt(new DecryptOptions(algorithm, cipherText, null, null, null));
     }
 
     /**

diff --git a/...-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyClient.java b/...-keys/src/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyClient.java
@@ -102,16 +102,16 @@ public Response<KeyVaultKey> getKeyWithResponse(Context context) {
      * {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyClient.encrypt#EncryptionAlgorithm-byte-Context}
      *
      * @param algorithm The algorithm to be used for encryption.
-     * @param plaintext The content to be encrypted.
+     * @param plainText The content to be encrypted.
      * @param context Additional context that is passed through the Http pipeline during the service call.
      * @return A {@link EncryptResult} whose {@link EncryptResult#getCipherText() cipher text} contains the encrypted
      * content.
      * @throws ResourceNotFoundException If the key cannot be found for encryption.
      * @throws UnsupportedOperationException If the encrypt operation is not supported or configured on the key.
-     * @throws NullPointerException If {@code algorithm} or {@code plaintext} are {@code null}.
+     * @throws NullPointerException If {@code algorithm} or {@code plainText} are {@code null}.
      */
-    public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plaintext, Context context) {
-        return encrypt(new EncryptOptions(algorithm, plaintext, null, null), context);
+    public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plainText, Context context) {
+        return encrypt(new EncryptOptions(algorithm, plainText, null, null), context);
     }
 
     /**
@@ -139,15 +139,15 @@ public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plaintext, Co
      * {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyClient.encrypt#EncryptionAlgorithm-byte}
      *
      * @param algorithm The algorithm to be used for encryption.
-     * @param plaintext The content to be encrypted.
+     * @param plainText The content to be encrypted.
      * @return The {@link EncryptResult} whose {@link EncryptResult#getCipherText() cipher text} contains the encrypted
      * content.
      * @throws ResourceNotFoundException If the key cannot be found for encryption.
      * @throws UnsupportedOperationException If the encrypt operation is not supported or configured on the key.
-     * @throws NullPointerException If {@code algorithm} or {@code plaintext} are {@code null}.
+     * @throws NullPointerException If {@code algorithm} or {@code plainText} are {@code null}.
      */
-    public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plaintext) {
-        return encrypt(algorithm, plaintext, Context.NONE);
+    public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plainText) {
+        return encrypt(algorithm, plainText, Context.NONE);
     }
 
     /**
@@ -211,15 +211,15 @@ public EncryptResult encrypt(EncryptOptions encryptOptions, Context context) {
      * {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyClient.decrypt#EncryptionAlgorithm-byte-Context}
      *
      * @param algorithm The algorithm to be used for decryption.
-     * @param ciphertext The content to be decrypted.
+     * @param cipherText The content to be decrypted.
      * @param context Additional context that is passed through the Http pipeline during the service call.
      * @return The decrypted blob.
      * @throws ResourceNotFoundException If the key cannot be found for encryption.
      * @throws UnsupportedOperationException If the decrypt operation is not supported or configured on the key.
-     * @throws NullPointerException If {@code algorithm} or {@code ciphertext} are {@code null}.
+     * @throws NullPointerException If {@code algorithm} or {@code cipherText} are {@code null}.
      */
-    public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] ciphertext, Context context) {
-        return decrypt(new DecryptOptions(algorithm, ciphertext, null, null, null), context);
+    public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] cipherText, Context context) {
+        return decrypt(new DecryptOptions(algorithm, cipherText, null, null, null), context);
     }
 
     /**
@@ -247,14 +247,14 @@ public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] ciphertext, C
      * {@codesnippet com.azure.security.keyvault.keys.cryptography.CryptographyClient.decrypt#EncryptionAlgorithm-byte}
      *
      * @param algorithm The algorithm to be used for decryption.
-     * @param ciphertext The content to be decrypted.
+     * @param cipherText The content to be decrypted.
      * @return The decrypted blob.
      * @throws ResourceNotFoundException If the key cannot be found for encryption.
      * @throws UnsupportedOperationException If the decrypt operation is not supported or configured on the key.
-     * @throws NullPointerException If {@code algorithm} or {@code ciphertext} are {@code null}.
+     * @throws NullPointerException If {@code algorithm} or {@code cipherText} are {@code null}.
      */
-    public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] ciphertext) {
-        return decrypt(new DecryptOptions(algorithm, ciphertext, null, null, null), Context.NONE);
+    public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] cipherText) {
+        return decrypt(new DecryptOptions(algorithm, cipherText, null, null, null), Context.NONE);
     }
 
     /**

diff --git a/...rc/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyServiceClient.java b/...rc/main/java/com/azure/security/keyvault/keys/cryptography/CryptographyServiceClient.java
@@ -133,7 +133,7 @@ Mono<EncryptResult> encrypt(EncryptOptions encryptOptions, Context context) {
         byte[] authenticatedData = encryptOptions.getAdditionalAuthenticatedData();
         KeyOperationParameters parameters = new KeyOperationParameters()
             .setAlgorithm(algorithm)
-            .setValue(encryptOptions.getPlaintext())
+            .setValue(encryptOptions.getPlainText())
             .setIv(iv)
             .setAdditionalAuthenticatedData(authenticatedData);
         context = context == null ? Context.NONE : context;
@@ -158,7 +158,7 @@ Mono<DecryptResult> decrypt(DecryptOptions decryptOptions, Context context) {
         byte[] authenticationTag = decryptOptions.getAuthenticationTag();
         KeyOperationParameters parameters = new KeyOperationParameters()
             .setAlgorithm(algorithm)
-            .setValue(decryptOptions.getCiphertext())
+            .setValue(decryptOptions.getCipherText())
             .setIv(iv)
             .setAdditionalAuthenticatedData(additionalAuthenticatedData)
             .setAuthenticationTag(authenticationTag);