RepositoryObjectBlockEncryptor (nifi-security-utils 1.11.2 API)

All Superinterfaces:

RepositoryObjectEncryptor

All Known Implementing Classes:

RepositoryObjectAESGCMEncryptor
```
public interface RepositoryObjectBlockEncryptor
extends RepositoryObjectEncryptor
```
Provides an interface for encrypting and decrypting repository objects using a block cipher. This is suited for small objects like flowfile and provenance events. For larger objects (like content claims), see RepositoryObjectStreamEncryptor.

Method Summary

All Methods Instance Methods Abstract Methods
Modifier and Type	Method and Description
`byte[]`	`decrypt(byte[] encryptedRecord, String recordId)` Decrypts the provided byte[] (an encrypted record with accompanying metadata).
`byte[]`	`encrypt(byte[] plainRecord, String recordId, String keyId)` Encrypts the serialized byte[].
`String`	`getNextKeyId()` Returns a valid key identifier for this encryptor (valid for encryption and decryption) or throws an exception if none are available.
`void`	`initialize(KeyProvider keyProvider)` Initializes the encryptor with a `KeyProvider`.

- Method Detail
  - initialize
```
void initialize(KeyProvider keyProvider)
         throws KeyManagementException
```
    Initializes the encryptor with a KeyProvider.
    
    Specified by:
    
    initialize in interface RepositoryObjectEncryptor
    
    Parameters:
    
    keyProvider - the key provider which will be responsible for accessing keys
    
    Throws:
    
    KeyManagementException - if there is an issue configuring the key provider
  - encrypt
```
byte[] encrypt(byte[] plainRecord,
               String recordId,
               String keyId)
        throws EncryptionException
```
    Encrypts the serialized byte[].
    
    Parameters:
    
    plainRecord - the plain record, serialized to a byte[]
    
    recordId - an identifier for this record (eventId, generated, etc.)
    
    keyId - the ID of the key to use
    
    Returns:
    
    the encrypted record
    
    Throws:
    
    EncryptionException - if there is an issue encrypting this record
  - decrypt
```
byte[] decrypt(byte[] encryptedRecord,
               String recordId)
        throws EncryptionException
```
    Decrypts the provided byte[] (an encrypted record with accompanying metadata).
    
    Parameters:
    
    encryptedRecord - the encrypted record in byte[] form
    
    recordId - an identifier for this record (eventId, generated, etc.)
    
    Returns:
    
    the decrypted record
    
    Throws:
    
    EncryptionException - if there is an issue decrypting this record
  - getNextKeyId
```
String getNextKeyId()
             throws KeyManagementException
```
    Returns a valid key identifier for this encryptor (valid for encryption and decryption) or throws an exception if none are available.
    
    Returns:
    
    the key ID
    
    Throws:
    
    KeyManagementException - if no available key IDs are valid for both operations

Interface RepositoryObjectBlockEncryptor

Method Summary

Method Detail

initialize

encrypt

decrypt

getNextKeyId