1 /*
2 * GordianKnot: Security Suite
3 * Copyright 2012-2026. Tony Washer
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License"); you may not
6 * use this file except in compliance with the License. You may obtain a copy
7 * of the License at
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
13 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
14 * License for the specific language governing permissions and limitations under
15 * the License.
16 */
17 package io.github.tonywasher.joceanus.gordianknot.api.cipher;
18
19 import io.github.tonywasher.joceanus.gordianknot.api.base.GordianException;
20 import io.github.tonywasher.joceanus.gordianknot.api.base.GordianKeySpec;
21 import io.github.tonywasher.joceanus.gordianknot.api.cipher.spec.GordianSymKeySpec;
22 import io.github.tonywasher.joceanus.gordianknot.api.key.GordianKey;
23 import io.github.tonywasher.joceanus.gordianknot.api.keypair.GordianKeyPair;
24
25 import java.security.spec.X509EncodedKeySpec;
26
27 /**
28 * GordianKnot base for Wrap Cipher.
29 */
30 public interface GordianWrapper {
31 /**
32 * Obtain the keyType.
33 *
34 * @return the keyType
35 */
36 GordianSymKeySpec getKeySpec();
37
38 /**
39 * Secure key.
40 *
41 * @param pKeyToSecure the key to secure
42 * @return the securedKey
43 * @throws GordianException on error
44 */
45 byte[] secureKey(GordianKey<?> pKeyToSecure) throws GordianException;
46
47 /**
48 * Derive key from bytes.
49 *
50 * @param <T> type of key to be derived
51 * @param pSecuredKey the securedKey
52 * @param pKeyType the type of key to be derived
53 * @return the derived key
54 * @throws GordianException on error
55 */
56 <T extends GordianKeySpec> GordianKey<T> deriveKey(byte[] pSecuredKey,
57 T pKeyType) throws GordianException;
58
59 /**
60 * Secure privateKey.
61 *
62 * @param pKeyPair the keyPair to secure
63 * @return the securedPrivateKey
64 * @throws GordianException on error
65 */
66 byte[] securePrivateKey(GordianKeyPair pKeyPair) throws GordianException;
67
68 /**
69 * Derive the keyPair from the PKCS8/X509 encodings.
70 *
71 * @param pPublicKeySpec the publicKeySpec
72 * @param pSecuredPrivateKey the secured privateKey
73 * @return the derived keyPair
74 * @throws GordianException on error
75 */
76 GordianKeyPair deriveKeyPair(X509EncodedKeySpec pPublicKeySpec,
77 byte[] pSecuredPrivateKey) throws GordianException;
78
79 /**
80 * secure bytes.
81 *
82 * @param pBytesToSecure the bytes to secure
83 * @return the securedBytes
84 * @throws GordianException on error
85 */
86 byte[] secureBytes(byte[] pBytesToSecure) throws GordianException;
87
88 /**
89 * derive bytes.
90 *
91 * @param pSecuredBytes the secured bytes
92 * @return the derivedBytes
93 * @throws GordianException on error
94 */
95 default byte[] deriveBytes(final byte[] pSecuredBytes) throws GordianException {
96 return deriveBytes(pSecuredBytes, 0);
97 }
98
99 /**
100 * derive bytes.
101 *
102 * @param pSecuredBytes the secured bytes
103 * @param pOffset the offset within the secured bytes
104 * @return the derivedBytes
105 * @throws GordianException on error
106 */
107 byte[] deriveBytes(byte[] pSecuredBytes,
108 int pOffset) throws GordianException;
109
110 /**
111 * Obtain wrapped size of a key.
112 *
113 * @param pKey the keyToWrap
114 * @return the wrapped length
115 */
116 int getKeyWrapLength(GordianKey<?> pKey);
117
118 /**
119 * Obtain wrapped size of a byte array of the given length.
120 *
121 * @param pDataLength the length of the byte array
122 * @return the wrapped length
123 */
124 int getDataWrapLength(int pDataLength);
125
126 /**
127 * Obtain wrapped size of the privateKey of a keyPair.
128 *
129 * @param pKeyPair the keyPair
130 * @return the wrapped length
131 * @throws GordianException on error
132 */
133 int getPrivateKeyWrapLength(GordianKeyPair pKeyPair) throws GordianException;
134 }