|
| | MOCK_METHOD6 (_encrypt, bool(const std::string &keyAlias, AlgorithmType type, const IV &iv, const DataBlock &plaintext, KeyChecksum &checksum, DataBlock &ciphertext)) |
| |
| | MOCK_METHOD8 (_encryptAE, bool(const std::string &keyAlias, AlgorithmType type, const IV &iv, const DataBlock &aad, const DataBlock &plaintext, KeyChecksum &checksum, DataBlock &ciphertext, DataBlock &tag)) |
| |
| | MOCK_METHOD6 (_decrypt, bool(const std::string &keyAlias, AlgorithmType type, const KeyChecksum &checksum, const IV &iv, const DataBlock &ciphertext, DataBlock &plaintext)) |
| |
| | MOCK_METHOD8 (_decryptAD, bool(const std::string &keyAlias, AlgorithmType type, const KeyChecksum &checksum, const IV &iv, const DataBlock &aad, const DataBlock &ciphertext, const Tag &tag, DataBlock &plaintext)) |
| |
| | MOCK_METHOD1 (_getDefaultKeyAlias, bool(std::string &)) |
| |
| bool | encrypt (const std::string &keyAlias, AlgorithmType type, const IV &iv, const KeyChecksum &plaintext, DataBlock &checksum, DataBlock &ciphertext) noexcept override |
| | Encrypts data block. More...
|
| |
| bool | encryptAE (const std::string &keyAlias, AlgorithmType type, const IV &iv, const DataBlock &aad, const DataBlock &plaintext, KeyChecksum &checksum, DataBlock &ciphertext, Tag &tag) noexcept override |
| | Encrypts data block using authenticated encryption algorithm. More...
|
| |
| bool | decrypt (const std::string &keyAlias, AlgorithmType type, const KeyChecksum &checksum, const IV &iv, const DataBlock &ciphertext, DataBlock &plaintext) noexcept override |
| | Decrypts data block. More...
|
| |
| bool | decryptAD (const std::string &keyAlias, AlgorithmType type, const KeyChecksum &checksum, const IV &iv, const DataBlock &aad, const DataBlock &ciphertext, const Tag &tag, DataBlock &plaintext) noexcept override |
| | Decrypts data block using authenticated decryption algorithm. More...
|
| |
| bool | getDefaultKeyAlias (std::string &keyAlias) noexcept override |
| | Returns default key alias. More...
|
| |
| virtual | ~KeyStoreInterface () noexcept=default |
| | Default destructor. More...
|
| |
|
|
inlineoverridevirtualnoexcept |
Decrypts data block using authenticated decryption algorithm.
Method decrypts data block using additional authenticated data and authentication tag (also known as Message Authentication Code/MAC). This method locates the key, checks if key type supports requested algorithm and has matching checksum (if checksum is supported), and performs decryption.
- Parameters
-
| [in] | keyAlias | Key alias. |
| [in] | type | Algorithm type to use. The method will fail, if type is not AEAD algorithm like AES-GCM. |
| [in] | checksum | Key checksum if available. If implementation doesn't support checksum, the value of this parameter is ignored. The system checks checksum against checksum of a currently available key before decrypting data to ensure we don't try to use a different key, then the one, that has been used during encryption. |
| [in] | iv | Initialization vector. This vector must match have the same value, as the one used when encrypting data. |
| [in] | aad | Additional authenticated data. This data must match AAD used when encrypting the content. Decryption will fail if the data doesn't match. |
| [in] | ciphertext | Data to decrypt. |
| [in] | tag | Authentication tag (also known as MAC). The algorithm uses tag from encryption algorithm to check if the data has been tampered. |
| [in] | plaintext | Decrypted data. This method appends data to plaintext. |
- Returns
- Boolean indicating operation success. If operation fails, the contents of plaintext is undefined.
- See also
- encryptAE()
Implements alexaClientSDK::acsdkCryptoInterfaces::KeyStoreInterface.
|
|
inlineoverridevirtualnoexcept |
Encrypts data block using authenticated encryption algorithm.
Method encrypts data block using authenticated encryption. The method locates the key, checks if the key type supports the algorithm, and performs encryption using provided initialization vector and additional authenticated data. As a result, the method provides key checksum (if supported), authentication tag (also known as Message Authentication Code/MAC), and encrypted content.
- Parameters
-
| [in] | keyAlias | Key alias. |
| [in] | type | Algorithm type to use. The method will fail, if type is not AEAD algorithm like AES-GCM. |
| [in] | iv | Initialization vector. |
| [in] | aad | Additional authenticated data. This data works as an input to encryption function to ensure that the resulting ciphertext can be decrypted only with the same AAD. |
| [in] | plaintext | Data to encrypt. |
| [out] | checksum | Key checksum. The method appends data to checksum if this attribute is supported by implementation. |
| [out] | ciphertext | Encrypted data. The method appends data to ciphertext container. |
| [out] | tag | Authentication tag (also known as MAC). Authentication tag must be provided to decryption function to prevent data tampering. The method appends data to tag container. |
- Returns
- Boolean indicating operation success. If operation fails, the contents of checksum, ciphertext, and tag are undefined.
- See also
- decryptAD()
Implements alexaClientSDK::acsdkCryptoInterfaces::KeyStoreInterface.
| bool alexaClientSDK::acsdkCryptoInterfaces::test::MockKeyStore::getDefaultKeyAlias |
( |
std::string & |
keyAlias | ) |
|
|
inlineoverridevirtualnoexcept |
Returns default key alias.
Get default key alias. Any component can have component-specific configuration or use default configuration.
Default key alias is a platform configuration parameter, and may change over time. When the alias changes, implementation must use new alias to encrypt new data, and must use old alias to decrypt existing data as long as the old key exists.
- Parameters
-
| [out] | keyAlias | Reference to key alias. The method replaces contents of keyAlias. |
- Returns
- Returns true if main key alias is stored into keyAlias. Returns false on error.
Implements alexaClientSDK::acsdkCryptoInterfaces::KeyStoreInterface.
Public Member Functions inherited from alexaClientSDK::acsdkCryptoInterfaces::KeyStoreInterface