/** * @return a new {@link KeysetHandle} from a {@code keyset}. * @throws GeneralSecurityException */ static final KeysetHandle fromKeyset(Keyset keyset) throws GeneralSecurityException { assertEnoughKeyMaterial(keyset); return new KeysetHandle(keyset); }
/** * Tries to create a {@link KeysetHandle} from an encrypted keyset obtained via {@code reader}. * * <p>Users that need to load cleartext keysets can use {@link CleartextKeysetHandle}. * * @return a new {@link KeysetHandle} from {@code encryptedKeysetProto} that was encrypted with * {@code masterKey} * @throws GeneralSecurityException if cannot decrypt the keyset or it doesn't contain encrypted * key material */ public static final KeysetHandle read(KeysetReader reader, Aead masterKey) throws GeneralSecurityException, IOException { EncryptedKeyset encryptedKeyset = reader.readEncrypted(); assertEnoughEncryptedKeyMaterial(encryptedKeyset); return new KeysetHandle(decrypt(encryptedKeyset, masterKey)); }
/** * If the managed keyset contains private keys, returns a {@link KeysetHandle} of the public keys. * * @throws GenernalSecurityException if the managed keyset is null or if it contains any * non-private keys. */ public KeysetHandle getPublicKeysetHandle() throws GeneralSecurityException { if (keyset == null) { throw new GeneralSecurityException("cleartext keyset is not available"); } Keyset.Builder keysetBuilder = Keyset.newBuilder(); for (Keyset.Key key : keyset.getKeyList()) { KeyData keyData = createPublicKeyData(key.getKeyData()); keysetBuilder.addKey(Keyset.Key.newBuilder().mergeFrom(key).setKeyData(keyData).build()); } keysetBuilder.setPrimaryKeyId(keyset.getPrimaryKeyId()); return new KeysetHandle(keysetBuilder.build()); }