Interface CryptoManager

  • @Volatile
    public interface CryptoManager
    Provides low-level encryption routines for implementing Field-Level Encryption as specified by Couchbase RFC-0032.

    An implementation knows how to encrypt and decrypt field values, and provides methods for inspecting and transforming JSON field names to indicate whether a field holds an encrypted value.

    CryptoManager is intended to be usable with any JSON library. The plaintext value of a field is represented by a byte array containing valid JSON. The encrypted form is represented by a Map which may be serialized as a JSON Object by your library of choice.

    If you wish to encrypt or decrypt the fields of a Couchbase JsonObject, it may be more convenient to work with a higher level abstraction like the one provided by the Java SDK's JsonObjectCrypto class.

    Implementations must be thread-safe.

    • Field Detail


        static final String DEFAULT_ENCRYPTER_ALIAS
        The name that refers to the default encrypter if one is present.
        See Also:
        Constant Field Values

        The prefix to use when mangling the names of encrypted fields according to the default name mangling strategy.
        See Also:
        Constant Field Values
    • Method Detail

      • encrypt

        Map<String,​Object> encrypt​(byte[] plaintext,
                                         String encrypterAlias)
        Encrypts the given data using the named encrypter.
        plaintext - the message to encrypt
        encrypterAlias - (nullable) alias of the encrypter to use, or null for default encrypter.
        A map representing the encrypted form of the plaintext.
      • decrypt

        byte[] decrypt​(Map<String,​Object> encryptedNode)
        Selects an appropriate decrypter based on the contents of the encrypted node and uses it to decrypt the data.
        encryptedNode - the encrypted form of a message
        the plaintext message
      • mangle

        default String mangle​(String fieldName)
        Transforms the given field name to indicate its value is encrypted.
      • isMangled

        default boolean isMangled​(String fieldName)
        Returns true if the given field name has been mangled by mangle(String).