Class SecretEncryptor
java.lang.Object
com.scivicslab.turingworkflow.plugins.secret.SecretEncryptor
Utility for encrypting and decrypting secrets using AES-256-GCM.
This class provides authenticated encryption with AES-256 in GCM mode, which provides both confidentiality and integrity protection.
Usage Example
// Generate a new encryption key
String key = SecretEncryptor.generateKey();
// Encrypt a file
String plaintext = Files.readString(Path.of("secrets.ini"));
String encrypted = SecretEncryptor.encrypt(plaintext, key);
Files.writeString(Path.of("secrets.enc"), encrypted);
// Decrypt a file
String encryptedContent = Files.readString(Path.of("secrets.enc"));
String decrypted = SecretEncryptor.decrypt(encryptedContent, key);
- Since:
- 1.0.0
- Author:
- devteam@scivicslab.com
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic classException thrown when encryption or decryption operations fail. -
Constructor Summary
Constructors -
Method Summary
-
Constructor Details
-
SecretEncryptor
public SecretEncryptor()
-
-
Method Details
-
generateKey
Generates a new random encryption key.- Returns:
- Base64-encoded encryption key
- Throws:
SecretEncryptor.EncryptionException- if key generation fails
-
encrypt
public static String encrypt(String plaintext, String base64Key) throws SecretEncryptor.EncryptionException Encrypts plaintext using AES-256-GCM.- Parameters:
plaintext- the text to encryptbase64Key- Base64-encoded encryption key- Returns:
- Base64-encoded encrypted data (IV + ciphertext + tag)
- Throws:
SecretEncryptor.EncryptionException- if encryption fails
-
decrypt
public static String decrypt(String encryptedBase64, String base64Key) throws SecretEncryptor.EncryptionException Decrypts encrypted data using AES-256-GCM.- Parameters:
encryptedBase64- Base64-encoded encrypted data (IV + ciphertext + tag)base64Key- Base64-encoded encryption key- Returns:
- decrypted plaintext
- Throws:
SecretEncryptor.EncryptionException- if decryption fails
-