Class SecretEncryptor

java.lang.Object

com.scivicslab.actoriac.SecretEncryptor

public class SecretEncryptor
extends Object

Utility for encrypting and decrypting secrets using AES-256-GCM.

This class provides authenticated encryption with AES-256 in GCM mode, which provides both confidentiality and integrity protection.

Usage Example

// Generate a new encryption key
String key = SecretEncryptor.generateKey();
System.out.println("ACTOR_IAC_SECRET_KEY=" + key);

// Encrypt a file
String plaintext = Files.readString(Path.of("secrets.ini"));
String encrypted = SecretEncryptor.encrypt(plaintext, key);
Files.writeString(Path.of("secrets.enc"), encrypted);

// Decrypt a file
String encryptedContent = Files.readString(Path.of("secrets.enc"));
String decrypted = SecretEncryptor.decrypt(encryptedContent, key);

Author:

devteam@scivics-lab.com

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	SecretEncryptor.EncryptionException	Exception thrown when encryption/decryption operations fail.

Field Summary

Fields

Modifier and Type	Field	Description
private static final String	ALGORITHM
private static final int	GCM_IV_LENGTH
private static final int	GCM_TAG_LENGTH
private static final int	KEY_SIZE
private static final String	TRANSFORMATION

Constructor Summary

Constructors

Constructor	Description
SecretEncryptor()

Method Summary

Modifier and Type	Method	Description
static String	decrypt(String encryptedBase64, String base64Key)	Decrypts encrypted data using AES-256-GCM.
static String	encrypt(String plaintext, String base64Key)	Encrypts plaintext using AES-256-GCM.
static String	generateKey()	Generates a new random encryption key.

Methods inherited from class Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

ALGORITHM

private static final String ALGORITHM

See Also:

• Constant Field Values

TRANSFORMATION

private static final String TRANSFORMATION

See Also:

• Constant Field Values

KEY_SIZE

private static final int KEY_SIZE

See Also:

• Constant Field Values

GCM_IV_LENGTH

private static final int GCM_IV_LENGTH

See Also:

• Constant Field Values

GCM_TAG_LENGTH

private static final int GCM_TAG_LENGTH

See Also:

• Constant Field Values

Constructor Details

SecretEncryptor

public SecretEncryptor()

Method Details

generateKey

public static String generateKey()
                          throws SecretEncryptor.EncryptionException

Generates a new random encryption key.

Returns:

Base64-encoded encryption key

Throws:

SecretEncryptor.EncryptionException - if key generation fails

encrypt

public static String encrypt(String plaintext,
 String base64Key)
                      throws SecretEncryptor.EncryptionException

Encrypts plaintext using AES-256-GCM.

Parameters:

plaintext - the text to encrypt

base64Key - Base64-encoded encryption key

Returns:

Base64-encoded encrypted data (IV + ciphertext + tag)

Throws:

SecretEncryptor.EncryptionException - if encryption fails

decrypt

public static String decrypt(String encryptedBase64,
 String base64Key)
                      throws SecretEncryptor.EncryptionException

Decrypts encrypted data using AES-256-GCM.

Parameters:

encryptedBase64 - Base64-encoded encrypted data (IV + ciphertext + tag)

base64Key - Base64-encoded encryption key

Returns:

decrypted plaintext

Throws:

SecretEncryptor.EncryptionException - if decryption fails