Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo

All

  • All
back

KMIP Encrypt and Decrypt

KMIP Decrypt

search

Please Note:

KMIP Decrypt

KMIP Decrypt request includes information about the cryptographic parameters, mode and padding method, data to be decrypted and the IV to be used. The decrypt request may not contain the IV if the algorithm does not use an IV. The response includes the key i.e. the unique identifier of the managed cryptographic object and the decrypted text.

For AES

KMIPCipher cipher = KMIPCipher.getInstance(string algoName);
KMIPIvSpec spec = new KMIPIvSpec(byte[] iv);
cipher.init(KMIPCipher.DECRYPT_MODE, KMIPIvSpec spec, KMIPSession session, String uid);
KMIPCryptoResult res=cipher.doFinal(byte[] data);

Example

KMIPCipher cipher1 = KMIPCipher.getInstance("AES/CBC/PKCS5Padding");
KMIPIvSpec spec1 = new KMIPIvSpec(IngrianProvider.hex2ByteArray(result.getIv()));
cipher1.init(KMIPCipher.DECRYPT_MODE, spec1, session,"516BB93CF328774BA0545BC819FE26ACA8054430B0FF32BA9EA119BF6187A075");
KMIPCryptoResult result1 = cipher1.doFinal(result.getData());
System.out.println(new String(result1.getData()));

Note

Instead of UID, keyName can also be used. Check overloaded API for same.

For AES/GCM

KMIPCipher cipher = KMIPCipher.getInstance(string algoName);
KMIPGCMSpec spec = new KMIPGCMSpec(int tagLength, byte[] bytes));

For RSA

KMIPCipher cipher = KMIPCipher.getInstance(string algoName);
cipher.init(KMIPCipher.DECRYPT_MODE, KMIPSession session, String uid);
KMIPCryptoResult result = cipher.doFinal(byte[] data);

On this page