Interface to a data integrity and confidentiality tool, and a default implementation. More...
#include <xmltooling/security/DataSealer.h>
Public Member Functions | |
DataSealer (DataSealerKeyStrategy *strategy) | |
Creates a data sealer on top of a particular key strategy. | |
virtual std::string | wrap (const char *s, time_t exp) const |
Encodes data into an AEAD-encrypted blob, gzip(exp|data). | |
virtual std::string | unwrap (const char *s) const |
Decrypts and verifies an encrypted bundle wrapped via this object. |
Interface to a data integrity and confidentiality tool, and a default implementation.
xmltooling::DataSealer::DataSealer | ( | DataSealerKeyStrategy * | strategy | ) |
Creates a data sealer on top of a particular key strategy.
Ownership of the DataSealerKeyStrategy is assumed by this object upon successful construction.
strategy | pointer to a DataSealerKeyStrategy |
virtual std::string xmltooling::DataSealer::unwrap | ( | const char * | s | ) | const [virtual] |
Decrypts and verifies an encrypted bundle wrapped via this object.
s | the encoded blob |
virtual std::string xmltooling::DataSealer::wrap | ( | const char * | s, | |
time_t | exp | |||
) | const [virtual] |
Encodes data into an AEAD-encrypted blob, gzip(exp|data).
As part of encryption, the key alias is supplied as additional authenticated data to the cipher. Afterwards, the encrypted data is prepended by the IV and then again by the alias (in length-prefixed UTF-8 format), which identifies the key used. Finally the result is encoded safely for ASCII use (e.g., base64).
s | the data to wrap | |
exp | expiration time |