Interface to a data integrity and confidentiality tool, and a default implementation.
More...
#include <xmltooling/security/DataSealer.h>
|
| DataSealer (DataSealerKeyStrategy *strategy) |
| Creates a data sealer on top of a particular key strategy. More...
|
|
virtual std::string | wrap (const char *s, time_t exp) const |
| Encodes data into an AEAD-encrypted blob, gzip(exp|data) More...
|
|
virtual std::string | unwrap (const char *s) const |
| Decrypts and verifies an encrypted bundle wrapped via this object. More...
|
|
Interface to a data integrity and confidentiality tool, and a default implementation.
◆ DataSealer()
Creates a data sealer on top of a particular key strategy.
Ownership of the DataSealerKeyStrategy is assumed by this object upon successful construction.
- Parameters
-
◆ unwrap()
virtual std::string xmltooling::DataSealer::unwrap |
( |
const char * |
s | ) |
const |
|
virtual |
Decrypts and verifies an encrypted bundle wrapped via this object.
- Parameters
-
- Returns
- the decrypted data, if it's unexpired
◆ wrap()
virtual std::string xmltooling::DataSealer::wrap |
( |
const char * |
s, |
|
|
time_t |
exp |
|
) |
| const |
|
virtual |
Encodes data into an AEAD-encrypted blob, gzip(exp|data)
-
exp = expiration time of the data; encoded into ISO format
-
data = the data; a UTF-8-encoded string
As part of encryption, the key alias is supplied as additional authenticated data to the cipher. Afterwards, the encrypted data is prepended by the IV and then again by the alias (in length-prefixed UTF-8 format), which identifies the key used. Finally the result is encoded safely for ASCII use (e.g., base64).
- Parameters
-
s | the data to wrap |
exp | expiration time |
- Returns
- the encoded blob
The documentation for this class was generated from the following file:
- xmltooling/security/DataSealer.h