Simplifying JceKeyCipher methods

WesleyRosenblum · WesleyRosenblum · commit 28ec657022db · 2019-10-31T20:02:59.000-07:00
diff --git a/src/main/java/com/amazonaws/encryptionsdk/internal/JceKeyCipher.java b/src/main/java/com/amazonaws/encryptionsdk/internal/JceKeyCipher.java
@@ -21,6 +21,7 @@
 
 import javax.crypto.Cipher;
 import javax.crypto.SecretKey;
+import javax.crypto.spec.SecretKeySpec;
 import java.nio.charset.Charset;
 import java.nio.charset.StandardCharsets;
 import java.security.GeneralSecurityException;
@@ -80,7 +81,7 @@ abstract Cipher buildUnwrappingCipher(Key key, byte[] extraInfo, int offset,
      *                         during encryption and decryption to provide additional authenticated data (AAD).
      * @return The encrypted data key.
      */
-    public EncryptedDataKey encryptKey(final Key key, final String keyName,
+    public EncryptedDataKey encryptKey(final SecretKey key, final String keyName,
                                        final Map<String, String> encryptionContext) {
 
         final byte[] keyBytes = key.getEncoded();
@@ -112,7 +113,7 @@ public EncryptedDataKey encryptKey(final Key key, final String keyName,
      * @return The decrypted key.
      * @throws GeneralSecurityException If a problem occurred decrypting the key.
      */
-    public KeyBlob decryptKey(final CryptoAlgorithm algorithm, final EncryptedDataKey edk, final String keyName,
+    public SecretKey decryptKey(final CryptoAlgorithm algorithm, final EncryptedDataKey edk, final String keyName,
                               final Map<String, String> encryptionContext) throws GeneralSecurityException {
         final byte[] keyNameBytes = keyName.getBytes(KEY_NAME_ENCODING);
 
@@ -124,7 +125,7 @@ public KeyBlob decryptKey(final CryptoAlgorithm algorithm, final EncryptedDataKe
             return null;
         }
 
-        return new KeyBlob(edk.getProviderId(), edk.getProviderInformation(), rawKey);
+        return new SecretKeySpec(rawKey, algorithm.getDataKeyAlgo());
     }
 
     static class WrappingData {
diff --git a/src/main/java/com/amazonaws/encryptionsdk/jce/JceMasterKey.java b/src/main/java/com/amazonaws/encryptionsdk/jce/JceMasterKey.java
@@ -20,7 +20,6 @@
 import com.amazonaws.encryptionsdk.exception.AwsCryptoException;
 import com.amazonaws.encryptionsdk.exception.UnsupportedProviderException;
 import com.amazonaws.encryptionsdk.internal.JceKeyCipher;
-import com.amazonaws.encryptionsdk.model.KeyBlob;
 
 import javax.crypto.SecretKey;
 import javax.crypto.spec.SecretKeySpec;
@@ -145,12 +144,10 @@ public DataKey<JceMasterKey> decryptDataKey(final CryptoAlgorithm algorithm,
             try {
                 if (edk.getProviderId().equals(getProviderId())
                         && arrayPrefixEquals(edk.getProviderInformation(), keyIdBytes_, keyIdBytes_.length)) {
-                    final KeyBlob decryptedKey = jceKeyCipher_.decryptKey(algorithm, edk, keyId_, encryptionContext);
+                    final SecretKey decryptedKey = jceKeyCipher_.decryptKey(algorithm, edk, keyId_, encryptionContext);
 
                     if(decryptedKey != null) {
-                        return new DataKey<>(
-                                new SecretKeySpec(decryptedKey.getEncryptedDataKey(), algorithm.getDataKeyAlgo()),
-                                edk.getEncryptedDataKey(), edk.getProviderInformation(), this);
+                        return new DataKey<>(decryptedKey, edk.getEncryptedDataKey(), edk.getProviderInformation(), this);
                     }
                 }
             } catch (final Exception ex) {
