IronCore Labs Home
  1. Docs

Tenant Security Client Java

The SDK is published to Maven. Refer to their docs on how to add this library as a dependency to your existing JVM application. The minimum Java version supported by this library is Java 8 Update 152.

Quickstart

This is a minimal example of round tripping a document.

Java

import java.util.Map;
import com.ironcorelabs.tenantsecurity.kms.v1.*;

// Initialize the client with a Tenant Security Proxy domain and API key.
// Typically this would be done once when the application or service initializes
TenantSecurityClient client = TenantSecurityClient.create(PROXY_ENDPOINT, API_KEY).get();

// Create a map containing your document data
Map<String, byte[]> documentMap = new HashMap<>();
documentMap.put("ssn", "000-12-2345".getBytes("UTF-8"));
documentMap.put("address", "2825-519 Stone Creek Rd, Bozeman, MT 59715".getBytes("UTF-8"));
documentMap.put("name", "Jim Bridger".getBytes("UTF-8"));

// Create metadata used to associate this document to a tenant, name the document, and
// identify the service or user making the call
DocumentMetadata metadata = new DocumentMetadata(TENANT_ID, "serviceOrUserId", "document label");

// Request a key from the KMS and use it to encrypt the document
EncryptedDocument encryptedResults = client.encrypt(documentMap, metadata).get();

/* … persist the encryptedResults.getEdek() and encryptedResults.getEncryptedFields() … */
String edek = encryptedResults.getEdek();
Map<String, byte[]> fields = encryptedResults.getEncryptedFields();
/* … retrieve the encrypted fields and EDEK from your persistence layer */

// Recreate the encrypted document from persisted data
EncryptedDocument recreated = new EncryptedDocument(fields, edek);

// Decrypt the document back to plaintext
PlaintextDocument decryptedResults = client.decrypt(recreated, metadata).get();
Map<String, byte[]> decryptedDocumentMap = decryptedResults.getDecryptedFields();

There is also a batch API that may be useful if you’re operating on many documents at once.

Examples

Examples of using the Tenant Security Client SDK to protect sensitive data can be found on GitHub.

Javadocs

See the Javadocs for a more complete register of all exposed classes and methods.

Changelog

The changelog can be viewed in the library repository.

Was this page helpful?