Tenant Security Client Java

The SDK is published to Maven. Refer to their docs on how to add this library as a dependency to your existing JVM application. The minimum Java version supported by this library is Java 8 Update 152.

Quickstart

This is a minimal example of round tripping a document.

import java.util.Map;
import com.ironcorelabs.tenantsecurity.kms.v1.*;

// Initialize the client with a Tenant Security Proxy domain and API key.
// Typically this would be done once when the application or service initializes
client = TenantSecurityKMSClient.create(PROXY_ENDPOINT, API_KEY).get();

// Create a map containing your document data
Map<String, byte[]> documentMap = new HashMap<>();
documentMap.put("ssn", "000-12-2345".getBytes("UTF-8"));
documentMap.put("address", "2825-519 Stone Creek Rd, Bozeman, MT 59715".getBytes("UTF-8"));
documentMap.put("name", "Jim Bridger".getBytes("UTF-8"));

// Create metadata used to associate this document to a tenant, name the document, and
// identify the service or user making the call
DocumentMetadata metadata = new DocumentMetadata(TENANT_ID, "serviceOrUserId", "document label");

// Request a key from the KMS and use it to encrypt the document
EncryptedDocument encryptedResults = client.encrypt(documentMap, metadata).get();

/* … persist the encryptedResults.getEdek() and encryptedResults.getEncryptedFields() … */
String edek = encryptedResults.getEdek();
Map<String, byte[]> fields = encryptedResults.getEncryptedFields();
/* … retrieve the encrypted fields and EDEK from your persistence layer */

// Recreate the encrypted document from persisted data
EncryptedDocument recreated = new EncryptedDocument(fields, edek);

// Decrypt the document back to plaintext
PlaintextDocument decryptedResults = client.decrypt(recreated, metadata).get();
Map<String, byte[]> decryptedDocumentMap = decryptedResults.getDecryptedFields();

There is also a batch API that may be useful if you’re operating on many documents at once.

Javadocs

See the Javadocs for a more complete register of all exposed classes and methods.

Changelog

The changelog can be viewed in the library repository.

Features

We Are For

Trust Center

Contact Us

Follow Us