Skip to content

Commit ee39ed5

Browse files
dmihalcik-virtrudmihalcik-virtru
authored
fix(cmdline): Enable ec-wrapped cfg (#231)
1 parent d3be28e commit ee39ed5

File tree

1 file changed

+6
-0
lines changed

1 file changed

+6
-0
lines changed

cmdline/src/main/java/io/opentdf/platform/Command.java

+6
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,7 @@
66
import io.opentdf.platform.sdk.AssertionConfig;
77
import io.opentdf.platform.sdk.AutoConfigureException;
88
import io.opentdf.platform.sdk.Config;
9+
import io.opentdf.platform.sdk.KeyType;
910
import io.opentdf.platform.sdk.Config.AssertionVerificationKeys;
1011
import io.opentdf.platform.sdk.NanoTDF;
1112
import io.opentdf.platform.sdk.SDK;
@@ -145,6 +146,8 @@ void encrypt(
145146
@Option(names = { "-a", "--attr" }, defaultValue = Option.NULL_VALUE) Optional<String> attributes,
146147
@Option(names = { "-c",
147148
"--autoconfigure" }, defaultValue = Option.NULL_VALUE) Optional<Boolean> autoconfigure,
149+
@Option(names = {
150+
"--encap-key-type" }, defaultValue = Option.NULL_VALUE, description = "Preferred key access key wrap algorithm, one of ${COMPLETION-CANDIDATES}") Optional<KeyType> encapKeyType,
148151
@Option(names = { "--mime-type" }, defaultValue = Option.NULL_VALUE) Optional<String> mimeType,
149152
@Option(names = { "--with-assertions" }, defaultValue = Option.NULL_VALUE) Optional<String> assertion)
150153

@@ -161,6 +164,7 @@ void encrypt(
161164
configs.add(Config.withKasInformation(kasInfos));
162165
metadata.map(Config::withMetaData).ifPresent(configs::add);
163166
autoconfigure.map(Config::withAutoconfigure).ifPresent(configs::add);
167+
encapKeyType.map(Config::WithWrappingKeyAlg).ifPresent(configs::add);
164168
mimeType.map(Config::withMimeType).ifPresent(configs::add);
165169

166170
if (assertion.isPresent()) {
@@ -226,6 +230,7 @@ private SDK buildSDK() {
226230

227231
@CommandLine.Command(name = "decrypt")
228232
void decrypt(@Option(names = { "-f", "--file" }, required = true) Path tdfPath,
233+
@Option(names = { "--rewrap-key-type" }, defaultValue = Option.NULL_VALUE, description = "Preferred rewrap algorithm, one of ${COMPLETION-CANDIDATES}") Optional<KeyType> rewrapKeyType,
229234
@Option(names = { "--with-assertion-verification-disabled" }, defaultValue = "false") boolean disableAssertionVerification,
230235
@Option(names = { "--with-assertion-verification-keys" }, defaultValue = Option.NULL_VALUE) Optional<String> assertionVerification)
231236
throws IOException, TDF.FailedToCreateGMAC, JOSEException, ParseException, NoSuchAlgorithmException, DecoderException {
@@ -266,6 +271,7 @@ void decrypt(@Option(names = { "-f", "--file" }, required = true) Path tdfPath,
266271
if (disableAssertionVerification) {
267272
opts.add(Config.withDisableAssertionVerification(true));
268273
}
274+
rewrapKeyType.map(Config::WithSessionKeyType).ifPresent(opts::add);
269275

270276
var readerConfig = Config.newTDFReaderConfig(opts.toArray(new Consumer[0]));
271277
var reader = new TDF().loadTDF(in, sdk.getServices().kas(), readerConfig);

0 commit comments

Comments
 (0)