/** * @return a new {@link KeysetHandle} from a {@code keyset}. * @throws GeneralSecurityException */ static final KeysetHandle fromKeyset(Keyset keyset) throws GeneralSecurityException { assertEnoughKeyMaterial(keyset); return new KeysetHandle(keyset); }
/** Decrypts the encrypted keyset with the {@link Aead} master key. */ private static Keyset decrypt(EncryptedKeyset encryptedKeyset, Aead masterKey) throws GeneralSecurityException { try { Keyset keyset = Keyset.parseFrom( masterKey.decrypt( encryptedKeyset.getEncryptedKeyset().toByteArray(), /* associatedData= */ new byte[0])); // check emptiness here too, in case the encrypted keys unwrapped to nothing? assertEnoughKeyMaterial(keyset); return keyset; } catch (InvalidProtocolBufferException e) { throw new GeneralSecurityException("invalid keyset, corrupted key material"); } }