/** * Tries to create a {@link KeysetHandle} from an encrypted keyset obtained via {@code reader}. * * <p>Users that need to load cleartext keysets can use {@link CleartextKeysetHandle}. * * @return a new {@link KeysetHandle} from {@code encryptedKeysetProto} that was encrypted with * {@code masterKey} * @throws GeneralSecurityException if cannot decrypt the keyset or it doesn't contain encrypted * key material */ public static final KeysetHandle read(KeysetReader reader, Aead masterKey) throws GeneralSecurityException, IOException { EncryptedKeyset encryptedKeyset = reader.readEncrypted(); assertEnoughEncryptedKeyMaterial(encryptedKeyset); return new KeysetHandle(decrypt(encryptedKeyset, masterKey)); }