kiosk-ops-sdk/com.sarastarquant.kioskops.sdk.crypto/FieldLevelEncryptor

FieldLevelEncryptor

class FieldLevelEncryptor(crypto: CryptoProvider)

Encrypts individual JSON fields into envelope format before document encryption.

Encrypted fields are replaced with:

{"__enc":"<base64>","__alg":"AES-256-GCM","__kid":"v1"}
Content copied to clipboard

Uses the existing CryptoProvider infrastructure. NIST SC-28: Protection of Information at Rest.

Since

0.5.0

1.1.0 Throws FieldEncryptionException on failure instead of silently falling back to plaintext (previous behavior leaked PII when the Keystore key was unavailable).

Constructors

Link copied to clipboard
constructor(crypto: CryptoProvider)

Functions

Link copied to clipboard
fun decryptFields(payloadJson: String): String

Decrypt specified fields in a JSON payload.

Link copied to clipboard
fun encryptFields(payloadJson: String, fieldsToEncrypt: Set<String>): String

Encrypt specified fields in a JSON payload.

Generated by Dokka
© 2026 Copyright