AdvancedDocumentOperations

public struct AdvancedDocumentOperations

IronOxide Advanced Document Operations

Key Terms

EDEKs - Encrypted document encryption keys produced by unmanaged document encryption and required for unmanaged document decryption.


                    
                    
                    encryptUnmanaged(bytes:options:)

Encrypts the provided document bytes without being managed by the IronCore service.

The webservice is still needed for looking up public keys and evaluating policies, but no document is created and the EDEKs are not stored. An additional burden is put on the caller in that both the encrypted data and the EDEKs must be provided for decryption.

Declaration

Swift

public func encryptUnmanaged(
    bytes: [UInt8],
    options: DocumentEncryptOpts = DocumentEncryptOpts()
) -> Result<DocumentEncryptUnmanagedResult, IronOxideError>

Parameters

`bytes`	Bytes of the document to encrypt
`options`	Document encryption parameters


                    
                    
                    decryptUnmanaged(encryptedBytes:encryptedDeks:)

Decrypts a document not managed by the IronCore service.

Requires the encrypted data and EDEKs returned from encryptUnmanaged.

The webservice is still needed to transform a chosen EDEK so it can be decrypted by the caller’s private key.

Declaration

Swift

public func decryptUnmanaged(encryptedBytes: [UInt8], encryptedDeks: [UInt8]) -> Result<DocumentDecryptUnmanagedResult, IronOxideError>

Parameters

`encryptedBytes`	Bytes of the encrypted document
`encryptedDeks`	EDEKs associated with the encrypted document