Class AesColumnEncryptionPolicy.AesKeyAndIV
This type contains a key and an IV to be used in AES encryption. The length of the IV has to be 16 bytes and the length of the key can be 128, 192 or 256 bits.
The IV is optional. If no IV is provided, a new one will be randomly generated every time an encryption operation happens. AesColumnEncryptionPolicy encrypts values so that they contain the IV, i.e., the driver can discard an IV as soon as it is used and it will still be able to decrypt any encrypted value regardless of the IV that was used.
If you use an encrypted column in WHERE clauses of SELECT statements or any other server side operations that require the raw encrypted bytes of two equivalent "application" values to be the same then a "static" IV should be provided in this object instead of making the driver generate one for each encryption operation. E.g. let's say there is an "INSERT INTO table (X, Y) VALUES (?, ?)" statement and a "SELECT * FROM table where X = ?" statement where X is an encrypted column. If you don't provide an IV then an IV will be generated by the AesColumnEncryptionPolicy per encryption operation so the IV that will be used when encrypting the parameter for the INSERT statement will not be the same IV that is used when encrypting the parameter for the SELECT statement so these two values will not match on the server side and 0 rows will be returned.
Inheritance
Inherited Members
Namespace: Cassandra
Assembly: Cassandra.dll
Syntax
public class AesColumnEncryptionPolicy.AesKeyAndIV
Constructors
AesKeyAndIV(byte[], byte[])
Constructor that allows you to provide the IV. If you don't need to provide a static IV, use AesKeyAndIV(byte[]). For information about whether you should provide an IV or not, see the documentation on this class AesColumnEncryptionPolicy.AesKeyAndIV.
Declaration
public AesKeyAndIV(byte[] key, byte[] iv)
Parameters
Type | Name | Description |
---|---|---|
byte[] | key | |
byte[] | iv |
AesKeyAndIV(byte[])
Constructor that doesn't allow you to provide the IV. If you need to provide a static IV, use AesKeyAndIV(byte[], byte[]). For information about whether you should provide an IV or not, see the documentation on this class AesColumnEncryptionPolicy.AesKeyAndIV.
Declaration
public AesKeyAndIV(byte[] key)
Parameters
Type | Name | Description |
---|---|---|
byte[] | key |
Properties
IV
AES IV (should be 16 byte length) or null to make the policy generate one per encryption operation.
Declaration
public byte[] IV { get; }
Property Value
Type | Description |
---|---|
byte[] |
Key
AES Key (should be 128, 192 or 256 bits)
Declaration
public byte[] Key { get; }
Property Value
Type | Description |
---|---|
byte[] |