MAMDataProtectionManager
extends Object| java.lang.Object | |
| ↳ | com.microsoft.intune.mam.client.identity.MAMDataProtectionManager |
Class Overview
Data protection management facilities. Apps which make use of this class should implement a receiver for the MANAGEMENT_REMOVED notification. After return from handling this notification, buffers which were protected via this class will no longer be readable if file encryption was enabled when the buffers were protected. An app can remediate this situation by calling MAMDataProtectionManager.unprotect on all buffers during this notification. Note that it is also safe to call protect during this notification if it is desired to preserve identity information -- encryption is guaranteed to be disabled during the notification.
Summary
| Public Methods | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| static MAMDataProtectionInfo |
getProtectionInfo(byte[] input)
Get the protection info on a byte array.
| ||||||||||
| static MAMDataProtectionInfo |
getProtectionInfo(InputStream input)
Get the protection info on a stream.
| ||||||||||
| static boolean |
isBackupAllowed(byte[] input)
Determines if the given data buffer is allowed to be backed up.
| ||||||||||
| static boolean |
isBackupAllowed(InputStream input)
Determines if the given data buffer is allowed to be backed up.
| ||||||||||
| static byte[] |
protect(byte[] input, String identity)
This method is deprecated.
Use
protectForOID(byte[], String).
| ||||||||||
| static InputStream |
protect(InputStream input, String identity)
This method is deprecated.
Use
protectForOID(InputStream, String).
| ||||||||||
| static InputStream |
protectForOID(InputStream input, String oid)
Protect a stream.
| ||||||||||
| static byte[] |
protectForOID(byte[] input, String oid)
Protect a byte array.
| ||||||||||
| static InputStream |
unprotect(InputStream input)
Unprotect a stream.
| ||||||||||
| static byte[] |
unprotect(byte[] input)
Unprotect a byte array.
| ||||||||||
|
[Expand]
Inherited Methods | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
From class
java.lang.Object
| |||||||||||
Public Methods
public static MAMDataProtectionInfo getProtectionInfo (byte[] input)
Get the protection info on a byte array.
Parameters
| input | Input bytes to get information on. These must be bytes returned by a previous call to protect() or a copy of such bytes. |
|---|
Returns
- Data protection info, or null if there is no protection info.
Throws
| IOException | If the input cannot be read. |
|---|
public static MAMDataProtectionInfo getProtectionInfo (InputStream input)
Get the protection info on a stream.
Parameters
| input | Input stream to get information on. Either this input stream must have been returned by a previous call to protect OR the input.markSupported() must return true. Otherwise it will be impossible to get protection info without advancing the stream position. The stream must be positioned at the beginning of the protected data. |
|---|
Returns
- Data protection info, or null if there is no protection info.
Throws
| IOException | If the input cannot be read. |
|---|
public static boolean isBackupAllowed (byte[] input)
Determines if the given data buffer is allowed to be backed up.
Parameters
| input | the byte[] data buffer. |
|---|
Returns
- true if the buffer can be backed up, false if not.
Throws
| IOException | if there was an issue while reading from the stream. |
|---|
public static boolean isBackupAllowed (InputStream input)
Determines if the given data buffer is allowed to be backed up.
Parameters
| input | the InputStream data buffer. |
|---|
Returns
- true if the buffer can be backed up, false if not.
Throws
| IOException | if there was an issue while reading from the stream. |
|---|
public static byte[] protect (byte[] input, String identity)
This method is deprecated.
Use protectForOID(byte[], String).
Protect a byte array. This will return protected bytes.
Parameters
| input | Input data to protect. |
|---|---|
| identity | UPN of identity to set. |
Returns
- Protected input data.
Throws
| IOException | If the data could not be protected. |
|---|
public static InputStream protect (InputStream input, String identity)
This method is deprecated.
Use protectForOID(InputStream, String).
Protect a stream. This will return a stream containing the protected input.
Parameters
| input | Input data to protect, read sequentially. This function will change the position of the stream but may not have read the entire stream by the time it returns. The returned stream will wrap this one. Calls to read on the returned stream may cause further reads on the original input stream. Callers should not expect to read directly from the input stream after passing it to this method. Calling close on the returned stream will close this one. |
|---|---|
| identity | UPN of identity to set. |
Returns
- Protected input data.
Throws
| IOException | If the data could not be protected. |
|---|
public static InputStream protectForOID (InputStream input, String oid)
Protect a stream. This will return a stream containing the protected input.
Parameters
| input | Input data to protect, read sequentially. This function will change the position of the stream but may not have read the entire stream by the time it returns. The returned stream will wrap this one. Calls to read on the returned stream may cause further reads on the original input stream. Callers should not expect to read directly from the input stream after passing it to this method. Calling close on the returned stream will close this one. |
|---|---|
| oid | AAD OID of identity to set. |
Returns
- Protected input data.
Throws
| IOException | If the data could not be protected. |
|---|
public static byte[] protectForOID (byte[] input, String oid)
Protect a byte array. This will return protected bytes.
Parameters
| input | Input data to protect. |
|---|---|
| oid | AAD OID of identity to set. |
Returns
- Protected input data.
Throws
| IOException | If the data could not be protected. |
|---|
public static InputStream unprotect (InputStream input)
Unprotect a stream. This will return a stream containing the unprotected input. If the data was not protected to begin with, returns a stream with the original data.
Parameters
| input | Input data to protect, read sequentially. |
|---|
Returns
- Protected input data.
Throws
| IOException | If the data could not be unprotected. Will be MAMKeyNotAvailableException if the data is encrypted but the
app is no longer managed
|
|---|
public static byte[] unprotect (byte[] input)
Unprotect a byte array. This will return unprotected bytes. If the data was not protected to begin with, returns the original data.
Parameters
| input | Input data to protect. |
|---|
Returns
- Unprotected data
Throws
| IOException | If the data could not be unprotected. Will be MAMKeyNotAvailableException if the data is encrypted but the
app is no longer managed
|
|---|