import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.Base64;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;

import com.sos.commons.encryption.EncryptionUtils;
import com.sos.commons.encryption.common.EncryptedValue;
import com.sos.commons.encryption.decrypt.Decrypt;
import com.sos.commons.encryption.encrypt.Encrypt;
import com.sos.commons.sign.keys.key.KeyUtil;

private String encrypt(String valueToEncrypt, String pathToCertificate) throws Exception {
        // algorithm to encrypt the value with
    String algorithm = "AES/CBC/PKCS5Padding";
        // generated initialization vector
    IvParameterSpec ivParameterSpec = EncryptionUtils.generateIv();
        // initialization vector base64 encoded for output
    byte[] ivBase64Encoded = Base64.getEncoder().encode(ivParameterSpec.getIV());
        // generate a symmetric key on -the -fly to encrypt the desired value  
    SecretKey key = EncryptionUtils.generateSecretKey(256);
    X509Certificate cert = KeyUtil.getX509Certificate(Paths.get(pathToCertificate));
        // encrypt the symmetric key with the given certificate
    byte[] encryptedKey = EncryptionUtils.encryptSymmetricKey(key, cert);
        // encrypt the desired value with the symmetric key 
    String encryptedValue = Encrypt.encrypt(algorithm, valueToEncrypt, key, ivParameterSpec);
        // return the concatenated ouptut in the format "<encrypted-symmetric-key> <base64-encoded-iv> <encrypted-value>"
    return Encrypt.concatOutput(new String(encryptedKey), new String(ivBase64Encoded), encryptedValue);
}

import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.Base64;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;

import com.sos.commons.encryption.EncryptionUtils;
import com.sos.commons.encryption.common.EncryptedValue;
import com.sos.commons.encryption.decrypt.Decrypt;
import com.sos.commons.encryption.encrypt.Encrypt;
import com.sos.commons.sign.keys.key.KeyUtil;

private String decrypt(String encryptedValue, String pathToPrivateKey) throws Exception {
    Path privateKeyPath = Paths.get(pathToPrivateKey);
    PrivateKey priv = KeyUtil.getPrivateKeyFromString(Files.readString(privateKeyPath));
    EncryptedValue encVal = EncryptedValue.getInstance("decrypt", encryptedValue);
    return Decrypt.decrypt(encVal, priv);
}

import org.junit.Assert;
import org.junit.Test;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

    @Test
    public void testEncipherment() throws Exception {
        // neededrequired parameters
        // the value to encrypt
        String valueToEncrypt = "my test value to encrypt!";
        // Path to the certificate file neededrequired for encryption
        String certificatePath = "path/to/the/certificate/file"; 
        // Path to the private key file  neededrequired for decryption
        String privateKeyPath = "path/to/the/privatekey/file";
    
        // call encrypt methodemethod above with the parameters provided parameters
        String encryptedValue = encrypt(valueToEncrypt, certificatePath);
    
        // call decrypt methodemethod above with the parameters provided parameters
        String decryptedValue = decrypt(encryptedValue, privateKeyPath);
        
        LOGGER.info("valueToEncrypt:\t" + valueToEncrypt);
        LOGGER.info("encrypted Value:\t" + encryptedValue);
        LOGGER.info("decrypted Value:\t" + decryptedValue);
    
        Assert.assertEquals(valueToEncrypt, decryptedValue);
    }