Package com.amazonaws.encryptionsdk
Class MasterKeyProvider<K extends MasterKey<K>>
- java.lang.Object
-
- com.amazonaws.encryptionsdk.MasterKeyProvider<K>
-
- Type Parameters:
K- the type ofMasterKeyreturned by this provider
- Direct Known Subclasses:
KeyStoreProvider,KmsMasterKeyProvider,MasterKey
public abstract class MasterKeyProvider<K extends MasterKey<K>> extends Object
Represents the logic necessary to select and constructMasterKeys for encrypting and decrypting messages. This is an abstract class.
-
-
Constructor Summary
Constructors Constructor Description MasterKeyProvider()
-
Method Summary
All Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description protected AwsCryptoExceptionbuildCannotDecryptDksException()protected AwsCryptoExceptionbuildCannotDecryptDksException(Throwable t)protected AwsCryptoExceptionbuildCannotDecryptDksException(List<? extends Throwable> t)booleancanProvide(String provider)Returns true if this MasterKeyProvider can provide keys from the specified @{code provider}.abstract DataKey<K>decryptDataKey(CryptoAlgorithm algorithm, Collection<? extends EncryptedDataKey> encryptedDataKeys, Map<String,String> encryptionContext)Iterates throughencryptedDataKeysand returns the first one which can be successfully decrypted.abstract StringgetDefaultProviderId()ProviderId used by this instance when no other is specified.KgetMasterKey(String keyId)Equivalent to callinggetMasterKey(String, String)usinggetDefaultProviderId()as the provider.abstract KgetMasterKey(String provider, String keyId)Returns the specifiedMasterKeyif possible.abstract List<K>getMasterKeysForEncryption(MasterKeyRequest request)Returns allMasterKeys which should be used to protect the plaintext described byrequest.
-
-
-
Method Detail
-
getDefaultProviderId
public abstract String getDefaultProviderId()
ProviderId used by this instance when no other is specified.
-
canProvide
public boolean canProvide(String provider)
Returns true if this MasterKeyProvider can provide keys from the specified @{code provider}.- Parameters:
provider-- Returns:
-
getMasterKey
public K getMasterKey(String keyId) throws UnsupportedProviderException, NoSuchMasterKeyException
Equivalent to callinggetMasterKey(String, String)usinggetDefaultProviderId()as the provider.
-
getMasterKey
public abstract K getMasterKey(String provider, String keyId) throws UnsupportedProviderException, NoSuchMasterKeyException
Returns the specifiedMasterKeyif possible.- Parameters:
provider-keyId-- Returns:
- Throws:
UnsupportedProviderException- if this object cannot returnMasterKeys associated with the given providerNoSuchMasterKeyException- if this object cannot find (and thus construct) theMasterKeyassociated withkeyId
-
getMasterKeysForEncryption
public abstract List<K> getMasterKeysForEncryption(MasterKeyRequest request)
Returns allMasterKeys which should be used to protect the plaintext described byrequest.
-
decryptDataKey
public abstract DataKey<K> decryptDataKey(CryptoAlgorithm algorithm, Collection<? extends EncryptedDataKey> encryptedDataKeys, Map<String,String> encryptionContext) throws UnsupportedProviderException, AwsCryptoException
Iterates throughencryptedDataKeysand returns the first one which can be successfully decrypted.- Returns:
- a DataKey if one can be decrypted, otherwise returns
null - Throws:
UnsupportedProviderException- if theencryptedDataKeyis associated with an unsupported providerCannotUnwrapDataKeyException- if theencryptedDataKeycannot be decryptedAwsCryptoException
-
buildCannotDecryptDksException
protected AwsCryptoException buildCannotDecryptDksException()
-
buildCannotDecryptDksException
protected AwsCryptoException buildCannotDecryptDksException(Throwable t)
-
buildCannotDecryptDksException
protected AwsCryptoException buildCannotDecryptDksException(List<? extends Throwable> t)
-
-