public class CryptoConfiguration extends Object implements Cloneable, Serializable
Constructor and Description |
---|
CryptoConfiguration()
Creates a new CryptoConfiguration object with default storage mode and
crypto provider settings.
|
CryptoConfiguration(CryptoMode cryptoMode) |
Modifier and Type | Method and Description |
---|---|
CryptoConfiguration |
clone() |
boolean |
getAlwaysUseCryptoProvider()
Returns true if the specified crypto provider should be used in all cases.
|
Region |
getAwsKmsRegion()
Returns the the KMS region explicitly specified for the AWS KMS client
when such client is internally instantiated; or null if no explicit KMS
region is specified.
|
CryptoMode |
getCryptoMode()
Returns the optionally specified crypto mode applicable only to the S3
encryption client; or null.
|
Provider |
getCryptoProvider()
Returns the crypto provider whose encryption implementation will be used
to encrypt and decrypt data.
|
Regions |
getKmsRegion()
Deprecated.
|
SecureRandom |
getSecureRandom()
Returns the SecureRandom instance that will be used to generate
cryptographic parameters.
|
CryptoStorageMode |
getStorageMode()
Returns the current storage mode of a CryptoConfiguration object.
|
boolean |
isIgnoreMissingInstructionFile()
Returns true to ignore instruction file that cannot be found during a GET
operation; false otherwise.
|
boolean |
isReadOnly() |
CryptoConfiguration |
readOnly()
Returns a read-only copy of this configuration.
|
void |
setAlwaysUseCryptoProvider(boolean value)
Sets whether the specified crypto provider should be used in all cases.
|
void |
setAwsKmsRegion(Region awsKmsRegion)
Sets the KMS region for the AWS KMS client when such client is internally
instantiated instead of externally passed in by users; or null if no
explicit KMS region is explicitly configured.This KMS region parameter is
ignored when the AWS KMS client of the S3 encryption client is explicitly
passed in by the users, instead of being implicitly created.
|
void |
setCryptoMode(CryptoMode cryptoMode)
Sets the crypto mode; applicable only to the S3 encryption client.
|
void |
setCryptoProvider(Provider cryptoProvider)
Sets the crypto provider to the specified provider.
|
void |
setIgnoreMissingInstructionFile(boolean ignoreMissingInstructionFile) |
void |
setKmsRegion(Regions kmsRegion)
Deprecated.
|
void |
setSecureRandom(SecureRandom secureRandom)
Sets the secure random instance to use for generating cryptographic
parameters.
|
void |
setStorageMode(CryptoStorageMode storageMode)
Sets the storage mode to the specified mode.
|
CryptoConfiguration |
withAlwaysUseCryptoProvider(boolean value)
Sets whether the specified crypto provider should be used in all cases.
|
CryptoConfiguration |
withAwsKmsRegion(Region awsKmsRegion)
Fluent API for setting the KMS region for the AWS KMS client when such
client is internally instantiated instead of externally passed in by
users; or null if no explicit KMS region is explicitly configured.This
KMS region parameter is ignored when the AWS KMS client of the S3
encryption client is explicitly passed in by the users, instead of being
implicitly created.
|
CryptoConfiguration |
withCryptoMode(CryptoMode cryptoMode)
Fluent API to set the crypto mode; applicable only to the S3 encryption
client.
|
CryptoConfiguration |
withCryptoProvider(Provider cryptoProvider)
Sets the crypto provider to the specified provider, and returns the
updated CryptoConfiguration object.
|
CryptoConfiguration |
withIgnoreMissingInstructionFile(boolean ignoreMissingInstructionFile)
Fluent API to set the property to ignore instruction file that cannot be
found during a GET operation.
|
CryptoConfiguration |
withKmsRegion(Regions kmsRegion)
Deprecated.
|
CryptoConfiguration |
withSecureRandom(SecureRandom secureRandom)
Sets the secure random instance to use for generating cryptographic
parameters, and returns this object.
|
CryptoConfiguration |
withStorageMode(CryptoStorageMode storageMode)
Sets the storage mode to the specified mode, and returns the updated
CryptoConfiguration object.
|
public CryptoConfiguration()
public CryptoConfiguration(CryptoMode cryptoMode)
cryptoMode
- cryptographic mode to be usedUnsupportedOperationException
- if the necessary security provider cannot be found or the
necessary cryptographic operations are not supported for the
specified crypto mode.public void setStorageMode(CryptoStorageMode storageMode)
storageMode
- The storage mode to be used for storing encryption
information.public CryptoConfiguration withStorageMode(CryptoStorageMode storageMode)
storageMode
- The storage mode to be used for storing encryption
information.public CryptoStorageMode getStorageMode()
public void setCryptoProvider(Provider cryptoProvider)
cryptoProvider
- The crypto provider whose encryption implementation will be
used to encrypt and decrypt data.public CryptoConfiguration withCryptoProvider(Provider cryptoProvider)
cryptoProvider
- The crypto provider whose encryption implementation will be
used to encrypt and decrypt data.public Provider getCryptoProvider()
public void setAlwaysUseCryptoProvider(boolean value)
public CryptoConfiguration withAlwaysUseCryptoProvider(boolean value)
public boolean getAlwaysUseCryptoProvider()
public SecureRandom getSecureRandom()
public void setSecureRandom(SecureRandom secureRandom)
public CryptoConfiguration withSecureRandom(SecureRandom secureRandom)
public CryptoMode getCryptoMode()
public void setCryptoMode(CryptoMode cryptoMode) throws UnsupportedOperationException
UnsupportedOperationException
- if the necessary security provider cannot be found or the
necessary cryptographic operations are not supported for the
specified crypto mode. Note the crypto mode can and will
still (intentionally) be set in such case, and it's up to the
caller to decide what to do about it.public CryptoConfiguration withCryptoMode(CryptoMode cryptoMode) throws UnsupportedOperationException
UnsupportedOperationException
- if the necessary security provider cannot be found or the
necessary cryptographic operations are not supported for the
specified crypto mode.Note the crypto mode can and will still
(intentionally) be set in such case, and it's up to the
caller to decide what to do about it.public boolean isIgnoreMissingInstructionFile()
CryptoMode.StrictAuthenticatedEncryption
where
missing instruction file would always cause security exception.public void setIgnoreMissingInstructionFile(boolean ignoreMissingInstructionFile)
ignoreMissingInstructionFile
- true to ignore instruction file that cannot be found during a
GET operation; false otherwise. Default is true. This property
is ignored if the crypto mode is
CryptoMode.StrictAuthenticatedEncryption
where missing
instruction file would always cause security exception.public CryptoConfiguration withIgnoreMissingInstructionFile(boolean ignoreMissingInstructionFile)
public boolean isReadOnly()
public CryptoConfiguration readOnly()
public CryptoConfiguration clone()
@Deprecated public Regions getKmsRegion()
@Deprecated public void setKmsRegion(Regions kmsRegion)
@Deprecated public CryptoConfiguration withKmsRegion(Regions kmsRegion)
public Region getAwsKmsRegion()
public void setAwsKmsRegion(Region awsKmsRegion)
public CryptoConfiguration withAwsKmsRegion(Region awsKmsRegion)
Copyright © 2018. All rights reserved.