Package com.amazonaws.encryptionsdk

Class MasterKey<K extends MasterKey<K>>

java.lang.Object

com.amazonaws.encryptionsdk.MasterKeyProvider<K>

com.amazonaws.encryptionsdk.MasterKey<K>

Type Parameters:

K - the concrete type of the MasterKey

Direct Known Subclasses:

AwsKmsMrkAwareMasterKey, JceMasterKey, KmsMasterKey

public abstract class MasterKey<K extends MasterKey<K>>
extends MasterKeyProvider<K>

Represents the cryptographic key used to protect the DataKey (which, in turn, protects the data).

All MasterKeys extend MasterKeyProvider because they are all capable of providing exactly themselves. This simplifies implementation when only a single MasterKey is used and/or expected.

Constructor Summary

Constructors

Constructor	Description
MasterKey()

Method Summary

Modifier and Type	Method	Description
boolean	canProvide(String provider)	Returns true if and only if provider equals getProviderId().
abstract DataKey<K>	encryptDataKey(CryptoAlgorithm algorithm, Map<String,String> encryptionContext, DataKey<?> dataKey)	Returns a new copy of the provided dataKey which is protected by this MasterKey for use with algorithm and associated with the provided encryptionContext.
boolean	equals(Object obj)	Two MasterKeys are equal if they are instances of the exact same class and their values for keyId, providerId, and defaultProviderId are equal.
abstract DataKey<K>	generateDataKey(CryptoAlgorithm algorithm, Map<String,String> encryptionContext)	Generates a new DataKey which is protected by this MasterKey for use with algorithm and associated with the provided encryptionContext.
String	getDefaultProviderId()	Equivalent to calling getProviderId().
abstract String	getKeyId()
K	getMasterKey(String provider, String keyId)	Returns this if provider and keyId match this.
List<K>	getMasterKeysForEncryption(MasterKeyRequest request)	Returns a list of length 1 containing this.
abstract String	getProviderId()
int	hashCode()
String	toString()

Methods inherited from class com.amazonaws.encryptionsdk.MasterKeyProvider

buildCannotDecryptDksException, buildCannotDecryptDksException, buildCannotDecryptDksException, decryptDataKey, getMasterKey

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Constructor Details

MasterKey

public MasterKey()

Method Details

getProviderId

public abstract String getProviderId()

getDefaultProviderId

public String getDefaultProviderId()

Equivalent to calling getProviderId().

Specified by:

getDefaultProviderId in class MasterKeyProvider<K extends MasterKey<K>>

getKeyId

public abstract String getKeyId()

generateDataKey

public abstract DataKey<K> generateDataKey(CryptoAlgorithm algorithm,
 Map<String,String> encryptionContext)

Generates a new DataKey which is protected by this MasterKey for use with algorithm and associated with the provided encryptionContext.

encryptDataKey

public abstract DataKey<K> encryptDataKey(CryptoAlgorithm algorithm,
 Map<String,String> encryptionContext,
 DataKey<?> dataKey)

Returns a new copy of the provided dataKey which is protected by this MasterKey for use with algorithm and associated with the provided encryptionContext.

canProvide

public boolean canProvide(String provider)

Returns true if and only if provider equals getProviderId().

Overrides:

canProvide in class MasterKeyProvider<K extends MasterKey<K>>

Returns:

getMasterKey

public K getMasterKey(String provider,
 String keyId)
               throws UnsupportedProviderException,
NoSuchMasterKeyException

Returns this if provider and keyId match this. Otherwise, throws an appropriate exception.

Specified by:

getMasterKey in class MasterKeyProvider<K extends MasterKey<K>>

Returns:

Throws:

UnsupportedProviderException - if this object cannot return MasterKeys associated with the given provider

NoSuchMasterKeyException - if this object cannot find (and thus construct) the MasterKey associated with keyId

toString

public String toString()

Overrides:

toString in class Object

getMasterKeysForEncryption

public List<K> getMasterKeysForEncryption(MasterKeyRequest request)

Returns a list of length 1 containing this.

Specified by:

getMasterKeysForEncryption in class MasterKeyProvider<K extends MasterKey<K>>

equals

public boolean equals(Object obj)

Two MasterKeys are equal if they are instances of the exact same class and their values for keyId, providerId, and defaultProviderId are equal.

Overrides:

equals in class Object

hashCode

public int hashCode()

Overrides:

hashCode in class Object