K - the type of MasterKey returned by this providerpublic abstract class MasterKeyProvider<K extends MasterKey<K>> extends Object
MasterKeys for encrypting and
decrypting messages. This is an abstract class.| Constructor and Description |
|---|
MasterKeyProvider() |
| Modifier and Type | Method and Description |
|---|---|
protected AwsCryptoException |
buildCannotDecryptDksException() |
protected AwsCryptoException |
buildCannotDecryptDksException(List<? extends Throwable> t) |
protected AwsCryptoException |
buildCannotDecryptDksException(Throwable t) |
boolean |
canProvide(String provider)
Returns true if this MasterKeyProvider can provide keys from the specified @{code provider}.
|
abstract DataKey<K> |
decryptDataKey(CryptoAlgorithm algorithm,
Collection<? extends EncryptedDataKey> encryptedDataKeys,
Map<String,String> encryptionContext)
Iterates through
encryptedDataKeys and returns the first one which can be successfully
decrypted. |
abstract String |
getDefaultProviderId()
ProviderId used by this instance when no other is specified.
|
K |
getMasterKey(String keyId)
Equivalent to calling
getMasterKey(String, String) using getDefaultProviderId() as the provider. |
abstract K |
getMasterKey(String provider,
String keyId)
Returns the specified
MasterKey if possible. |
abstract List<K> |
getMasterKeysForEncryption(MasterKeyRequest request)
Returns all
MasterKeys which should be used to protect the plaintext described by
request. |
public abstract String getDefaultProviderId()
public boolean canProvide(String provider)
provider - public K getMasterKey(String keyId) throws UnsupportedProviderException, NoSuchMasterKeyException
getMasterKey(String, String) using getDefaultProviderId() as the provider.public abstract K getMasterKey(String provider, String keyId) throws UnsupportedProviderException, NoSuchMasterKeyException
MasterKey if possible.provider - keyId - UnsupportedProviderException - if this object cannot return MasterKeys associated
with the given providerNoSuchMasterKeyException - if this object cannot find (and thus construct) the MasterKey associated with keyIdpublic abstract List<K> getMasterKeysForEncryption(MasterKeyRequest request)
MasterKeys which should be used to protect the plaintext described by
request.public abstract DataKey<K> decryptDataKey(CryptoAlgorithm algorithm, Collection<? extends EncryptedDataKey> encryptedDataKeys, Map<String,String> encryptionContext) throws UnsupportedProviderException, AwsCryptoException
encryptedDataKeys and returns the first one which can be successfully
decrypted.nullUnsupportedProviderException - if the encryptedDataKey is associated with an
unsupported providerCannotUnwrapDataKeyException - if the encryptedDataKey cannot be decryptedAwsCryptoExceptionprotected AwsCryptoException buildCannotDecryptDksException()
protected AwsCryptoException buildCannotDecryptDksException(Throwable t)
protected AwsCryptoException buildCannotDecryptDksException(List<? extends Throwable> t)
Copyright © 2023. All rights reserved.