public class KMSEncryptionMaterials extends EncryptionMaterials implements Serializable
The KEK has no relevance on the client-side, as KMS only requires the CMK id to be used to uniquely identify the KEK on the server side.
Modifier and Type | Field and Description |
---|---|
static String |
CUSTOMER_MASTER_KEY_ID
Name of the material description to be persisted in S3 for the KMS's
customer master key id.
|
Constructor and Description |
---|
KMSEncryptionMaterials(String defaultCustomerMasterKeyId) |
Modifier and Type | Method and Description |
---|---|
String |
getCustomerMasterKeyId()
Returns the default KMS's Customer Master Key ID; or null if there
isn't one.
|
KeyPair |
getKeyPair()
Always throws
UnsupportedOperationException . |
SecretKey |
getSymmetricKey()
Always throws
UnsupportedOperationException . |
boolean |
isKMSEnabled()
Returns true if this is a KMS material description; false otherwise.
|
String |
toString() |
addDescription, addDescriptions, getAccessor, getMaterialsDescription
public static final String CUSTOMER_MASTER_KEY_ID
public KMSEncryptionMaterials(String defaultCustomerMasterKeyId)
defaultCustomerMasterKeyId
- KMS's customer master key id; must not be nullpublic final KeyPair getKeyPair()
UnsupportedOperationException
.getKeyPair
in class EncryptionMaterials
public final SecretKey getSymmetricKey()
UnsupportedOperationException
.getSymmetricKey
in class EncryptionMaterials
public final boolean isKMSEnabled()
isKMSEnabled
in class EncryptionMaterials
public String getCustomerMasterKeyId()
getCustomerMasterKeyId
in class EncryptionMaterials