SDK for PHP 3.x

KmsMaterialsProviderV2 extends MaterialsProviderV2
in package
implements MaterialsProviderInterfaceV2

Uses KMS to supply materials for encrypting and decrypting data. This V2 implementation should be used with the V2 encryption clients (i.e.

S3EncryptionClientV2).

Table of Contents

Interfaces

MaterialsProviderInterfaceV2

Constants

WRAP_ALGORITHM_NAME  = 'kms+context'

Methods

__construct()  : mixed
decryptCek()  : string
Takes an encrypted content encryption key (CEK) and material description for use decrypting the key according to the Provider's specifications.
generateCek()  : array<string|int, mixed>
generateIv()  : string
getWrapAlgorithmName()  : string
Returns the wrap algorithm name for this Provider.
isSupportedKeySize()  : bool
Returns if the requested size is supported by AES.

Constants

WRAP_ALGORITHM_NAME

public mixed WRAP_ALGORITHM_NAME = 'kms+context'

Methods

__construct()

public __construct(KmsClient $kmsClient[, string $kmsKeyId = null ]) : mixed
Parameters
$kmsClient : KmsClient

A KMS Client for use encrypting and decrypting keys.

$kmsKeyId : string = null

The private KMS key id to be used for encrypting and decrypting keys.

decryptCek()

Takes an encrypted content encryption key (CEK) and material description for use decrypting the key according to the Provider's specifications.

public decryptCek(mixed $encryptedCek, mixed $materialDescription, mixed $options) : string
Parameters
$encryptedCek : mixed

Encrypted key to be decrypted by the Provider for use decrypting other data.

$materialDescription : mixed

Material Description for use in decrypting the CEK.

$options : mixed

Options for use in decrypting the CEK.

Tags
inheritDoc
Return values
string

generateCek()

public generateCek(mixed $keySize, mixed $context, mixed $options) : array<string|int, mixed>
Parameters
$keySize : mixed

Length of a cipher key in bits for generating a random content encryption key (CEK).

$context : mixed

Context map needed for key encryption

$options : mixed

Additional options to be used in CEK generation

Tags
inheritDoc
Return values
array<string|int, mixed>

generateIv()

public generateIv(string $openSslName) : string
Parameters
$openSslName : string

Cipher OpenSSL name to use for generating an initialization vector.

Return values
string

getWrapAlgorithmName()

Returns the wrap algorithm name for this Provider.

public getWrapAlgorithmName() : string
Tags
inheritDoc
Return values
string

isSupportedKeySize()

Returns if the requested size is supported by AES.

public static isSupportedKeySize(int $keySize) : bool
Parameters
$keySize : int

Size of the requested key in bits.

Return values
bool
On this page