Class KmsMaterialsProvider
- Aws\Crypto\MaterialsProvider implements Aws\Crypto\MaterialsProviderInterface
-
Aws\Crypto\KmsMaterialsProvider
implements
Aws\Crypto\MaterialsProviderInterface
- Namespace: Aws\Crypto
- Deprecated
- Located at Crypto/KmsMaterialsProvider.php
Uses KMS to supply materials for encrypting and decrypting data.
Legacy implementation that supports legacy S3EncryptionClient and S3EncryptionMultipartUploader, which use an older encryption workflow. Use KmsMaterialsProviderV2 with S3EncryptionClientV2 or S3EncryptionMultipartUploaderV2 if possible.
Methods Summary
- __construct ( Aws\Kms\KmsClient $kmsClient, string $kmsKeyId = null )
-
getMaterialsDescription ( )
The KMS key id for use in matching this Provider to its keys, consistently with other SDKs as 'kms_cmk_id'.
-
getWrapAlgorithmName ( )
Returns the wrap algorithm name for this Provider.
-
encryptCek ( string $unencryptedCek, string $materialDescription )
Takes a content encryption key (CEK) and description to return an encrypted key by using KMS' Encrypt API.
-
decryptCek ( string $encryptedCek, string $materialDescription )
Takes an encrypted content encryption key (CEK) and material description for use decrypting the key by using KMS' Decrypt API.
Methods inherited from Aws\Crypto\MaterialsProvider
Methods Details
__construct (
Aws\Kms\KmsClient
$kmsClient,
string
$kmsKeyId = null
)
Parameters
Aws\Kms\KmsClient |
$kmsClient | A KMS Client for use encrypting and decrypting keys. |
| string | $kmsKeyId = null | The private KMS key id to be used for encrypting and decrypting keys. |
array getMaterialsDescription ( )
The KMS key id for use in matching this Provider to its keys, consistently with other SDKs as 'kms_cmk_id'.
Returns
| array |
string getWrapAlgorithmName ( )
Returns the wrap algorithm name for this Provider.
Returns
| string |
Implementation of
string encryptCek ( string $unencryptedCek, string $materialDescription )
Takes a content encryption key (CEK) and description to return an encrypted key by using KMS' Encrypt API.
Parameters
| string | $unencryptedCek | Key for use in encrypting other data that itself needs to be encrypted by the Provider. |
| string | $materialDescription | Material Description for use in encrypting the $cek. |
Returns
| string |
string decryptCek ( string $encryptedCek, string $materialDescription )
Takes an encrypted content encryption key (CEK) and material description for use decrypting the key by using KMS' Decrypt API.
Parameters
| string | $encryptedCek | Encrypted key to be decrypted by the Provider for use decrypting other data. |
| string | $materialDescription | Material Description for use in encrypting the $cek. |
Returns
| string |
Implementation of
Constants summary
string |
WRAP_ALGORITHM_NAME
|
#
'kms'
|