aws-cpp-sdk-core/html/_content_crypto_material_8h_source.html

#pragma once


#include <aws/core/Aws.h>

#include <aws/core/Core_EXPORTS.h>

#include <aws/core/utils/crypto/CryptoBuf.h>

#include <aws/core/utils/crypto/ContentCryptoScheme.h>

#include <aws/core/utils/crypto/KeyWrapAlgorithm.h>


namespace Aws

{

    namespace Utils

    {

        namespace Crypto

        {

            class AWS_CORE_API ContentCryptoMaterial

            {

            public:

                /*

                Default constructor.

                */

                ContentCryptoMaterial();

                /*

                Initialize content crypto material with content crypto scheme. Constructor will also generate the cek automatically.

                Since the creation of the crypto content material will be within the S3 crypto modules, only the crypto scheme is needed for initialization.

                The rest of the data will be set using the accessors below.

                */

                ContentCryptoMaterial(ContentCryptoScheme contentCryptoScheme);


                /*

                Initialize with content encryption key (cek) and content crypto scheme.

                */

                ContentCryptoMaterial(const Aws::Utils::CryptoBuffer& cek, ContentCryptoScheme contentCryptoScheme);


                /*

                Initialize in the error state.

                */

                ContentCryptoMaterial(const char * msg);


                inline const Aws::Utils::CryptoBuffer& GetContentEncryptionKey() const

                {

                    return m_contentEncryptionKey;

                }


                inline const Aws::Utils::CryptoBuffer& GetEncryptedContentEncryptionKey() const

                {

                    return m_encryptedContentEncryptionKey;

                }


                inline const Aws::Utils::CryptoBuffer& GetIV() const

                {

                    return m_iv;

                }


                inline const Aws::Map<Aws::String, Aws::String>& GetEncryptionContext() const

                {

                    return m_encryptionContext;

                }


                inline const Aws::Utils::CryptoBuffer& GetKeyCommitment() const

                {

                    return m_keyCommitment;

                }


                inline const Aws::Utils::CryptoBuffer& GetMessageID() const

                {

                    return m_messageId;

                }


                inline size_t GetCryptoTagLength() const

                {

                    return m_cryptoTagLength;

                }


                inline const Aws::Map<Aws::String, Aws::String>& GetMaterialsDescription() const

                {

                    return m_materialsDescription;

                }


                /*

                * Gets the value of the key in the current materials description map.

                */

                inline const Aws::String& GetMaterialsDescription(const Aws::String& key) const

                {

                    return m_materialsDescription.at(key);

                }


                inline KeyWrapAlgorithm GetKeyWrapAlgorithm() const

                {

                    return m_keyWrapAlgorithm;

                }


                inline ContentCryptoScheme GetContentCryptoScheme() const

                {

                    return m_contentCryptoScheme;

                }


                inline void SetContentEncryptionKey(const Aws::Utils::CryptoBuffer& contentEncryptionKey)

                {

                    m_contentEncryptionKey = contentEncryptionKey;

                }


                inline void SetEncryptedContentEncryptionKey(const Aws::Utils::CryptoBuffer& encryptedContentEncryptionKey)

                {

                    m_encryptedContentEncryptionKey = encryptedContentEncryptionKey;

                }


                inline void SetIV(const Aws::Utils::CryptoBuffer& iv)

                {

                    m_iv = iv;

                }


                inline void SetV3IV()

                {

                    //= ../specification/s3-encryption/key-derivation.md#hkdf-operation

                    //# When encrypting or decrypting with ALG_AES_256_GCM_HKDF_SHA512_COMMIT_KEY, the IV used in the AES-GCM content encryption/decryption MUST consist entirely of bytes with the value 0x01.

                    //# The IV's total length MUST match the IV length defined by the algorithm suite.

                    unsigned char iv[12] = {0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01};

                    CryptoBuffer iv2(&iv[0], 12);

                    SetIV(iv2);

                }


                inline void SetEncryptionContext(const Aws::Map<Aws::String, Aws::String>& encryptionContext)

                {

                    m_encryptionContext = encryptionContext;

                }


                inline void SetKeyCommitment(const Aws::Utils::CryptoBuffer& keyCommitment)

                {

                    m_keyCommitment = keyCommitment;

                }


                inline void SetMessageID(const Aws::Utils::CryptoBuffer& messageId)

                {

                    m_messageId = messageId;

                }


                inline void SetCryptoTagLength(size_t cryptoTagLength)

                {

                    m_cryptoTagLength = cryptoTagLength;

                }


                inline void AddMaterialsDescription(const Aws::String& key, const Aws::String& value)

                {

                    m_materialsDescription[key] = value;

                }


                inline void SetMaterialsDescription(const Aws::Map<Aws::String, Aws::String>& materialsDescription)

                {

                    m_materialsDescription = materialsDescription;

                }


                inline void SetKeyWrapAlgorithm(KeyWrapAlgorithm keyWrapAlgorithm)

                {

                    m_keyWrapAlgorithm = keyWrapAlgorithm;

                }


                inline void SetContentCryptoScheme(ContentCryptoScheme contentCryptoScheme)

                {

                    m_contentCryptoScheme = contentCryptoScheme;

                }


                inline void SetGCMAAD(const Aws::Utils::CryptoBuffer& aad)

                {

                    m_gcmAAD = aad;

                }

                inline const Aws::Utils::CryptoBuffer& GetGCMAAD() const

                {

                    return m_gcmAAD;

                }


                inline void SetCEKGCMTag(const Aws::Utils::CryptoBuffer& tag)

                {

                    m_cekGCMTag = tag;

                }

                inline const Aws::Utils::CryptoBuffer& GetCEKGCMTag() const

                {

                    return m_cekGCMTag;

                }


                inline void SetCekIV(const Aws::Utils::CryptoBuffer& iv)

                {

                    m_cekIV = iv;

                }

                inline const Aws::Utils::CryptoBuffer& GetCekIV() const

                {

                    return m_cekIV;

                }


                inline void SetFinalCEK(const Aws::Utils::CryptoBuffer& finalCEK)

                {

                    m_finalCEK = finalCEK;

                }

                inline const Aws::Utils::CryptoBuffer& GetFinalCEK() const

                {

                    return m_finalCEK;

                }


                //= ../specification/s3-encryption/key-derivation.md#hkdf-operation

                //= type=implication

                //# The client MUST set the AAD to the Algorithm Suite ID represented as bytes.


                //= ../specification/s3-encryption/encryption.md#alg-aes-256-gcm-iv12-tag16-no-kdf

                //= type=implication

                //# The client MUST NOT provide any AAD when encrypting with ALG_AES_256_GCM_IV12_TAG16_NO_KDF.

                inline const Aws::Utils::CryptoBuffer GetAAD() const

                {

                    if (m_contentCryptoScheme == ContentCryptoScheme::GCM_COMMIT) {

                // Algorithm Suite 0x0073 as bytes

                        static const uint8_t gcmAAD[2] = {0, 0x73};

                        return Aws::Utils::CryptoBuffer(gcmAAD, 2);

                    } else {

                        return Aws::Utils::CryptoBuffer();

                    }

                }


                inline bool Ok() const {return m_error.empty();}

                inline bool Fail() const {return !m_error.empty();}

                inline const Aws::String & Error() const {return m_error;}


            private:

                Aws::Utils::CryptoBuffer m_contentEncryptionKey;

                Aws::Utils::CryptoBuffer m_encryptedContentEncryptionKey;

                /* if using AES_GCM key wrap algorithm, then final CEK is iv + encrypted_key + tag

                 * otherwise it's the same as m_encryptedContentEncryptionKey

                 */

                Aws::Utils::CryptoBuffer m_finalCEK;

                Aws::Utils::CryptoBuffer m_iv;

                Aws::Utils::CryptoBuffer m_cekIV;

                Aws::Utils::CryptoBuffer m_gcmAAD;

                Aws::Utils::CryptoBuffer m_cekGCMTag;

                Aws::Map<Aws::String, Aws::String> m_encryptionContext;

                Aws::Utils::CryptoBuffer m_keyCommitment;

                Aws::Utils::CryptoBuffer m_messageId;

                size_t m_cryptoTagLength;

                Aws::Map<Aws::String, Aws::String> m_materialsDescription;

                KeyWrapAlgorithm m_keyWrapAlgorithm;

                ContentCryptoScheme m_contentCryptoScheme;

                Aws::String m_error;

            };

        }

    }

}

Aws::Utils::Crypto::ContentCryptoMaterial
Definition ContentCryptoMaterial.h:20

Aws::Utils::Crypto::ContentCryptoMaterial::SetKeyCommitment
void SetKeyCommitment(const Aws::Utils::CryptoBuffer &keyCommitment)
Definition ContentCryptoMaterial.h:179

Aws::Utils::Crypto::ContentCryptoMaterial::SetMaterialsDescription
void SetMaterialsDescription(const Aws::Map< Aws::String, Aws::String > &materialsDescription)
Definition ContentCryptoMaterial.h:211

Aws::Utils::Crypto::ContentCryptoMaterial::AddMaterialsDescription
void AddMaterialsDescription(const Aws::String &key, const Aws::String &value)
Definition ContentCryptoMaterial.h:203

Aws::Utils::Crypto::ContentCryptoMaterial::ContentCryptoMaterial
ContentCryptoMaterial()

Aws::Utils::Crypto::ContentCryptoMaterial::SetFinalCEK
void SetFinalCEK(const Aws::Utils::CryptoBuffer &finalCEK)
Definition ContentCryptoMaterial.h:280

Aws::Utils::Crypto::ContentCryptoMaterial::SetGCMAAD
void SetGCMAAD(const Aws::Utils::CryptoBuffer &aad)
Definition ContentCryptoMaterial.h:235

Aws::Utils::Crypto::ContentCryptoMaterial::GetEncryptedContentEncryptionKey
const Aws::Utils::CryptoBuffer & GetEncryptedContentEncryptionKey() const
Definition ContentCryptoMaterial.h:54

Aws::Utils::Crypto::ContentCryptoMaterial::GetMaterialsDescription
const Aws::String & GetMaterialsDescription(const Aws::String &key) const
Definition ContentCryptoMaterial.h:110

Aws::Utils::Crypto::ContentCryptoMaterial::ContentCryptoMaterial
ContentCryptoMaterial(const char *msg)

Aws::Utils::Crypto::ContentCryptoMaterial::GetGCMAAD
const Aws::Utils::CryptoBuffer & GetGCMAAD() const
Definition ContentCryptoMaterial.h:242

Aws::Utils::Crypto::ContentCryptoMaterial::GetIV
const Aws::Utils::CryptoBuffer & GetIV() const
Definition ContentCryptoMaterial.h:62

Aws::Utils::Crypto::ContentCryptoMaterial::SetCekIV
void SetCekIV(const Aws::Utils::CryptoBuffer &iv)
Definition ContentCryptoMaterial.h:265

Aws::Utils::Crypto::ContentCryptoMaterial::GetMessageID
const Aws::Utils::CryptoBuffer & GetMessageID() const
Definition ContentCryptoMaterial.h:86

Aws::Utils::Crypto::ContentCryptoMaterial::SetCEKGCMTag
void SetCEKGCMTag(const Aws::Utils::CryptoBuffer &tag)
Definition ContentCryptoMaterial.h:250

Aws::Utils::Crypto::ContentCryptoMaterial::GetFinalCEK
const Aws::Utils::CryptoBuffer & GetFinalCEK() const
Definition ContentCryptoMaterial.h:287

Aws::Utils::Crypto::ContentCryptoMaterial::GetAAD
const Aws::Utils::CryptoBuffer GetAAD() const
Definition ContentCryptoMaterial.h:299

Aws::Utils::Crypto::ContentCryptoMaterial::GetContentEncryptionKey
const Aws::Utils::CryptoBuffer & GetContentEncryptionKey() const
Definition ContentCryptoMaterial.h:46

Aws::Utils::Crypto::ContentCryptoMaterial::GetCekIV
const Aws::Utils::CryptoBuffer & GetCekIV() const
Definition ContentCryptoMaterial.h:272

Aws::Utils::Crypto::ContentCryptoMaterial::Fail
bool Fail() const
Definition ContentCryptoMaterial.h:311

Aws::Utils::Crypto::ContentCryptoMaterial::Ok
bool Ok() const
Definition ContentCryptoMaterial.h:310

Aws::Utils::Crypto::ContentCryptoMaterial::SetEncryptedContentEncryptionKey
void SetEncryptedContentEncryptionKey(const Aws::Utils::CryptoBuffer &encryptedContentEncryptionKey)
Definition ContentCryptoMaterial.h:142

Aws::Utils::Crypto::ContentCryptoMaterial::GetCryptoTagLength
size_t GetCryptoTagLength() const
Definition ContentCryptoMaterial.h:94

Aws::Utils::Crypto::ContentCryptoMaterial::SetContentCryptoScheme
void SetContentCryptoScheme(ContentCryptoScheme contentCryptoScheme)
Definition ContentCryptoMaterial.h:227

Aws::Utils::Crypto::ContentCryptoMaterial::SetContentEncryptionKey
void SetContentEncryptionKey(const Aws::Utils::CryptoBuffer &contentEncryptionKey)
Definition ContentCryptoMaterial.h:134

Aws::Utils::Crypto::ContentCryptoMaterial::ContentCryptoMaterial
ContentCryptoMaterial(const Aws::Utils::CryptoBuffer &cek, ContentCryptoScheme contentCryptoScheme)

Aws::Utils::Crypto::ContentCryptoMaterial::GetMaterialsDescription
const Aws::Map< Aws::String, Aws::String > & GetMaterialsDescription() const
Definition ContentCryptoMaterial.h:102

Aws::Utils::Crypto::ContentCryptoMaterial::SetMessageID
void SetMessageID(const Aws::Utils::CryptoBuffer &messageId)
Definition ContentCryptoMaterial.h:187

Aws::Utils::Crypto::ContentCryptoMaterial::GetEncryptionContext
const Aws::Map< Aws::String, Aws::String > & GetEncryptionContext() const
Definition ContentCryptoMaterial.h:70

Aws::Utils::Crypto::ContentCryptoMaterial::SetV3IV
void SetV3IV()
Definition ContentCryptoMaterial.h:158

Aws::Utils::Crypto::ContentCryptoMaterial::Error
const Aws::String & Error() const
Definition ContentCryptoMaterial.h:312

Aws::Utils::Crypto::ContentCryptoMaterial::GetKeyWrapAlgorithm
KeyWrapAlgorithm GetKeyWrapAlgorithm() const
Definition ContentCryptoMaterial.h:118

Aws::Utils::Crypto::ContentCryptoMaterial::ContentCryptoMaterial
ContentCryptoMaterial(ContentCryptoScheme contentCryptoScheme)

Aws::Utils::Crypto::ContentCryptoMaterial::GetKeyCommitment
const Aws::Utils::CryptoBuffer & GetKeyCommitment() const
Definition ContentCryptoMaterial.h:78

Aws::Utils::Crypto::ContentCryptoMaterial::GetContentCryptoScheme
ContentCryptoScheme GetContentCryptoScheme() const
Definition ContentCryptoMaterial.h:126

Aws::Utils::Crypto::ContentCryptoMaterial::SetIV
void SetIV(const Aws::Utils::CryptoBuffer &iv)
Definition ContentCryptoMaterial.h:150

Aws::Utils::Crypto::ContentCryptoMaterial::SetCryptoTagLength
void SetCryptoTagLength(size_t cryptoTagLength)
Definition ContentCryptoMaterial.h:195

Aws::Utils::Crypto::ContentCryptoMaterial::SetKeyWrapAlgorithm
void SetKeyWrapAlgorithm(KeyWrapAlgorithm keyWrapAlgorithm)
Definition ContentCryptoMaterial.h:219

Aws::Utils::Crypto::ContentCryptoMaterial::SetEncryptionContext
void SetEncryptionContext(const Aws::Map< Aws::String, Aws::String > &encryptionContext)
Definition ContentCryptoMaterial.h:171

Aws::Utils::Crypto::ContentCryptoMaterial::GetCEKGCMTag
const Aws::Utils::CryptoBuffer & GetCEKGCMTag() const
Definition ContentCryptoMaterial.h:257

Aws::Utils::CryptoBuffer
Definition Array.h:255

Aws::Utils::Crypto::ContentCryptoScheme
ContentCryptoScheme
Definition ContentCryptoScheme.h:16

Aws::Utils::Crypto::KeyWrapAlgorithm
KeyWrapAlgorithm
Definition KeyWrapAlgorithm.h:16

Aws
Definition AmazonSerializableWebServiceRequest.h:16

Aws::Map
std::map< K, V, std::less< K >, Aws::Allocator< std::pair< const K, V > > > Map
Definition AWSMap.h:20

Aws::String
std::basic_string< char, std::char_traits< char >, Aws::Allocator< char > > String
Definition AWSString.h:97