com.amazonaws.encryptionsdk.CryptoMaterialsManager Java Examples
The following examples show how to use
com.amazonaws.encryptionsdk.CryptoMaterialsManager.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: ApplicationConfiguration.java From cerberus with Apache License 2.0 | 5 votes |
@Bean("encryptCryptoMaterialsManager") public CryptoMaterialsManager encryptCryptoMaterialsManager( @Value("${cerberus.encryption.cmk.arns}") String cmkArns, @Value("${cerberus.encryption.cache.enabled:false}") boolean cacheEnabled, @Value("${cerberus.encryption.cache.encrypt.maxSize:100}") int encryptMaxSize, @Value("${cerberus.encryption.cache.encrypt.maxAgeInSeconds:60}") int encryptMaxAge, @Value("${cerberus.encryption.cache.encrypt.messageUseLimit:100}") int encryptMessageUseLimit, Region currentRegion, MetricsService metricsService) { MasterKeyProvider<KmsMasterKey> keyProvider = initializeKeyProvider(cmkArns, currentRegion); if (cacheEnabled) { log.info( "Initializing caching encryptCryptoMaterialsManager with CMK: {}, maxSize: {}, maxAge: {}, " + "messageUseLimit: {}", cmkArns, encryptMaxSize, encryptMaxAge, encryptMessageUseLimit); CryptoMaterialsCache cache = new MetricReportingCryptoMaterialsCache(encryptMaxSize, metricsService); CryptoMaterialsManager cachingCmm = CachingCryptoMaterialsManager.newBuilder() .withMasterKeyProvider(keyProvider) .withCache(cache) .withMaxAge(encryptMaxAge, TimeUnit.SECONDS) .withMessageUseLimit(encryptMessageUseLimit) .build(); return cachingCmm; } else { log.info("Initializing encryptCryptoMaterialsManager with CMK: {}", cmkArns); return new DefaultCryptoMaterialsManager(keyProvider); } }
Example #2
Source File: ApplicationConfiguration.java From cerberus with Apache License 2.0 | 5 votes |
@Bean("decryptCryptoMaterialsManager") public CryptoMaterialsManager decryptCryptoMaterialsManager( @Value("${cerberus.encryption.cmk.arns}") String cmkArns, @Value("${cerberus.encryption.cache.enabled:#{false}}") boolean cacheEnabled, @Value("${cerberus.encryption.cache.decrypt.maxSize:1000}") int decryptMaxSize, @Value("${cerberus.encryption.cache.decrypt.maxAgeInSeconds:60}") int decryptMaxAge, Region currentRegion, MetricsService metricsService) { MasterKeyProvider<KmsMasterKey> keyProvider = initializeKeyProvider(cmkArns, currentRegion); if (cacheEnabled) { log.info( "Initializing caching decryptCryptoMaterialsManager with CMK: {}, maxSize: {}, maxAge: {}", cmkArns, decryptMaxSize, decryptMaxAge); CryptoMaterialsCache cache = new MetricReportingCryptoMaterialsCache(decryptMaxAge, metricsService); CryptoMaterialsManager cachingCmm = CachingCryptoMaterialsManager.newBuilder() .withMasterKeyProvider(keyProvider) .withCache(cache) .withMaxAge(decryptMaxAge, TimeUnit.SECONDS) .build(); return cachingCmm; } else { log.info("Initializing decryptCryptoMaterialsManager with CMK: {}", cmkArns); return new DefaultCryptoMaterialsManager(keyProvider); } }
Example #3
Source File: DecryptionHandler.java From aws-encryption-sdk-java with Apache License 2.0 | 5 votes |
private DecryptionHandler(final CryptoMaterialsManager materialsManager) { Utils.assertNonNull(materialsManager, "materialsManager"); this.materialsManager_ = materialsManager; ciphertextHeaders_ = new CiphertextHeaders(); ciphertextFooters_ = new CiphertextFooters(); }
Example #4
Source File: DecryptionHandler.java From aws-encryption-sdk-java with Apache License 2.0 | 5 votes |
private DecryptionHandler(final CryptoMaterialsManager materialsManager, final CiphertextHeaders headers) throws AwsCryptoException { Utils.assertNonNull(materialsManager, "materialsManager"); materialsManager_ = materialsManager; ciphertextHeaders_ = headers; ciphertextFooters_ = new CiphertextFooters(); readHeaderFields(headers); updateTrailingSignature(headers); }
Example #5
Source File: CachingCryptoMaterialsManagerTest.java From aws-encryption-sdk-java with Apache License 2.0 | 5 votes |
@Test public void whenMKPPassed_itIsUsed() throws Exception { JceMasterKey key = spy(JceMasterKey.getInstance(new SecretKeySpec(new byte[16], "AES"), "provider", "keyId", "AES/GCM/NoPadding")); CryptoMaterialsManager cmm = CachingCryptoMaterialsManager.newBuilder() .withCache(cache) .withMasterKeyProvider(key) .withMaxAge(5, TimeUnit.DAYS) .build(); cmm.getMaterialsForEncrypt(CacheTestFixtures.createMaterialsRequest(0)); verify(key).generateDataKey(any(), any()); }
Example #6
Source File: CacheIdentifierTests.java From aws-encryption-sdk-java with Apache License 2.0 | 5 votes |
private CachingCryptoMaterialsManager getCMM(final String partitionName) { return CachingCryptoMaterialsManager.newBuilder() .withCache(mock(CryptoMaterialsCache.class)) .withBackingMaterialsManager(mock(CryptoMaterialsManager.class)) .withMaxAge(1, TimeUnit.MILLISECONDS) .withPartitionId(partitionName) .build(); }
Example #7
Source File: FieldEncrypter.java From datacollector with Apache License 2.0 | 5 votes |
private EncryptionProvider createProvider(List<ConfigIssue> issues) { CryptoMaterialsManager cmManager = createCryptoMaterialsManager(issues); if (!issues.isEmpty()) { return null; } AwsCrypto crypto = new AwsCrypto(); crypto.setEncryptionAlgorithm(conf.getCipher()); crypto.setEncryptionFrameSize(conf.getFrameSize()); return AWSEncryptionProvider.builder().withMode(mode).withCrypto(crypto).withCmManager(cmManager).build(); }
Example #8
Source File: AWSEncryptionProvider.java From datacollector with Apache License 2.0 | 4 votes |
public Builder withCmManager(CryptoMaterialsManager cmManager) { this.cmManager = cmManager; return this; }
Example #9
Source File: AWSEncryptionProvider.java From datacollector with Apache License 2.0 | 4 votes |
private AWSEncryptionProvider(EncryptionMode mode, AwsCrypto crypto, CryptoMaterialsManager cmManager) { this.mode = mode; this.crypto = crypto; this.cmManager = cmManager; }
Example #10
Source File: CachingCryptoMaterialsManager.java From aws-encryption-sdk-java with Apache License 2.0 | 2 votes |
/** * Sets the {@link CryptoMaterialsManager} that should be queried when the {@link CachingCryptoMaterialsManager} * incurs a cache miss. * * You can set either a MasterKeyProvider or a CryptoMaterialsManager to back the CCMM - the last value set will * be used. * * @param backingCMM The CryptoMaterialsManager to invoke on cache misses * @return this builder */ public Builder withBackingMaterialsManager(CryptoMaterialsManager backingCMM) { this.backingCMM = backingCMM; return this; }
Example #11
Source File: DecryptionHandler.java From aws-encryption-sdk-java with Apache License 2.0 | 2 votes |
/** * Create a decryption handler using the provided materials manager. * * <p> * Note the methods in the provided materials manager are used in decrypting the encrypted data key * parsed from the ciphertext headers. * * @param materialsManager * the materials manager to use in decrypting the data key from the key blobs encoded * in the provided ciphertext. * @throws AwsCryptoException * if the master key is null. */ public static DecryptionHandler<?> create( final CryptoMaterialsManager materialsManager ) throws AwsCryptoException { return new DecryptionHandler(materialsManager); }
Example #12
Source File: DecryptionHandler.java From aws-encryption-sdk-java with Apache License 2.0 | 2 votes |
/** * Create a decryption handler using the provided materials manager and already parsed {@code headers}. * * <p> * Note the methods in the provided materials manager are used in decrypting the encrypted data key * parsed from the ciphertext headers. * * @param materialsManager * the materials manager to use in decrypting the data key from the key blobs encoded * in the provided ciphertext. * @param headers * already parsed headers which will not be passed into * {@link #processBytes(byte[], int, int, byte[], int)} * @throws AwsCryptoException * if the master key is null. */ public static DecryptionHandler<?> create( final CryptoMaterialsManager materialsManager, final CiphertextHeaders headers ) throws AwsCryptoException { return new DecryptionHandler(materialsManager, headers); }