Class AwsKmsClient
java.lang.Object
ch.admin.bit.jeap.crypto.awskms.client.AwsKmsClient
-
Constructor Summary
ConstructorsConstructorDescriptionAwsKmsClient(software.amazon.awssdk.auth.credentials.AwsCredentialsProvider awsCredentialsProvider, software.amazon.awssdk.regions.Region region) AwsKmsClient(software.amazon.awssdk.auth.credentials.AwsCredentialsProvider awsCredentialsProvider, software.amazon.awssdk.regions.Region region, URI endpointOverride) -
Method Summary
Modifier and TypeMethodDescriptioncreateDataKey(String keyId) byte[]decryptDataKey(byte[] ciphertextBlob)
-
Constructor Details
-
AwsKmsClient
public AwsKmsClient(software.amazon.awssdk.auth.credentials.AwsCredentialsProvider awsCredentialsProvider, software.amazon.awssdk.regions.Region region) -
AwsKmsClient
public AwsKmsClient(software.amazon.awssdk.auth.credentials.AwsCredentialsProvider awsCredentialsProvider, software.amazon.awssdk.regions.Region region, URI endpointOverride)
-
-
Method Details
-
createDataKey
- Parameters:
keyId- Specifies the symmetric encryption KMS key that encrypts the data key. You cannot specify an asymmetric KMS key or a KMS key in a custom key store. To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with "alias/". To specify a KMS key in a different AWS account, you must use the key ARN or alias ARN. For example:- Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
- Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
- Alias name: alias/ExampleAlias
- Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias
-
decryptDataKey
public byte[] decryptDataKey(byte[] ciphertextBlob)
-