Package | Description |
---|---|
com.amazonaws.services.s3.internal.crypto |
Modifier and Type | Class and Description |
---|---|
(package private) class |
AesCbc |
(package private) class |
AesCtr |
(package private) class |
AesGcm |
Modifier and Type | Field and Description |
---|---|
(package private) static ContentCryptoScheme |
ContentCryptoScheme.AES_CBC
Encryption Only (EO) scheme.
|
(package private) static ContentCryptoScheme |
ContentCryptoScheme.AES_CTR
This is an auxiliary scheme used for range retrieval when object is
encrypted via AES/GCM.
|
(package private) static ContentCryptoScheme |
ContentCryptoScheme.AES_GCM
Authenticated Encryption (AE) scheme.
|
private ContentCryptoScheme |
S3CryptoScheme.contentCryptoScheme |
protected ContentCryptoScheme |
S3CryptoModuleBase.contentCryptoScheme |
private ContentCryptoScheme |
CipherLite.scheme |
Modifier and Type | Method and Description |
---|---|
(package private) ContentCryptoScheme |
S3ObjectWrapper.encryptionSchemeOf(java.util.Map<java.lang.String,java.lang.String> instructionFile)
Returns the original crypto scheme used for encryption, which may
differ from the crypto scheme used for decryption during, for example,
a range-get operation.
|
(package private) static ContentCryptoScheme |
ContentCryptoScheme.fromCEKAlgo(java.lang.String cekAlgo)
Returns the content crypto scheme of the given content encryption algorithm.
|
(package private) static ContentCryptoScheme |
ContentCryptoScheme.fromCEKAlgo(java.lang.String cekAlgo,
boolean isRangeGet) |
(package private) ContentCryptoScheme |
S3CryptoScheme.getContentCryptoScheme() |
(package private) ContentCryptoScheme |
ContentCryptoMaterial.getContentCryptoScheme()
Returns the content crypto scheme.
|
(package private) ContentCryptoScheme |
CipherLite.getContentCryptoScheme() |
Modifier and Type | Method and Description |
---|---|
private static javax.crypto.SecretKey |
ContentCryptoMaterial.cek(byte[] cekSecured,
java.lang.String keyWrapAlgo,
EncryptionMaterials materials,
java.security.Provider securityProvider,
ContentCryptoScheme contentCryptoScheme,
AWSKMSClient kms)
Returns the content encrypting key unwrapped or decrypted.
|
private static javax.crypto.SecretKey |
ContentCryptoMaterial.cekByKMS(byte[] cekSecured,
java.lang.String keyWrapAlgo,
EncryptionMaterials materials,
ContentCryptoScheme contentCryptoScheme,
AWSKMSClient kms)
Decrypts the secured CEK via KMS; involves network calls.
|
(package private) static ContentCryptoMaterial |
ContentCryptoMaterial.create(javax.crypto.SecretKey cek,
byte[] iv,
EncryptionMaterials kekMaterials,
ContentCryptoScheme contentCryptoScheme,
S3CryptoScheme targetScheme,
java.security.Provider provider,
AWSKMSClient kms,
AmazonWebServiceRequest req)
Returns a new instance of
ContentCryptoMaterial for the
input parameters using the specified content crypto scheme, and the key
wrapping and secure randomness specified of the specified s3 crypto
scheme. |
private static ContentCryptoMaterial |
ContentCryptoMaterial.doCreate(javax.crypto.SecretKey cek,
byte[] iv,
EncryptionMaterials kekMaterials,
ContentCryptoScheme contentCryptoScheme,
S3CryptoScheme targetS3CryptoScheme,
java.security.Provider provider,
AWSKMSClient kms,
AmazonWebServiceRequest req)
Returns a new instance of
ContentCryptoMaterial for the
given input parameters by using the specified content crypto scheme, and
S3 crypto scheme. |
static ContentCryptoMaterial |
ContentCryptoMaterial.wrap(javax.crypto.SecretKey cek,
byte[] iv,
ContentCryptoScheme contentCryptoScheme,
java.security.Provider provider,
SecuredCEK cekSecured)
Returns a new instance of
ContentCryptoMaterial by wrapping
the input parameters, including the already secured CEK. |
Constructor and Description |
---|
CipherLite(javax.crypto.Cipher cipher,
ContentCryptoScheme scheme,
javax.crypto.SecretKey secreteKey,
int cipherMode) |
S3CryptoScheme(ContentCryptoScheme contentCryptoScheme,
S3KeyWrapScheme kwScheme) |