java.lang.Object
- com.amazonaws.encryptionsdk.MasterKeyProvider<K>
- - com.amazonaws.encryptionsdk.MasterKey<KmsMasterKey>
  - - com.amazonaws.encryptionsdk.kmssdkv2.KmsMasterKey

All Implemented Interfaces:

KmsMethods
```
public final class KmsMasterKey
extends MasterKey<KmsMasterKey>
implements KmsMethods
```
Represents a single Customer Master Key (CMK) and is used to encrypt/decrypt data with AwsCrypto.
This component is not multi-Region key aware, and will treat every AWS KMS identifier as regionally isolated.

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`void`	`addGrantToken(String grantToken)`	Adds `grantToken` to the list of grantTokens sent to KMS when this class calls it.
`DataKey<KmsMasterKey>`	`decryptDataKey(CryptoAlgorithm algorithm, Collection<? extends EncryptedDataKey> encryptedDataKeys, Map<String,String> encryptionContext)`	Iterates through `encryptedDataKeys` and returns the first one which can be successfully decrypted.
`DataKey<KmsMasterKey>`	`encryptDataKey(CryptoAlgorithm algorithm, Map<String,String> encryptionContext, DataKey<?> dataKey)`	Returns a new copy of the provided `dataKey` which is protected by this `MasterKey` for use with `algorithm` and associated with the provided `encryptionContext`.
`DataKey<KmsMasterKey>`	`generateDataKey(CryptoAlgorithm algorithm, Map<String,String> encryptionContext)`	Generates a new `DataKey` which is protected by this `MasterKey` for use with `algorithm` and associated with the provided `encryptionContext`.
`List<String>`	`getGrantTokens()`	Returns the grantTokens which this object sends to KMS when calling it.
`String`	`getKeyId()`
`String`	`getProviderId()`
`void`	`setGrantTokens(List<String> grantTokens)`	Sets the `grantTokens` which should be submitted to KMS when calling it.

Methods inherited from class com.amazonaws.encryptionsdk.MasterKey
canProvide, equals, getDefaultProviderId, getMasterKey, getMasterKeysForEncryption, hashCode, toString

Methods inherited from class com.amazonaws.encryptionsdk.MasterKeyProvider
buildCannotDecryptDksException, buildCannotDecryptDksException, buildCannotDecryptDksException, getMasterKey

Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait

- Method Detail
  - getProviderId
```
public String getProviderId()
```
    Specified by:
    
    getProviderId in class MasterKey<KmsMasterKey>
  - getKeyId
```
public String getKeyId()
```
    Specified by:
    
    getKeyId in class MasterKey<KmsMasterKey>
  - generateDataKey
```
public DataKey<KmsMasterKey> generateDataKey(CryptoAlgorithm algorithm,
                                             Map<String,String> encryptionContext)
```
    Description copied from class: MasterKey
    
    Generates a new DataKey which is protected by this MasterKey for use with algorithm and associated with the provided encryptionContext.
    
    Specified by:
    
    generateDataKey in class MasterKey<KmsMasterKey>
  - setGrantTokens
```
public void setGrantTokens(List<String> grantTokens)
```
    Description copied from interface: KmsMethods
    
    Sets the grantTokens which should be submitted to KMS when calling it.
    
    Specified by:
    
    setGrantTokens in interface KmsMethods
  - getGrantTokens
```
public List<String> getGrantTokens()
```
    Description copied from interface: KmsMethods
    
    Returns the grantTokens which this object sends to KMS when calling it.
    
    Specified by:
    
    getGrantTokens in interface KmsMethods
  - addGrantToken
```
public void addGrantToken(String grantToken)
```
    Description copied from interface: KmsMethods
    
    Adds grantToken to the list of grantTokens sent to KMS when this class calls it.
    
    Specified by:
    
    addGrantToken in interface KmsMethods
  - encryptDataKey
```
public DataKey<KmsMasterKey> encryptDataKey(CryptoAlgorithm algorithm,
                                            Map<String,String> encryptionContext,
                                            DataKey<?> dataKey)
```
    Description copied from class: MasterKey
    
    Returns a new copy of the provided dataKey which is protected by this MasterKey for use with algorithm and associated with the provided encryptionContext.
    
    Specified by:
    
    encryptDataKey in class MasterKey<KmsMasterKey>
  - decryptDataKey
```
public DataKey<KmsMasterKey> decryptDataKey(CryptoAlgorithm algorithm,
                                            Collection<? extends EncryptedDataKey> encryptedDataKeys,
                                            Map<String,String> encryptionContext)
                                     throws UnsupportedProviderException,
                                            AwsCryptoException
```
    Description copied from class: MasterKeyProvider
    
    Iterates through encryptedDataKeys and returns the first one which can be successfully decrypted.
    
    Specified by:
    
    decryptDataKey in class MasterKeyProvider<KmsMasterKey>
    
    Returns:
    
    a DataKey if one can be decrypted, otherwise returns null
    
    Throws:
    
    UnsupportedProviderException - if the encryptedDataKey is associated with an unsupported provider
    
    CannotUnwrapDataKeyException - if the encryptedDataKey cannot be decrypted
    
    AwsCryptoException

Class KmsMasterKey

Method Summary

Methods inherited from class com.amazonaws.encryptionsdk.MasterKey

Methods inherited from class com.amazonaws.encryptionsdk.MasterKeyProvider

Methods inherited from class java.lang.Object

Method Detail

getProviderId

getKeyId

generateDataKey

setGrantTokens

getGrantTokens

addGrantToken

encryptDataKey

decryptDataKey