com.amazonaws.services.s3.internal.crypto.v2

Class S3CryptoModuleAEStrict

java.lang.Object

com.amazonaws.services.s3.internal.crypto.v2.S3CryptoModule<T>

com.amazonaws.services.s3.internal.crypto.v2.S3CryptoModuleBase<com.amazonaws.services.s3.internal.crypto.v2.MultipartUploadCryptoContext>

com.amazonaws.services.s3.internal.crypto.v2.S3CryptoModuleAE

com.amazonaws.services.s3.internal.crypto.v2.S3CryptoModuleAEStrict

public class S3CryptoModuleAEStrict
extends S3CryptoModuleAE

Strict Authenticated encryption (AE) cryptographic module for the S3 encryption client.

Field Summary

Fields inherited from class com.amazonaws.services.s3.internal.crypto.v2.S3CryptoModuleBase

contentCryptoScheme, cryptoConfig, DEFAULT_BUFFER_SIZE, kekMaterialsProvider, kms, log, multipartUploadContexts, s3

Constructor Summary

Constructors

Constructor and Description
S3CryptoModuleAEStrict(AWSKMS kms, S3Direct s3, AWSCredentialsProvider credentialsProvider, EncryptionMaterialsProvider encryptionMaterialsProvider, CryptoConfigurationV2 cryptoConfig)

Method Summary

Modifier and Type	Method and Description
protected boolean	isStrict() Returns true if a strict encryption mode is in use in the current crypto module; false otherwise.
protected void	securityCheck(com.amazonaws.services.s3.internal.crypto.v2.ContentCryptoMaterial cekMaterial, S3ObjectId objectId, boolean isRangeGet) Checks if the the crypto scheme used in the given content crypto material is allowed to be used in this crypto module.

Methods inherited from class com.amazonaws.services.s3.internal.crypto.v2.S3CryptoModuleAE

adjustToDesiredRange, ciphertextLength, getObjectSecurely, getObjectSecurely, isRangeGetEnabled

Methods inherited from class com.amazonaws.services.s3.internal.crypto.v2.S3CryptoModuleBase

abortMultipartUploadSecurely, completeMultipartUploadSecurely, copyPartSecurely, createContentCryptoMaterial, createInstructionPutRequest, generateCEK, getCryptoConfiguration, getEncryptionMaterialsProvider, initiateMultipartUploadSecurely, newMultipartS3CipherInputStream, plaintextLength, putInstructionFileSecurely, putLocalObjectSecurely, putObjectSecurely, updateInstructionPutRequest, updateMetadataWithContentCryptoMaterial, uploadPartSecurely, wrapWithCipher

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

S3CryptoModuleAEStrict

public S3CryptoModuleAEStrict(AWSKMS kms,
                              S3Direct s3,
                              AWSCredentialsProvider credentialsProvider,
                              EncryptionMaterialsProvider encryptionMaterialsProvider,
                              CryptoConfigurationV2 cryptoConfig)

Parameters:

cryptoConfig - a read-only copy of the crypto configuration.

Method Detail

isStrict

protected final boolean isStrict()

Description copied from class: S3CryptoModuleAE

Returns true if a strict encryption mode is in use in the current crypto module; false otherwise.

Overrides:

isStrict in class S3CryptoModuleAE

securityCheck

protected void securityCheck(com.amazonaws.services.s3.internal.crypto.v2.ContentCryptoMaterial cekMaterial,
                             S3ObjectId objectId,
                             boolean isRangeGet)

Description copied from class: S3CryptoModuleBase

Checks if the the crypto scheme used in the given content crypto material is allowed to be used in this crypto module. Default is no-op. Subclass may override.

Overrides:

securityCheck in class S3CryptoModuleBase<com.amazonaws.services.s3.internal.crypto.v2.MultipartUploadCryptoContext>