com.qcloud.cos.internal.crypto

Class CryptoConfiguration

java.lang.Object

com.qcloud.cos.internal.crypto.CryptoConfiguration

All Implemented Interfaces:

Serializable, Cloneable

public class CryptoConfiguration
extends Object
implements Cloneable, Serializable

Stores configuration parameters that will be used during encryption and decryption by the COS Encryption Client. With this object, you can set the encryption client to use Instruction Files or Object Metadata for storing encryption information. You can also specify your own crypto provider to be used during encryption and decryption.

See Also:

Serialized Form

Constructor Summary

Constructors

Constructor and Description
CryptoConfiguration() Creates a new CryptoConfiguration object with default storage mode and crypto provider settings.
CryptoConfiguration(CryptoMode cryptoMode)

Method Summary

Modifier and Type	Method and Description
CryptoConfiguration	clone()
CryptoMode	getCryptoMode() Returns the optionally specified crypto mode applicable only to the COS encryption client; or null.
Provider	getCryptoProvider() Returns the crypto provider whose encryption implementation will be used to encrypt and decrypt data.
byte[]	getIV()
String	getKmsRegion() Returns the the KMS region explicitly specified for the KMS client when such client is internally instantiated; or null if no explicit KMS region is specified.
CryptoStorageMode	getStorageMode() Returns the current storage mode of a CryptoConfiguration object.
boolean	isIgnoreMissingInstructionFile() Returns true to ignore instruction file that cannot be found during a GET operation; false otherwise.
boolean	isReadOnly()
CryptoConfiguration	readOnly() Returns a read-only copy of this configuration.
void	setCryptoMode(CryptoMode cryptoMode) Sets the crypto mode; applicable only to the COS encryption client.
void	setCryptoProvider(Provider cryptoProvider) Sets the crypto provider to the specified provider.
void	setIgnoreMissingInstructionFile(boolean ignoreMissingInstructionFile)
void	setIV(byte[] iv)
void	setKmsRegion(String kmsRegion) Sets the KMS region for the KMS client when such client is internally instantiated instead of externally passed in by users; or null if no explicit KMS region is explicitly configured.This KMS region parameter is ignored when the KMS client of the encryption client is explicitly passed in by the users, instead of being implicitly created.
void	setStorageMode(CryptoStorageMode storageMode) Sets the storage mode to the specified mode.
CryptoConfiguration	withCryptoMode(CryptoMode cryptoMode) Fluent API to set the crypto mode; applicable only to the COS encryption client.
CryptoConfiguration	withCryptoProvider(Provider cryptoProvider) Sets the crypto provider to the specified provider, and returns the updated CryptoConfiguration object.
CryptoConfiguration	withIgnoreMissingInstructionFile(boolean ignoreMissingInstructionFile) Fluent API to set the property to ignore instruction file that cannot be found during a GET operation.
CryptoConfiguration	withIV(byte[] iv)
CryptoConfiguration	withKmsRegion(String kmsRegion) Fluent API for setting the KMS region for the KMS client when such client is internally instantiated instead of externally passed in by users; or null if no explicit KMS region is explicitly configured.This KMS region parameter is ignored when the KMS client of the encryption client is explicitly passed in by the users, instead of being implicitly created.
CryptoConfiguration	withStorageMode(CryptoStorageMode storageMode) Sets the storage mode to the specified mode, and returns the updated CryptoConfiguration object.

Methods inherited from class java.lang.Object

equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

CryptoConfiguration

public CryptoConfiguration()

Creates a new CryptoConfiguration object with default storage mode and crypto provider settings. The default storage mode is the Object Metadata storage mode, and the default crypto provider is the JCE provider.

CryptoConfiguration

public CryptoConfiguration(CryptoMode cryptoMode)

Parameters:

cryptoMode - cryptographic mode to be used

Throws:

UnsupportedOperationException - if the necessary security provider cannot be found or the necessary cryptographic operations are not supported for the specified crypto mode.

Method Detail

setStorageMode

public void setStorageMode(CryptoStorageMode storageMode)

Sets the storage mode to the specified mode.

Parameters:

storageMode - The storage mode to be used for storing encryption information.

withStorageMode

public CryptoConfiguration withStorageMode(CryptoStorageMode storageMode)

Sets the storage mode to the specified mode, and returns the updated CryptoConfiguration object.

Parameters:

storageMode - The storage mode to be used for storing encryption information.

Returns:

The updated CryptoConfiguration object.

getStorageMode

public CryptoStorageMode getStorageMode()

Returns the current storage mode of a CryptoConfiguration object.

Returns:

The storage mode to be used for storing encryption information.

setCryptoProvider

public void setCryptoProvider(Provider cryptoProvider)

Sets the crypto provider to the specified provider.

Parameters:

cryptoProvider - The crypto provider whose encryption implementation will be used to encrypt and decrypt data.

withCryptoProvider

public CryptoConfiguration withCryptoProvider(Provider cryptoProvider)

Sets the crypto provider to the specified provider, and returns the updated CryptoConfiguration object.

Parameters:

cryptoProvider - The crypto provider whose encryption implementation will be used to encrypt and decrypt data.

Returns:

The updated CryptoConfiguration object.

getCryptoProvider

public Provider getCryptoProvider()

Returns the crypto provider whose encryption implementation will be used to encrypt and decrypt data.

Returns:

the crypto provider whose encryption implementation will be used to encrypt and decrypt data.

getCryptoMode

public CryptoMode getCryptoMode()

Returns the optionally specified crypto mode applicable only to the COS encryption client; or null. This attribute is ignored if the COS encryption client is not in use.

setCryptoMode

public void setCryptoMode(CryptoMode cryptoMode)
                   throws UnsupportedOperationException

Sets the crypto mode; applicable only to the COS encryption client.

Throws:

UnsupportedOperationException - if the necessary security provider cannot be found or the necessary cryptographic operations are not supported for the specified crypto mode. Note the crypto mode can and will still (intentionally) be set in such case, and it's up to the caller to decide what to do about it.

withCryptoMode

public CryptoConfiguration withCryptoMode(CryptoMode cryptoMode)
                                   throws UnsupportedOperationException

Fluent API to set the crypto mode; applicable only to the COS encryption client.

Throws:

UnsupportedOperationException - if the necessary security provider cannot be found or the necessary cryptographic operations are not supported for the specified crypto mode.Note the crypto mode can and will still (intentionally) be set in such case, and it's up to the caller to decide what to do about it.

isIgnoreMissingInstructionFile

public boolean isIgnoreMissingInstructionFile()

Returns true to ignore instruction file that cannot be found during a GET operation; false otherwise. Default is true. This property is ignored if the crypto mode is CryptoMode.StrictAuthenticatedEncryption where missing instruction file would always cause security exception.

setIgnoreMissingInstructionFile

public void setIgnoreMissingInstructionFile(boolean ignoreMissingInstructionFile)

Parameters:

ignoreMissingInstructionFile - true to ignore instruction file that cannot be found during a GET operation; false otherwise. Default is true. This property is ignored if the crypto mode is CryptoMode.StrictAuthenticatedEncryption where missing instruction file would always cause security exception.

withIgnoreMissingInstructionFile

public CryptoConfiguration withIgnoreMissingInstructionFile(boolean ignoreMissingInstructionFile)

Fluent API to set the property to ignore instruction file that cannot be found during a GET operation.

isReadOnly

public boolean isReadOnly()

readOnly

public CryptoConfiguration readOnly()

Returns a read-only copy of this configuration.

clone

public CryptoConfiguration clone()

Overrides:

clone in class Object

getKmsRegion

public String getKmsRegion()

Returns the the KMS region explicitly specified for the KMS client when such client is internally instantiated; or null if no explicit KMS region is specified. This KMS region parameter is ignored when the AWS KMS client of the encryption client is explicitly passed in by the users, instead of being implicitly created.

setKmsRegion

public void setKmsRegion(String kmsRegion)

Sets the KMS region for the KMS client when such client is internally instantiated instead of externally passed in by users; or null if no explicit KMS region is explicitly configured.This KMS region parameter is ignored when the KMS client of the encryption client is explicitly passed in by the users, instead of being implicitly created.

withKmsRegion

public CryptoConfiguration withKmsRegion(String kmsRegion)

Fluent API for setting the KMS region for the KMS client when such client is internally instantiated instead of externally passed in by users; or null if no explicit KMS region is explicitly configured.This KMS region parameter is ignored when the KMS client of the encryption client is explicitly passed in by the users, instead of being implicitly created.

getIV

public byte[] getIV()

setIV

public void setIV(byte[] iv)

withIV

public CryptoConfiguration withIV(byte[] iv)