software.amazon.awssdk.services.kms.model

Class EncryptRequest

java.lang.Object

software.amazon.awssdk.core.SdkRequest

software.amazon.awssdk.awscore.AwsRequest

software.amazon.awssdk.services.kms.model.KmsRequest

software.amazon.awssdk.services.kms.model.EncryptRequest

All Implemented Interfaces:

SdkPojo, ToCopyableBuilder<EncryptRequest.Builder,EncryptRequest>

@Generated(value="software.amazon.awssdk:codegen")
public final class EncryptRequest
extends KmsRequest
implements ToCopyableBuilder<EncryptRequest.Builder,EncryptRequest>

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static interface	EncryptRequest.Builder

Method Summary

Modifier and Type	Method and Description
static EncryptRequest.Builder	builder()
EncryptionAlgorithmSpec	encryptionAlgorithm() Specifies the encryption algorithm that AWS KMS will use to encrypt the plaintext message.
String	encryptionAlgorithmAsString() Specifies the encryption algorithm that AWS KMS will use to encrypt the plaintext message.
Map<String,String>	encryptionContext() Specifies the encryption context that will be used to encrypt the data.
boolean	equals(Object obj)
boolean	equalsBySdkFields(Object obj)
<T> Optional<T>	getValueForField(String fieldName, Class<T> clazz)
List<String>	grantTokens() A list of grant tokens.
boolean	hasEncryptionContext() Returns true if the EncryptionContext property was specified by the sender (it may be empty), or false if the sender did not specify the value (it will be empty).
boolean	hasGrantTokens() Returns true if the GrantTokens property was specified by the sender (it may be empty), or false if the sender did not specify the value (it will be empty).
int	hashCode()
String	keyId() A unique identifier for the customer master key (CMK).
SdkBytes	plaintext() Data to be encrypted.
List<SdkField<?>>	sdkFields()
static Class<? extends EncryptRequest.Builder>	serializableBuilderClass()
EncryptRequest.Builder	toBuilder()
String	toString() Returns a string representation of this object.

Methods inherited from class software.amazon.awssdk.awscore.AwsRequest

overrideConfiguration

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Methods inherited from interface software.amazon.awssdk.utils.builder.ToCopyableBuilder

copy

Method Detail

keyId

public final String keyId()

A unique identifier for the customer master key (CMK).

To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with "alias/". To specify a CMK in a different AWS account, you must use the key ARN or alias ARN.

For example:

• Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab

• Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

• Alias name: alias/ExampleAlias

• Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias

To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

Returns:

A unique identifier for the customer master key (CMK).

To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with "alias/". To specify a CMK in a different AWS account, you must use the key ARN or alias ARN.

For example:

• Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab

• Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

• Alias name: alias/ExampleAlias

• Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias

To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

plaintext

public final SdkBytes plaintext()

Data to be encrypted.

Returns:

Data to be encrypted.

hasEncryptionContext

public final boolean hasEncryptionContext()

Returns true if the EncryptionContext property was specified by the sender (it may be empty), or false if the sender did not specify the value (it will be empty). For responses returned by the SDK, the sender is the AWS service.

encryptionContext

public final Map<String,String> encryptionContext()

Specifies the encryption context that will be used to encrypt the data. An encryption context is valid only for cryptographic operations with a symmetric CMK. The standard asymmetric encryption algorithms that AWS KMS uses do not support an encryption context.

An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.

For more information, see Encryption Context in the AWS Key Management Service Developer Guide.

Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

You can use hasEncryptionContext() to see if a value was sent in this field.

Returns:

Specifies the encryption context that will be used to encrypt the data. An encryption context is valid only for cryptographic operations with a symmetric CMK. The standard asymmetric encryption algorithms that AWS KMS uses do not support an encryption context.

An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.

For more information, see Encryption Context in the AWS Key Management Service Developer Guide.

hasGrantTokens

public final boolean hasGrantTokens()

Returns true if the GrantTokens property was specified by the sender (it may be empty), or false if the sender did not specify the value (it will be empty). For responses returned by the SDK, the sender is the AWS service.

grantTokens

public final List<String> grantTokens()

A list of grant tokens.

For more information, see Grant Tokens in the AWS Key Management Service Developer Guide.

Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

You can use hasGrantTokens() to see if a value was sent in this field.

Returns:

A list of grant tokens.

For more information, see Grant Tokens in the AWS Key Management Service Developer Guide.

encryptionAlgorithm

public final EncryptionAlgorithmSpec encryptionAlgorithm()

Specifies the encryption algorithm that AWS KMS will use to encrypt the plaintext message. The algorithm must be compatible with the CMK that you specify.

This parameter is required only for asymmetric CMKs. The default value, SYMMETRIC_DEFAULT, is the algorithm used for symmetric CMKs. If you are using an asymmetric CMK, we recommend RSAES_OAEP_SHA_256.

If the service returns an enum value that is not available in the current SDK version, encryptionAlgorithm will return EncryptionAlgorithmSpec.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from encryptionAlgorithmAsString().

Returns:

Specifies the encryption algorithm that AWS KMS will use to encrypt the plaintext message. The algorithm must be compatible with the CMK that you specify.

This parameter is required only for asymmetric CMKs. The default value, SYMMETRIC_DEFAULT, is the algorithm used for symmetric CMKs. If you are using an asymmetric CMK, we recommend RSAES_OAEP_SHA_256.

See Also:

EncryptionAlgorithmSpec

encryptionAlgorithmAsString

public final String encryptionAlgorithmAsString()

Specifies the encryption algorithm that AWS KMS will use to encrypt the plaintext message. The algorithm must be compatible with the CMK that you specify.

This parameter is required only for asymmetric CMKs. The default value, SYMMETRIC_DEFAULT, is the algorithm used for symmetric CMKs. If you are using an asymmetric CMK, we recommend RSAES_OAEP_SHA_256.

If the service returns an enum value that is not available in the current SDK version, encryptionAlgorithm will return EncryptionAlgorithmSpec.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from encryptionAlgorithmAsString().

Returns:

Specifies the encryption algorithm that AWS KMS will use to encrypt the plaintext message. The algorithm must be compatible with the CMK that you specify.

This parameter is required only for asymmetric CMKs. The default value, SYMMETRIC_DEFAULT, is the algorithm used for symmetric CMKs. If you are using an asymmetric CMK, we recommend RSAES_OAEP_SHA_256.

See Also:

EncryptionAlgorithmSpec

toBuilder

public EncryptRequest.Builder toBuilder()

Specified by:

toBuilder in interface ToCopyableBuilder<EncryptRequest.Builder,EncryptRequest>

Specified by:

toBuilder in class KmsRequest

builder

public static EncryptRequest.Builder builder()

serializableBuilderClass

public static Class<? extends EncryptRequest.Builder> serializableBuilderClass()

hashCode

public final int hashCode()

Overrides:

hashCode in class AwsRequest

equals

public final boolean equals(Object obj)

Overrides:

equals in class AwsRequest

equalsBySdkFields

public final boolean equalsBySdkFields(Object obj)

Specified by:

equalsBySdkFields in interface SdkPojo

toString

public final String toString()

Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be redacted from this string using a placeholder value.

Overrides:

toString in class Object

getValueForField

public final <T> Optional<T> getValueForField(String fieldName,
                                              Class<T> clazz)

Overrides:

getValueForField in class SdkRequest

sdkFields

public final List<SdkField<?>> sdkFields()

Specified by:

sdkFields in interface SdkPojo