* Ciphertext to be decrypted. The blob includes metadata. *
*/ private java.nio.ByteBuffer ciphertextBlob; /** ** Specifies the encryption context to use when decrypting the data. An encryption context is valid only for cryptographic * operations with a symmetric encryption KMS key. The standard asymmetric encryption algorithms and HMAC * algorithms that KMS uses do not support an encryption context. *
** An encryption context is a collection of non-secret key-value pairs that represent additional * authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact * case-sensitive match) encryption context to decrypt the data. An encryption context is supported only on * operations with symmetric encryption KMS keys. On operations with symmetric encryption KMS keys, an encryption * context is optional, but it is strongly recommended. *
** For more information, see Encryption context * in the Key Management Service Developer Guide. *
*/ private com.amazonaws.internal.SdkInternalMap* A list of grant tokens. *
** Use a grant token when your permission to call this operation comes from a new grant that has not yet achieved * eventual consistency. For more information, see Grant token and Using a grant * token in the Key Management Service Developer Guide. *
*/ private com.amazonaws.internal.SdkInternalList* Specifies the KMS key that KMS uses to decrypt the ciphertext. *
*
* Enter a key ID of the KMS key that was used to encrypt the ciphertext. If you identify a different KMS key, the
* Decrypt operation throws an IncorrectKeyException.
*
* This parameter is required only when the ciphertext was encrypted under an asymmetric KMS key. If you used a * symmetric encryption KMS key, KMS can get the KMS key from metadata that it adds to the symmetric ciphertext * blob. However, it is always recommended as a best practice. This practice ensures that you use the KMS key that * you intend. *
*
* To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with
* "alias/". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN
* or alias ARN.
*
* For example: *
*
* Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
*
* Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
*
* Alias name: alias/ExampleAlias
*
* Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias
*
* To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and * alias ARN, use ListAliases. *
*/ private String keyId; /** *
* Specifies the encryption algorithm that will be used to decrypt the ciphertext. Specify the same algorithm that
* was used to encrypt the data. If you specify a different algorithm, the Decrypt operation fails.
*
* This parameter is required only when the ciphertext was encrypted under an asymmetric KMS key. The default value,
* SYMMETRIC_DEFAULT, represents the only supported algorithm that is valid for symmetric encryption
* KMS keys.
*
* A signed attestation
* document from an Amazon Web Services Nitro enclave and the encryption algorithm to use with the enclave's
* public key. The only valid encryption algorithm is RSAES_OAEP_SHA_256.
*
* This parameter only supports attestation documents for Amazon Web Services Nitro Enclaves. To include this * parameter, use the Amazon Web Services * Nitro Enclaves SDK or any Amazon Web Services SDK. *
*
* When you use this parameter, instead of returning the plaintext data, KMS encrypts the plaintext data with the
* public key in the attestation document, and returns the resulting ciphertext in the
* CiphertextForRecipient field in the response. This ciphertext can be decrypted only with the private
* key in the enclave. The Plaintext field in the response is null or empty.
*
* For information about the interaction between KMS and Amazon Web Services Nitro Enclaves, see How Amazon Web Services * Nitro Enclaves uses KMS in the Key Management Service Developer Guide. *
*/ private RecipientInfo recipient; /** *
* Checks if your request will succeed. DryRun is an optional parameter.
*
* To learn more about how to use this parameter, see Testing your KMS API * calls in the Key Management Service Developer Guide. *
*/ private Boolean dryRun; /** ** Ciphertext to be decrypted. The blob includes metadata. *
** The AWS SDK for Java performs a Base64 encoding on this field before sending this request to the AWS service. * Users of the SDK should not perform Base64 encoding on this field. *
** Warning: ByteBuffers returned by the SDK are mutable. Changes to the content or position of the byte buffer will * be seen by all objects that have a reference to this object. It is recommended to call ByteBuffer.duplicate() or * ByteBuffer.asReadOnlyBuffer() before using or reading from the buffer. This behavior will be changed in a future * major version of the SDK. *
* * @param ciphertextBlob * Ciphertext to be decrypted. The blob includes metadata. */ public void setCiphertextBlob(java.nio.ByteBuffer ciphertextBlob) { this.ciphertextBlob = ciphertextBlob; } /** ** Ciphertext to be decrypted. The blob includes metadata. *
** {@code ByteBuffer}s are stateful. Calling their {@code get} methods changes their {@code position}. We recommend * using {@link java.nio.ByteBuffer#asReadOnlyBuffer()} to create a read-only view of the buffer with an independent * {@code position}, and calling {@code get} methods on this rather than directly on the returned {@code ByteBuffer}. * Doing so will ensure that anyone else using the {@code ByteBuffer} will not be affected by changes to the * {@code position}. *
* * @return Ciphertext to be decrypted. The blob includes metadata. */ public java.nio.ByteBuffer getCiphertextBlob() { return this.ciphertextBlob; } /** ** Ciphertext to be decrypted. The blob includes metadata. *
** The AWS SDK for Java performs a Base64 encoding on this field before sending this request to the AWS service. * Users of the SDK should not perform Base64 encoding on this field. *
** Warning: ByteBuffers returned by the SDK are mutable. Changes to the content or position of the byte buffer will * be seen by all objects that have a reference to this object. It is recommended to call ByteBuffer.duplicate() or * ByteBuffer.asReadOnlyBuffer() before using or reading from the buffer. This behavior will be changed in a future * major version of the SDK. *
* * @param ciphertextBlob * Ciphertext to be decrypted. The blob includes metadata. * @return Returns a reference to this object so that method calls can be chained together. */ public DecryptRequest withCiphertextBlob(java.nio.ByteBuffer ciphertextBlob) { setCiphertextBlob(ciphertextBlob); return this; } /** ** Specifies the encryption context to use when decrypting the data. An encryption context is valid only for cryptographic * operations with a symmetric encryption KMS key. The standard asymmetric encryption algorithms and HMAC * algorithms that KMS uses do not support an encryption context. *
** An encryption context is a collection of non-secret key-value pairs that represent additional * authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact * case-sensitive match) encryption context to decrypt the data. An encryption context is supported only on * operations with symmetric encryption KMS keys. On operations with symmetric encryption KMS keys, an encryption * context is optional, but it is strongly recommended. *
** For more information, see Encryption context * in the Key Management Service Developer Guide. *
* * @return Specifies the encryption context to use when decrypting the data. An encryption context is valid only for * * cryptographic operations with a symmetric encryption KMS key. The standard asymmetric encryption * algorithms and HMAC algorithms that KMS uses do not support an encryption context. ** An encryption context is a collection of non-secret key-value pairs that represent additional * authenticated data. When you use an encryption context to encrypt data, you must specify the same (an * exact case-sensitive match) encryption context to decrypt the data. An encryption context is supported * only on operations with symmetric encryption KMS keys. On operations with symmetric encryption KMS keys, * an encryption context is optional, but it is strongly recommended. *
*
* For more information, see Encryption
* context in the Key Management Service Developer Guide.
*/
public java.util.Map
* Specifies the encryption context to use when decrypting the data. An encryption context is valid only for cryptographic
* operations with a symmetric encryption KMS key. The standard asymmetric encryption algorithms and HMAC
* algorithms that KMS uses do not support an encryption context.
*
* An encryption context is a collection of non-secret key-value pairs that represent additional
* authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact
* case-sensitive match) encryption context to decrypt the data. An encryption context is supported only on
* operations with symmetric encryption KMS keys. On operations with symmetric encryption KMS keys, an encryption
* context is optional, but it is strongly recommended.
*
* For more information, see Encryption context
* in the Key Management Service Developer Guide.
*
* An encryption context is a collection of non-secret key-value pairs that represent additional * authenticated data. When you use an encryption context to encrypt data, you must specify the same (an * exact case-sensitive match) encryption context to decrypt the data. An encryption context is supported * only on operations with symmetric encryption KMS keys. On operations with symmetric encryption KMS keys, * an encryption context is optional, but it is strongly recommended. *
*
* For more information, see Encryption
* context in the Key Management Service Developer Guide.
*/
public void setEncryptionContext(java.util.Map
* Specifies the encryption context to use when decrypting the data. An encryption context is valid only for cryptographic
* operations with a symmetric encryption KMS key. The standard asymmetric encryption algorithms and HMAC
* algorithms that KMS uses do not support an encryption context.
*
* An encryption context is a collection of non-secret key-value pairs that represent additional
* authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact
* case-sensitive match) encryption context to decrypt the data. An encryption context is supported only on
* operations with symmetric encryption KMS keys. On operations with symmetric encryption KMS keys, an encryption
* context is optional, but it is strongly recommended.
*
* For more information, see Encryption context
* in the Key Management Service Developer Guide.
*
* An encryption context is a collection of non-secret key-value pairs that represent additional * authenticated data. When you use an encryption context to encrypt data, you must specify the same (an * exact case-sensitive match) encryption context to decrypt the data. An encryption context is supported * only on operations with symmetric encryption KMS keys. On operations with symmetric encryption KMS keys, * an encryption context is optional, but it is strongly recommended. *
*
* For more information, see Encryption
* context in the Key Management Service Developer Guide.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public DecryptRequest withEncryptionContext(java.util.Map
* A list of grant tokens.
*
* Use a grant token when your permission to call this operation comes from a new grant that has not yet achieved
* eventual consistency. For more information, see Grant token and Using a grant
* token in the Key Management Service Developer Guide.
*
* Use a grant token when your permission to call this operation comes from a new grant that has not yet
* achieved eventual consistency. For more information, see Grant token and
* Using
* a grant token in the Key Management Service Developer Guide.
*/
public java.util.List
* A list of grant tokens.
*
* Use a grant token when your permission to call this operation comes from a new grant that has not yet achieved
* eventual consistency. For more information, see Grant token and Using a grant
* token in the Key Management Service Developer Guide.
*
* Use a grant token when your permission to call this operation comes from a new grant that has not yet
* achieved eventual consistency. For more information, see Grant token and
* Using
* a grant token in the Key Management Service Developer Guide.
*/
public void setGrantTokens(java.util.Collection
* A list of grant tokens.
*
* Use a grant token when your permission to call this operation comes from a new grant that has not yet achieved
* eventual consistency. For more information, see Grant token and Using a grant
* token in the Key Management Service Developer Guide.
*
* NOTE: This method appends the values to the existing list (if any). Use
* {@link #setGrantTokens(java.util.Collection)} or {@link #withGrantTokens(java.util.Collection)} if you want to
* override the existing values.
*
* Use a grant token when your permission to call this operation comes from a new grant that has not yet
* achieved eventual consistency. For more information, see Grant token and
* Using
* a grant token in the Key Management Service Developer Guide.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public DecryptRequest withGrantTokens(String... grantTokens) {
if (this.grantTokens == null) {
setGrantTokens(new com.amazonaws.internal.SdkInternalList
* A list of grant tokens.
*
* Use a grant token when your permission to call this operation comes from a new grant that has not yet achieved
* eventual consistency. For more information, see Grant token and Using a grant
* token in the Key Management Service Developer Guide.
*
* Use a grant token when your permission to call this operation comes from a new grant that has not yet
* achieved eventual consistency. For more information, see Grant token and
* Using
* a grant token in the Key Management Service Developer Guide.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public DecryptRequest withGrantTokens(java.util.Collection
* Specifies the KMS key that KMS uses to decrypt the ciphertext.
*
* Enter a key ID of the KMS key that was used to encrypt the ciphertext. If you identify a different KMS key, the
*
* This parameter is required only when the ciphertext was encrypted under an asymmetric KMS key. If you used a
* symmetric encryption KMS key, KMS can get the KMS key from metadata that it adds to the symmetric ciphertext
* blob. However, it is always recommended as a best practice. This practice ensures that you use the KMS key that
* you intend.
*
* To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with
*
* For example:
*
* Key ID:
* Key ARN:
* Alias name:
* Alias ARN:
* To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and
* alias ARN, use ListAliases.
* Decrypt operation throws an IncorrectKeyException.
* "alias/". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN
* or alias ARN.
*
*
* 1234abcd-12ab-34cd-56ef-1234567890ab
* arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
* alias/ExampleAlias
* arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias
*
* Enter a key ID of the KMS key that was used to encrypt the ciphertext. If you identify a different KMS
* key, the Decrypt operation throws an IncorrectKeyException.
*
* This parameter is required only when the ciphertext was encrypted under an asymmetric KMS key. If you used * a symmetric encryption KMS key, KMS can get the KMS key from metadata that it adds to the symmetric * ciphertext blob. However, it is always recommended as a best practice. This practice ensures that you use * the KMS key that you intend. *
*
* To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix
* it with "alias/". To specify a KMS key in a different Amazon Web Services account, you must
* use the key ARN or alias ARN.
*
* For example: *
*
* Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
*
* Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
*
* Alias name: alias/ExampleAlias
*
* Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias
*
* To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias * name and alias ARN, use ListAliases. */ public void setKeyId(String keyId) { this.keyId = keyId; } /** *
* Specifies the KMS key that KMS uses to decrypt the ciphertext. *
*
* Enter a key ID of the KMS key that was used to encrypt the ciphertext. If you identify a different KMS key, the
* Decrypt operation throws an IncorrectKeyException.
*
* This parameter is required only when the ciphertext was encrypted under an asymmetric KMS key. If you used a * symmetric encryption KMS key, KMS can get the KMS key from metadata that it adds to the symmetric ciphertext * blob. However, it is always recommended as a best practice. This practice ensures that you use the KMS key that * you intend. *
*
* To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with
* "alias/". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN
* or alias ARN.
*
* For example: *
*
* Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
*
* Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
*
* Alias name: alias/ExampleAlias
*
* Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias
*
* To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and * alias ARN, use ListAliases. *
* * @return Specifies the KMS key that KMS uses to decrypt the ciphertext. *
* Enter a key ID of the KMS key that was used to encrypt the ciphertext. If you identify a different KMS
* key, the Decrypt operation throws an IncorrectKeyException.
*
* This parameter is required only when the ciphertext was encrypted under an asymmetric KMS key. If you * used a symmetric encryption KMS key, KMS can get the KMS key from metadata that it adds to the symmetric * ciphertext blob. However, it is always recommended as a best practice. This practice ensures that you use * the KMS key that you intend. *
*
* To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix
* it with "alias/". To specify a KMS key in a different Amazon Web Services account, you must
* use the key ARN or alias ARN.
*
* For example: *
*
* Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
*
* Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
*
* Alias name: alias/ExampleAlias
*
* Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias
*
* To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias * name and alias ARN, use ListAliases. */ public String getKeyId() { return this.keyId; } /** *
* Specifies the KMS key that KMS uses to decrypt the ciphertext. *
*
* Enter a key ID of the KMS key that was used to encrypt the ciphertext. If you identify a different KMS key, the
* Decrypt operation throws an IncorrectKeyException.
*
* This parameter is required only when the ciphertext was encrypted under an asymmetric KMS key. If you used a * symmetric encryption KMS key, KMS can get the KMS key from metadata that it adds to the symmetric ciphertext * blob. However, it is always recommended as a best practice. This practice ensures that you use the KMS key that * you intend. *
*
* To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with
* "alias/". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN
* or alias ARN.
*
* For example: *
*
* Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
*
* Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
*
* Alias name: alias/ExampleAlias
*
* Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias
*
* To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and * alias ARN, use ListAliases. *
* * @param keyId * Specifies the KMS key that KMS uses to decrypt the ciphertext. *
* Enter a key ID of the KMS key that was used to encrypt the ciphertext. If you identify a different KMS
* key, the Decrypt operation throws an IncorrectKeyException.
*
* This parameter is required only when the ciphertext was encrypted under an asymmetric KMS key. If you used * a symmetric encryption KMS key, KMS can get the KMS key from metadata that it adds to the symmetric * ciphertext blob. However, it is always recommended as a best practice. This practice ensures that you use * the KMS key that you intend. *
*
* To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix
* it with "alias/". To specify a KMS key in a different Amazon Web Services account, you must
* use the key ARN or alias ARN.
*
* For example: *
*
* Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
*
* Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
*
* Alias name: alias/ExampleAlias
*
* Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias
*
* To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias * name and alias ARN, use ListAliases. * @return Returns a reference to this object so that method calls can be chained together. */ public DecryptRequest withKeyId(String keyId) { setKeyId(keyId); return this; } /** *
* Specifies the encryption algorithm that will be used to decrypt the ciphertext. Specify the same algorithm that
* was used to encrypt the data. If you specify a different algorithm, the Decrypt operation fails.
*
* This parameter is required only when the ciphertext was encrypted under an asymmetric KMS key. The default value,
* SYMMETRIC_DEFAULT, represents the only supported algorithm that is valid for symmetric encryption
* KMS keys.
*
Decrypt
* operation fails.
*
* This parameter is required only when the ciphertext was encrypted under an asymmetric KMS key. The default
* value, SYMMETRIC_DEFAULT, represents the only supported algorithm that is valid for symmetric
* encryption KMS keys.
* @see EncryptionAlgorithmSpec
*/
public void setEncryptionAlgorithm(String encryptionAlgorithm) {
this.encryptionAlgorithm = encryptionAlgorithm;
}
/**
*
* Specifies the encryption algorithm that will be used to decrypt the ciphertext. Specify the same algorithm that
* was used to encrypt the data. If you specify a different algorithm, the Decrypt operation fails.
*
* This parameter is required only when the ciphertext was encrypted under an asymmetric KMS key. The default value,
* SYMMETRIC_DEFAULT, represents the only supported algorithm that is valid for symmetric encryption
* KMS keys.
*
Decrypt operation fails.
*
* This parameter is required only when the ciphertext was encrypted under an asymmetric KMS key. The
* default value, SYMMETRIC_DEFAULT, represents the only supported algorithm that is valid for
* symmetric encryption KMS keys.
* @see EncryptionAlgorithmSpec
*/
public String getEncryptionAlgorithm() {
return this.encryptionAlgorithm;
}
/**
*
* Specifies the encryption algorithm that will be used to decrypt the ciphertext. Specify the same algorithm that
* was used to encrypt the data. If you specify a different algorithm, the Decrypt operation fails.
*
* This parameter is required only when the ciphertext was encrypted under an asymmetric KMS key. The default value,
* SYMMETRIC_DEFAULT, represents the only supported algorithm that is valid for symmetric encryption
* KMS keys.
*
Decrypt
* operation fails.
*
* This parameter is required only when the ciphertext was encrypted under an asymmetric KMS key. The default
* value, SYMMETRIC_DEFAULT, represents the only supported algorithm that is valid for symmetric
* encryption KMS keys.
* @return Returns a reference to this object so that method calls can be chained together.
* @see EncryptionAlgorithmSpec
*/
public DecryptRequest withEncryptionAlgorithm(String encryptionAlgorithm) {
setEncryptionAlgorithm(encryptionAlgorithm);
return this;
}
/**
*
* Specifies the encryption algorithm that will be used to decrypt the ciphertext. Specify the same algorithm that
* was used to encrypt the data. If you specify a different algorithm, the Decrypt operation fails.
*
* This parameter is required only when the ciphertext was encrypted under an asymmetric KMS key. The default value,
* SYMMETRIC_DEFAULT, represents the only supported algorithm that is valid for symmetric encryption
* KMS keys.
*
Decrypt
* operation fails.
*
* This parameter is required only when the ciphertext was encrypted under an asymmetric KMS key. The default
* value, SYMMETRIC_DEFAULT, represents the only supported algorithm that is valid for symmetric
* encryption KMS keys.
* @return Returns a reference to this object so that method calls can be chained together.
* @see EncryptionAlgorithmSpec
*/
public DecryptRequest withEncryptionAlgorithm(EncryptionAlgorithmSpec encryptionAlgorithm) {
this.encryptionAlgorithm = encryptionAlgorithm.toString();
return this;
}
/**
*
* A signed attestation
* document from an Amazon Web Services Nitro enclave and the encryption algorithm to use with the enclave's
* public key. The only valid encryption algorithm is RSAES_OAEP_SHA_256.
*
* This parameter only supports attestation documents for Amazon Web Services Nitro Enclaves. To include this * parameter, use the Amazon Web Services * Nitro Enclaves SDK or any Amazon Web Services SDK. *
*
* When you use this parameter, instead of returning the plaintext data, KMS encrypts the plaintext data with the
* public key in the attestation document, and returns the resulting ciphertext in the
* CiphertextForRecipient field in the response. This ciphertext can be decrypted only with the private
* key in the enclave. The Plaintext field in the response is null or empty.
*
* For information about the interaction between KMS and Amazon Web Services Nitro Enclaves, see How Amazon Web Services * Nitro Enclaves uses KMS in the Key Management Service Developer Guide. *
* * @param recipient * A signed attestation document from an Amazon Web Services Nitro enclave and the encryption algorithm to use * with the enclave's public key. The only valid encryption algorithm isRSAES_OAEP_SHA_256.
*
* * This parameter only supports attestation documents for Amazon Web Services Nitro Enclaves. To include this * parameter, use the Amazon Web * Services Nitro Enclaves SDK or any Amazon Web Services SDK. *
*
* When you use this parameter, instead of returning the plaintext data, KMS encrypts the plaintext data with
* the public key in the attestation document, and returns the resulting ciphertext in the
* CiphertextForRecipient field in the response. This ciphertext can be decrypted only with the
* private key in the enclave. The Plaintext field in the response is null or empty.
*
* For information about the interaction between KMS and Amazon Web Services Nitro Enclaves, see How Amazon Web * Services Nitro Enclaves uses KMS in the Key Management Service Developer Guide. */ public void setRecipient(RecipientInfo recipient) { this.recipient = recipient; } /** *
* A signed attestation
* document from an Amazon Web Services Nitro enclave and the encryption algorithm to use with the enclave's
* public key. The only valid encryption algorithm is RSAES_OAEP_SHA_256.
*
* This parameter only supports attestation documents for Amazon Web Services Nitro Enclaves. To include this * parameter, use the Amazon Web Services * Nitro Enclaves SDK or any Amazon Web Services SDK. *
*
* When you use this parameter, instead of returning the plaintext data, KMS encrypts the plaintext data with the
* public key in the attestation document, and returns the resulting ciphertext in the
* CiphertextForRecipient field in the response. This ciphertext can be decrypted only with the private
* key in the enclave. The Plaintext field in the response is null or empty.
*
* For information about the interaction between KMS and Amazon Web Services Nitro Enclaves, see How Amazon Web Services * Nitro Enclaves uses KMS in the Key Management Service Developer Guide. *
* * @return A signed attestation document from an Amazon Web Services Nitro enclave and the encryption algorithm to use * with the enclave's public key. The only valid encryption algorithm isRSAES_OAEP_SHA_256.
*
* * This parameter only supports attestation documents for Amazon Web Services Nitro Enclaves. To include * this parameter, use the Amazon Web * Services Nitro Enclaves SDK or any Amazon Web Services SDK. *
*
* When you use this parameter, instead of returning the plaintext data, KMS encrypts the plaintext data
* with the public key in the attestation document, and returns the resulting ciphertext in the
* CiphertextForRecipient field in the response. This ciphertext can be decrypted only with the
* private key in the enclave. The Plaintext field in the response is null or empty.
*
* For information about the interaction between KMS and Amazon Web Services Nitro Enclaves, see How Amazon Web * Services Nitro Enclaves uses KMS in the Key Management Service Developer Guide. */ public RecipientInfo getRecipient() { return this.recipient; } /** *
* A signed attestation
* document from an Amazon Web Services Nitro enclave and the encryption algorithm to use with the enclave's
* public key. The only valid encryption algorithm is RSAES_OAEP_SHA_256.
*
* This parameter only supports attestation documents for Amazon Web Services Nitro Enclaves. To include this * parameter, use the Amazon Web Services * Nitro Enclaves SDK or any Amazon Web Services SDK. *
*
* When you use this parameter, instead of returning the plaintext data, KMS encrypts the plaintext data with the
* public key in the attestation document, and returns the resulting ciphertext in the
* CiphertextForRecipient field in the response. This ciphertext can be decrypted only with the private
* key in the enclave. The Plaintext field in the response is null or empty.
*
* For information about the interaction between KMS and Amazon Web Services Nitro Enclaves, see How Amazon Web Services * Nitro Enclaves uses KMS in the Key Management Service Developer Guide. *
* * @param recipient * A signed attestation document from an Amazon Web Services Nitro enclave and the encryption algorithm to use * with the enclave's public key. The only valid encryption algorithm isRSAES_OAEP_SHA_256.
*
* * This parameter only supports attestation documents for Amazon Web Services Nitro Enclaves. To include this * parameter, use the Amazon Web * Services Nitro Enclaves SDK or any Amazon Web Services SDK. *
*
* When you use this parameter, instead of returning the plaintext data, KMS encrypts the plaintext data with
* the public key in the attestation document, and returns the resulting ciphertext in the
* CiphertextForRecipient field in the response. This ciphertext can be decrypted only with the
* private key in the enclave. The Plaintext field in the response is null or empty.
*
* For information about the interaction between KMS and Amazon Web Services Nitro Enclaves, see How Amazon Web * Services Nitro Enclaves uses KMS in the Key Management Service Developer Guide. * @return Returns a reference to this object so that method calls can be chained together. */ public DecryptRequest withRecipient(RecipientInfo recipient) { setRecipient(recipient); return this; } /** *
* Checks if your request will succeed. DryRun is an optional parameter.
*
* To learn more about how to use this parameter, see Testing your KMS API * calls in the Key Management Service Developer Guide. *
* * @param dryRun * Checks if your request will succeed.DryRun is an optional parameter.
* * To learn more about how to use this parameter, see Testing your KMS API * calls in the Key Management Service Developer Guide. */ public void setDryRun(Boolean dryRun) { this.dryRun = dryRun; } /** *
* Checks if your request will succeed. DryRun is an optional parameter.
*
* To learn more about how to use this parameter, see Testing your KMS API * calls in the Key Management Service Developer Guide. *
* * @return Checks if your request will succeed.DryRun is an optional parameter.
* * To learn more about how to use this parameter, see Testing your KMS API * calls in the Key Management Service Developer Guide. */ public Boolean getDryRun() { return this.dryRun; } /** *
* Checks if your request will succeed. DryRun is an optional parameter.
*
* To learn more about how to use this parameter, see Testing your KMS API * calls in the Key Management Service Developer Guide. *
* * @param dryRun * Checks if your request will succeed.DryRun is an optional parameter.
* * To learn more about how to use this parameter, see Testing your KMS API * calls in the Key Management Service Developer Guide. * @return Returns a reference to this object so that method calls can be chained together. */ public DecryptRequest withDryRun(Boolean dryRun) { setDryRun(dryRun); return this; } /** *
* Checks if your request will succeed. DryRun is an optional parameter.
*
* To learn more about how to use this parameter, see Testing your KMS API * calls in the Key Management Service Developer Guide. *
* * @return Checks if your request will succeed.DryRun is an optional parameter.
* * To learn more about how to use this parameter, see Testing your KMS API * calls in the Key Management Service Developer Guide. */ public Boolean isDryRun() { return this.dryRun; } /** * Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be * redacted from this string using a placeholder value. * * @return A string representation of this object. * * @see java.lang.Object#toString() */ @Override public String toString() { StringBuilder sb = new StringBuilder(); sb.append("{"); if (getCiphertextBlob() != null) sb.append("CiphertextBlob: ").append(getCiphertextBlob()).append(","); if (getEncryptionContext() != null) sb.append("EncryptionContext: ").append(getEncryptionContext()).append(","); if (getGrantTokens() != null) sb.append("GrantTokens: ").append(getGrantTokens()).append(","); if (getKeyId() != null) sb.append("KeyId: ").append(getKeyId()).append(","); if (getEncryptionAlgorithm() != null) sb.append("EncryptionAlgorithm: ").append(getEncryptionAlgorithm()).append(","); if (getRecipient() != null) sb.append("Recipient: ").append(getRecipient()).append(","); if (getDryRun() != null) sb.append("DryRun: ").append(getDryRun()); sb.append("}"); return sb.toString(); } @Override public boolean equals(Object obj) { if (this == obj) return true; if (obj == null) return false; if (obj instanceof DecryptRequest == false) return false; DecryptRequest other = (DecryptRequest) obj; if (other.getCiphertextBlob() == null ^ this.getCiphertextBlob() == null) return false; if (other.getCiphertextBlob() != null && other.getCiphertextBlob().equals(this.getCiphertextBlob()) == false) return false; if (other.getEncryptionContext() == null ^ this.getEncryptionContext() == null) return false; if (other.getEncryptionContext() != null && other.getEncryptionContext().equals(this.getEncryptionContext()) == false) return false; if (other.getGrantTokens() == null ^ this.getGrantTokens() == null) return false; if (other.getGrantTokens() != null && other.getGrantTokens().equals(this.getGrantTokens()) == false) return false; if (other.getKeyId() == null ^ this.getKeyId() == null) return false; if (other.getKeyId() != null && other.getKeyId().equals(this.getKeyId()) == false) return false; if (other.getEncryptionAlgorithm() == null ^ this.getEncryptionAlgorithm() == null) return false; if (other.getEncryptionAlgorithm() != null && other.getEncryptionAlgorithm().equals(this.getEncryptionAlgorithm()) == false) return false; if (other.getRecipient() == null ^ this.getRecipient() == null) return false; if (other.getRecipient() != null && other.getRecipient().equals(this.getRecipient()) == false) return false; if (other.getDryRun() == null ^ this.getDryRun() == null) return false; if (other.getDryRun() != null && other.getDryRun().equals(this.getDryRun()) == false) return false; return true; } @Override public int hashCode() { final int prime = 31; int hashCode = 1; hashCode = prime * hashCode + ((getCiphertextBlob() == null) ? 0 : getCiphertextBlob().hashCode()); hashCode = prime * hashCode + ((getEncryptionContext() == null) ? 0 : getEncryptionContext().hashCode()); hashCode = prime * hashCode + ((getGrantTokens() == null) ? 0 : getGrantTokens().hashCode()); hashCode = prime * hashCode + ((getKeyId() == null) ? 0 : getKeyId().hashCode()); hashCode = prime * hashCode + ((getEncryptionAlgorithm() == null) ? 0 : getEncryptionAlgorithm().hashCode()); hashCode = prime * hashCode + ((getRecipient() == null) ? 0 : getRecipient().hashCode()); hashCode = prime * hashCode + ((getDryRun() == null) ? 0 : getDryRun().hashCode()); return hashCode; } @Override public DecryptRequest clone() { return (DecryptRequest) super.clone(); } }