class Aws::S3::EncryptionV2::DefaultCipherProvider

def encryption_cipher(options = {})

Returns:

(Array) - Creates an returns a new encryption

def encryption_cipher(options = {})
  validate_options(options)
  cipher = Utils.aes_encryption_cipher(:GCM)
  if @key_provider.encryption_materials.key.is_a? OpenSSL::PKey::RSA
    enc_key = encode64(
      encrypt_rsa(envelope_key(cipher), @content_encryption_schema)
    )
  else
    enc_key = encode64(
      encrypt_aes_gcm(envelope_key(cipher), @content_encryption_schema)
    )
  end
  envelope = {
    'x-amz-key-v2' => enc_key,
    'x-amz-cek-alg' => @content_encryption_schema,
    'x-amz-tag-len' => (AES_GCM_TAG_LEN_BYTES * 8).to_s,
    'x-amz-wrap-alg' => @key_wrap_schema,
    'x-amz-iv' => encode64(envelope_iv(cipher)),
    'x-amz-matdesc' => materials_description
  }
  cipher.auth_data = '' # auth_data must be set after key and iv
  [envelope, cipher]
end

Instance Methods

# decode64
# decryption_cipher
# encode64
# encrypt_aes_gcm
# encrypt_rsa
# encryption_cipher
# envelope_iv
# envelope_key
# initialize
# materials_description
# validate_cek
# validate_key_wrap
# validate_options

Modules

Classes

class Aws::S3::EncryptionV2::DefaultCipherProvider

def encryption_cipher(options = {})

Instance Methods