Amazon Encryption SDK: Difference between revisions
(8 intermediate revisions by the same user not shown) | |||
Line 7: | Line 7: | ||
* [[Amazon AWS#SDKs|Amazon]] | * [[Amazon AWS#SDKs|Amazon]] | ||
* [[Amazon KMS]] | * [[Amazon KMS]] | ||
* [[AWS SDK for Java]] | * [[AWS_SDK_for_Java_Version_2#Component_APIs|AWS SDK for Java Version 2]] | ||
* [[AWS_SDK_for_Java_Version_1#Component_APIs_that_Use_SDK_for_Java_Version_1|AWS SDK for Java Version 1]] | |||
=Overview= | =Overview= | ||
Amazon Encryption SDK provides an encryption library that optionally integrates with AWS KMS and uses it as a master key provider. The SDK generates, encrypts and decrypts data keys, uses those [[Amazon_KMS_Concepts#Data_Key|data keys]] to encrypt and decrypt raw data, and stores encrypted data keys with the corresponding encrypted data in a single object. The AWS Encryption SDK and the Amazon S3 encryption client are not compatible because they produce ciphertexts with different data formats. The | Amazon Encryption SDK provides an encryption library that optionally integrates with AWS KMS and uses it as a master key provider. The SDK generates, encrypts and decrypts data keys, uses those [[Amazon_KMS_Concepts#Data_Key|data keys]] to encrypt and decrypt raw data, and stores encrypted data keys with the corresponding encrypted data in a single object. The AWS Encryption SDK and the Amazon S3 encryption client are not compatible because they produce ciphertexts with different data formats. The AWS Encryption SDK can be used to encrypt byte arrays, I/O streams (byte streams), and strings. | ||
=Dependencies= | =Dependencies= | ||
<font color=darkgray>TODO: Gradle dependencies for ASW SDK for Java 2 look differently: https://kb.novaordis.com/index.php/AWS_SDK_for_Java_Version_2#Gradle_Project | |||
TODO: Gradle dependencies for ASW SDK for Java 1 look differently: https://kb.novaordis.com/index.php/AWS_SDK_for_Java_Version_1#Gradle_Project</font> | |||
<syntaxhighlight lang='groovy'> | <syntaxhighlight lang='groovy'> | ||
Line 26: | Line 31: | ||
=Concepts= | =Concepts= | ||
<span id='Data_Key_Caching'></span>{{Internal|Amazon Encryption SDK Concepts|Amazon Encryption SDK Concepts}} | <span id='Data_Key_Caching'></span><span id='Overhead_Introduced_by_Amazon_Encryption_SDK_Message_Format'></span>{{Internal|Amazon Encryption SDK Concepts|Amazon Encryption SDK Concepts}} | ||
=Playground Example= | =Playground Example= | ||
{{External|[https://github.com/ovidiuf/playground/blob/master/amazon/encryption-sdk/01-simplest-encryptionsdk/src/main/java/playground/amazon/encryptionsdk/AWSEncryptionSDKExamples.java Playground AWS Encryption SDK Examples]}} | {{External|[https://github.com/ovidiuf/playground/blob/master/amazon/encryption-sdk/01-simplest-encryptionsdk/src/main/java/playground/amazon/encryptionsdk/AWSEncryptionSDKExamples.java Playground AWS Encryption SDK Examples]}} |
Latest revision as of 05:44, 3 October 2021
External
Internal
Overview
Amazon Encryption SDK provides an encryption library that optionally integrates with AWS KMS and uses it as a master key provider. The SDK generates, encrypts and decrypts data keys, uses those data keys to encrypt and decrypt raw data, and stores encrypted data keys with the corresponding encrypted data in a single object. The AWS Encryption SDK and the Amazon S3 encryption client are not compatible because they produce ciphertexts with different data formats. The AWS Encryption SDK can be used to encrypt byte arrays, I/O streams (byte streams), and strings.
Dependencies
TODO: Gradle dependencies for ASW SDK for Java 2 look differently: https://kb.novaordis.com/index.php/AWS_SDK_for_Java_Version_2#Gradle_Project
TODO: Gradle dependencies for ASW SDK for Java 1 look differently: https://kb.novaordis.com/index.php/AWS_SDK_for_Java_Version_1#Gradle_Project
dependencies {
implementation('org.bouncycastle:bcprov-ext-jdk15on:1.58')
implementation('com.amazonaws:aws-encryption-sdk-java:1.3.1')
}
Clarify whether I need KMS API or not: AWS KMS API Dependencies.