/*
* Copyright 2010-2016 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
* A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed
* on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
* express or implied. See the License for the specific language governing
* permissions and limitations under the License.
*/
package com.amazonaws.services.kms.model;
import java.io.Serializable;
import com.amazonaws.AmazonWebServiceRequest;
/**
* <p>
* Encrypts data on the server side with a new customer master key without
* exposing the plaintext of the data on the client side. The data is first
* decrypted and then encrypted. This operation can also be used to change the
* encryption context of a ciphertext.
* </p>
* <p>
* Unlike other actions, <code>ReEncrypt</code> is authorized twice - once as
* <code>ReEncryptFrom</code> on the source key and once as
* <code>ReEncryptTo</code> on the destination key. We therefore recommend that
* you include the <code>"action":"kms:ReEncrypt*"</code> statement in your key
* policies to permit re-encryption from or to the key. The statement is
* included automatically when you authorize use of the key through the console
* but must be included manually when you set a policy by using the
* <a>PutKeyPolicy</a> function.
* </p>
*/
public class ReEncryptRequest extends AmazonWebServiceRequest implements Serializable {
/**
* <p>
* Ciphertext of the data to re-encrypt.
* </p>
* <p>
* <b>Constraints:</b><br/>
* <b>Length: </b>1 - 6144<br/>
*/
private java.nio.ByteBuffer ciphertextBlob;
/**
* <p>
* Encryption context used to encrypt and decrypt the data specified in the
* <code>CiphertextBlob</code> parameter.
* </p>
*/
private java.util.Map<String, String> sourceEncryptionContext = new java.util.HashMap<String, String>();
/**
* <p>
* A unique identifier for the customer master key used to re-encrypt the
* data. This value can be a globally unique identifier, a fully specified
* ARN to either an alias or a key, or an alias name prefixed by "alias/".
* </p>
* <ul>
* <li>
* <p>
* Key ARN Example -
* arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234
* -1234-123456789012
* </p>
* </li>
* <li>
* <p>
* Alias ARN Example - arn:aws:kms:us-east-1:123456789012:alias/MyAliasName
* </p>
* </li>
* <li>
* <p>
* Globally Unique Key ID Example - 12345678-1234-1234-1234-123456789012
* </p>
* </li>
* <li>
* <p>
* Alias Name Example - alias/MyAliasName
* </p>
* </li>
* </ul>
* <p>
* <b>Constraints:</b><br/>
* <b>Length: </b>1 - 256<br/>
*/
private String destinationKeyId;
/**
* <p>
* Encryption context to be used when the data is re-encrypted.
* </p>
*/
private java.util.Map<String, String> destinationEncryptionContext = new java.util.HashMap<String, String>();
/**
* <p>
* A list of grant tokens.
* </p>
* <p>
* For more information, see <a href=
* "http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token"
* >Grant Tokens</a> in the <i>AWS Key Management Service Developer
* Guide</i>.
* </p>
*/
private java.util.List<String> grantTokens = new java.util.ArrayList<String>();
/**
* <p>
* Ciphertext of the data to re-encrypt.
* </p>
* <p>
* <b>Constraints:</b><br/>
* <b>Length: </b>1 - 6144<br/>
*
* @return <p>
* Ciphertext of the data to re-encrypt.
* </p>
*/
public java.nio.ByteBuffer getCiphertextBlob() {
return ciphertextBlob;
}
/**
* <p>
* Ciphertext of the data to re-encrypt.
* </p>
* <p>
* <b>Constraints:</b><br/>
* <b>Length: </b>1 - 6144<br/>
*
* @param ciphertextBlob <p>
* Ciphertext of the data to re-encrypt.
* </p>
*/
public void setCiphertextBlob(java.nio.ByteBuffer ciphertextBlob) {
this.ciphertextBlob = ciphertextBlob;
}
/**
* <p>
* Ciphertext of the data to re-encrypt.
* </p>
* <p>
* Returns a reference to this object so that method calls can be chained
* together.
* <p>
* <b>Constraints:</b><br/>
* <b>Length: </b>1 - 6144<br/>
*
* @param ciphertextBlob <p>
* Ciphertext of the data to re-encrypt.
* </p>
* @return A reference to this updated object so that method calls can be
* chained together.
*/
public ReEncryptRequest withCiphertextBlob(java.nio.ByteBuffer ciphertextBlob) {
this.ciphertextBlob = ciphertextBlob;
return this;
}
/**
* <p>
* Encryption context used to encrypt and decrypt the data specified in the
* <code>CiphertextBlob</code> parameter.
* </p>
*
* @return <p>
* Encryption context used to encrypt and decrypt the data specified
* in the <code>CiphertextBlob</code> parameter.
* </p>
*/
public java.util.Map<String, String> getSourceEncryptionContext() {
return sourceEncryptionContext;
}
/**
* <p>
* Encryption context used to encrypt and decrypt the data specified in the
* <code>CiphertextBlob</code> parameter.
* </p>
*
* @param sourceEncryptionContext <p>
* Encryption context used to encrypt and decrypt the data
* specified in the <code>CiphertextBlob</code> parameter.
* </p>
*/
public void setSourceEncryptionContext(java.util.Map<String, String> sourceEncryptionContext) {
this.sourceEncryptionContext = sourceEncryptionContext;
}
/**
* <p>
* Encryption context used to encrypt and decrypt the data specified in the
* <code>CiphertextBlob</code> parameter.
* </p>
* <p>
* Returns a reference to this object so that method calls can be chained
* together.
*
* @param sourceEncryptionContext <p>
* Encryption context used to encrypt and decrypt the data
* specified in the <code>CiphertextBlob</code> parameter.
* </p>
* @return A reference to this updated object so that method calls can be
* chained together.
*/
public ReEncryptRequest withSourceEncryptionContext(
java.util.Map<String, String> sourceEncryptionContext) {
this.sourceEncryptionContext = sourceEncryptionContext;
return this;
}
/**
* <p>
* Encryption context used to encrypt and decrypt the data specified in the
* <code>CiphertextBlob</code> parameter.
* </p>
* <p>
* The method adds a new key-value pair into SourceEncryptionContext
* parameter, and returns a reference to this object so that method calls
* can be chained together.
*
* @param key The key of the entry to be added into SourceEncryptionContext.
* @param value The corresponding value of the entry to be added into
* SourceEncryptionContext.
* @return A reference to this updated object so that method calls can be
* chained together.
*/
public ReEncryptRequest addSourceEncryptionContextEntry(String key, String value) {
if (null == this.sourceEncryptionContext) {
this.sourceEncryptionContext = new java.util.HashMap<String, String>();
}
if (this.sourceEncryptionContext.containsKey(key))
throw new IllegalArgumentException("Duplicated keys (" + key.toString()
+ ") are provided.");
this.sourceEncryptionContext.put(key, value);
return this;
}
/**
* Removes all the entries added into SourceEncryptionContext.
* <p>
* Returns a reference to this object so that method calls can be chained
* together.
*/
public ReEncryptRequest clearSourceEncryptionContextEntries() {
this.sourceEncryptionContext = null;
return this;
}
/**
* <p>
* A unique identifier for the customer master key used to re-encrypt the
* data. This value can be a globally unique identifier, a fully specified
* ARN to either an alias or a key, or an alias name prefixed by "alias/".
* </p>
* <ul>
* <li>
* <p>
* Key ARN Example -
* arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234
* -1234-123456789012
* </p>
* </li>
* <li>
* <p>
* Alias ARN Example - arn:aws:kms:us-east-1:123456789012:alias/MyAliasName
* </p>
* </li>
* <li>
* <p>
* Globally Unique Key ID Example - 12345678-1234-1234-1234-123456789012
* </p>
* </li>
* <li>
* <p>
* Alias Name Example - alias/MyAliasName
* </p>
* </li>
* </ul>
* <p>
* <b>Constraints:</b><br/>
* <b>Length: </b>1 - 256<br/>
*
* @return <p>
* A unique identifier for the customer master key used to
* re-encrypt the data. This value can be a globally unique
* identifier, a fully specified ARN to either an alias or a key, or
* an alias name prefixed by "alias/".
* </p>
* <ul>
* <li>
* <p>
* Key ARN Example -
* arn:aws:kms:us-east-1:123456789012:key/12345678-
* 1234-1234-1234-123456789012
* </p>
* </li>
* <li>
* <p>
* Alias ARN Example -
* arn:aws:kms:us-east-1:123456789012:alias/MyAliasName
* </p>
* </li>
* <li>
* <p>
* Globally Unique Key ID Example -
* 12345678-1234-1234-1234-123456789012
* </p>
* </li>
* <li>
* <p>
* Alias Name Example - alias/MyAliasName
* </p>
* </li>
* </ul>
*/
public String getDestinationKeyId() {
return destinationKeyId;
}
/**
* <p>
* A unique identifier for the customer master key used to re-encrypt the
* data. This value can be a globally unique identifier, a fully specified
* ARN to either an alias or a key, or an alias name prefixed by "alias/".
* </p>
* <ul>
* <li>
* <p>
* Key ARN Example -
* arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234
* -1234-123456789012
* </p>
* </li>
* <li>
* <p>
* Alias ARN Example - arn:aws:kms:us-east-1:123456789012:alias/MyAliasName
* </p>
* </li>
* <li>
* <p>
* Globally Unique Key ID Example - 12345678-1234-1234-1234-123456789012
* </p>
* </li>
* <li>
* <p>
* Alias Name Example - alias/MyAliasName
* </p>
* </li>
* </ul>
* <p>
* <b>Constraints:</b><br/>
* <b>Length: </b>1 - 256<br/>
*
* @param destinationKeyId <p>
* A unique identifier for the customer master key used to
* re-encrypt the data. This value can be a globally unique
* identifier, a fully specified ARN to either an alias or a key,
* or an alias name prefixed by "alias/".
* </p>
* <ul>
* <li>
* <p>
* Key ARN Example -
* arn:aws:kms:us-east-1:123456789012:key/12345678
* -1234-1234-1234-123456789012
* </p>
* </li>
* <li>
* <p>
* Alias ARN Example -
* arn:aws:kms:us-east-1:123456789012:alias/MyAliasName
* </p>
* </li>
* <li>
* <p>
* Globally Unique Key ID Example -
* 12345678-1234-1234-1234-123456789012
* </p>
* </li>
* <li>
* <p>
* Alias Name Example - alias/MyAliasName
* </p>
* </li>
* </ul>
*/
public void setDestinationKeyId(String destinationKeyId) {
this.destinationKeyId = destinationKeyId;
}
/**
* <p>
* A unique identifier for the customer master key used to re-encrypt the
* data. This value can be a globally unique identifier, a fully specified
* ARN to either an alias or a key, or an alias name prefixed by "alias/".
* </p>
* <ul>
* <li>
* <p>
* Key ARN Example -
* arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234
* -1234-123456789012
* </p>
* </li>
* <li>
* <p>
* Alias ARN Example - arn:aws:kms:us-east-1:123456789012:alias/MyAliasName
* </p>
* </li>
* <li>
* <p>
* Globally Unique Key ID Example - 12345678-1234-1234-1234-123456789012
* </p>
* </li>
* <li>
* <p>
* Alias Name Example - alias/MyAliasName
* </p>
* </li>
* </ul>
* <p>
* Returns a reference to this object so that method calls can be chained
* together.
* <p>
* <b>Constraints:</b><br/>
* <b>Length: </b>1 - 256<br/>
*
* @param destinationKeyId <p>
* A unique identifier for the customer master key used to
* re-encrypt the data. This value can be a globally unique
* identifier, a fully specified ARN to either an alias or a key,
* or an alias name prefixed by "alias/".
* </p>
* <ul>
* <li>
* <p>
* Key ARN Example -
* arn:aws:kms:us-east-1:123456789012:key/12345678
* -1234-1234-1234-123456789012
* </p>
* </li>
* <li>
* <p>
* Alias ARN Example -
* arn:aws:kms:us-east-1:123456789012:alias/MyAliasName
* </p>
* </li>
* <li>
* <p>
* Globally Unique Key ID Example -
* 12345678-1234-1234-1234-123456789012
* </p>
* </li>
* <li>
* <p>
* Alias Name Example - alias/MyAliasName
* </p>
* </li>
* </ul>
* @return A reference to this updated object so that method calls can be
* chained together.
*/
public ReEncryptRequest withDestinationKeyId(String destinationKeyId) {
this.destinationKeyId = destinationKeyId;
return this;
}
/**
* <p>
* Encryption context to be used when the data is re-encrypted.
* </p>
*
* @return <p>
* Encryption context to be used when the data is re-encrypted.
* </p>
*/
public java.util.Map<String, String> getDestinationEncryptionContext() {
return destinationEncryptionContext;
}
/**
* <p>
* Encryption context to be used when the data is re-encrypted.
* </p>
*
* @param destinationEncryptionContext <p>
* Encryption context to be used when the data is re-encrypted.
* </p>
*/
public void setDestinationEncryptionContext(
java.util.Map<String, String> destinationEncryptionContext) {
this.destinationEncryptionContext = destinationEncryptionContext;
}
/**
* <p>
* Encryption context to be used when the data is re-encrypted.
* </p>
* <p>
* Returns a reference to this object so that method calls can be chained
* together.
*
* @param destinationEncryptionContext <p>
* Encryption context to be used when the data is re-encrypted.
* </p>
* @return A reference to this updated object so that method calls can be
* chained together.
*/
public ReEncryptRequest withDestinationEncryptionContext(
java.util.Map<String, String> destinationEncryptionContext) {
this.destinationEncryptionContext = destinationEncryptionContext;
return this;
}
/**
* <p>
* Encryption context to be used when the data is re-encrypted.
* </p>
* <p>
* The method adds a new key-value pair into DestinationEncryptionContext
* parameter, and returns a reference to this object so that method calls
* can be chained together.
*
* @param key The key of the entry to be added into
* DestinationEncryptionContext.
* @param value The corresponding value of the entry to be added into
* DestinationEncryptionContext.
* @return A reference to this updated object so that method calls can be
* chained together.
*/
public ReEncryptRequest addDestinationEncryptionContextEntry(String key, String value) {
if (null == this.destinationEncryptionContext) {
this.destinationEncryptionContext = new java.util.HashMap<String, String>();
}
if (this.destinationEncryptionContext.containsKey(key))
throw new IllegalArgumentException("Duplicated keys (" + key.toString()
+ ") are provided.");
this.destinationEncryptionContext.put(key, value);
return this;
}
/**
* Removes all the entries added into DestinationEncryptionContext.
* <p>
* Returns a reference to this object so that method calls can be chained
* together.
*/
public ReEncryptRequest clearDestinationEncryptionContextEntries() {
this.destinationEncryptionContext = null;
return this;
}
/**
* <p>
* A list of grant tokens.
* </p>
* <p>
* For more information, see <a href=
* "http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token"
* >Grant Tokens</a> in the <i>AWS Key Management Service Developer
* Guide</i>.
* </p>
*
* @return <p>
* A list of grant tokens.
* </p>
* <p>
* For more information, see <a href=
* "http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token"
* >Grant Tokens</a> in the <i>AWS Key Management Service Developer
* Guide</i>.
* </p>
*/
public java.util.List<String> getGrantTokens() {
return grantTokens;
}
/**
* <p>
* A list of grant tokens.
* </p>
* <p>
* For more information, see <a href=
* "http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token"
* >Grant Tokens</a> in the <i>AWS Key Management Service Developer
* Guide</i>.
* </p>
*
* @param grantTokens <p>
* A list of grant tokens.
* </p>
* <p>
* For more information, see <a href=
* "http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token"
* >Grant Tokens</a> in the <i>AWS Key Management Service
* Developer Guide</i>.
* </p>
*/
public void setGrantTokens(java.util.Collection<String> grantTokens) {
if (grantTokens == null) {
this.grantTokens = null;
return;
}
this.grantTokens = new java.util.ArrayList<String>(grantTokens);
}
/**
* <p>
* A list of grant tokens.
* </p>
* <p>
* For more information, see <a href=
* "http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token"
* >Grant Tokens</a> in the <i>AWS Key Management Service Developer
* Guide</i>.
* </p>
* <p>
* Returns a reference to this object so that method calls can be chained
* together.
*
* @param grantTokens <p>
* A list of grant tokens.
* </p>
* <p>
* For more information, see <a href=
* "http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token"
* >Grant Tokens</a> in the <i>AWS Key Management Service
* Developer Guide</i>.
* </p>
* @return A reference to this updated object so that method calls can be
* chained together.
*/
public ReEncryptRequest withGrantTokens(String... grantTokens) {
if (getGrantTokens() == null) {
this.grantTokens = new java.util.ArrayList<String>(grantTokens.length);
}
for (String value : grantTokens) {
this.grantTokens.add(value);
}
return this;
}
/**
* <p>
* A list of grant tokens.
* </p>
* <p>
* For more information, see <a href=
* "http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token"
* >Grant Tokens</a> in the <i>AWS Key Management Service Developer
* Guide</i>.
* </p>
* <p>
* Returns a reference to this object so that method calls can be chained
* together.
*
* @param grantTokens <p>
* A list of grant tokens.
* </p>
* <p>
* For more information, see <a href=
* "http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token"
* >Grant Tokens</a> in the <i>AWS Key Management Service
* Developer Guide</i>.
* </p>
* @return A reference to this updated object so that method calls can be
* chained together.
*/
public ReEncryptRequest withGrantTokens(java.util.Collection<String> grantTokens) {
setGrantTokens(grantTokens);
return this;
}
/**
* Returns a string representation of this object; useful for testing and
* debugging.
*
* @return A string representation of this object.
* @see java.lang.Object#toString()
*/
@Override
public String toString() {
StringBuilder sb = new StringBuilder();
sb.append("{");
if (getCiphertextBlob() != null)
sb.append("CiphertextBlob: " + getCiphertextBlob() + ",");
if (getSourceEncryptionContext() != null)
sb.append("SourceEncryptionContext: " + getSourceEncryptionContext() + ",");
if (getDestinationKeyId() != null)
sb.append("DestinationKeyId: " + getDestinationKeyId() + ",");
if (getDestinationEncryptionContext() != null)
sb.append("DestinationEncryptionContext: " + getDestinationEncryptionContext() + ",");
if (getGrantTokens() != null)
sb.append("GrantTokens: " + getGrantTokens());
sb.append("}");
return sb.toString();
}
@Override
public int hashCode() {
final int prime = 31;
int hashCode = 1;
hashCode = prime * hashCode
+ ((getCiphertextBlob() == null) ? 0 : getCiphertextBlob().hashCode());
hashCode = prime
* hashCode
+ ((getSourceEncryptionContext() == null) ? 0 : getSourceEncryptionContext()
.hashCode());
hashCode = prime * hashCode
+ ((getDestinationKeyId() == null) ? 0 : getDestinationKeyId().hashCode());
hashCode = prime
* hashCode
+ ((getDestinationEncryptionContext() == null) ? 0
: getDestinationEncryptionContext().hashCode());
hashCode = prime * hashCode
+ ((getGrantTokens() == null) ? 0 : getGrantTokens().hashCode());
return hashCode;
}
@Override
public boolean equals(Object obj) {
if (this == obj)
return true;
if (obj == null)
return false;
if (obj instanceof ReEncryptRequest == false)
return false;
ReEncryptRequest other = (ReEncryptRequest) obj;
if (other.getCiphertextBlob() == null ^ this.getCiphertextBlob() == null)
return false;
if (other.getCiphertextBlob() != null
&& other.getCiphertextBlob().equals(this.getCiphertextBlob()) == false)
return false;
if (other.getSourceEncryptionContext() == null ^ this.getSourceEncryptionContext() == null)
return false;
if (other.getSourceEncryptionContext() != null
&& other.getSourceEncryptionContext().equals(this.getSourceEncryptionContext()) == false)
return false;
if (other.getDestinationKeyId() == null ^ this.getDestinationKeyId() == null)
return false;
if (other.getDestinationKeyId() != null
&& other.getDestinationKeyId().equals(this.getDestinationKeyId()) == false)
return false;
if (other.getDestinationEncryptionContext() == null
^ this.getDestinationEncryptionContext() == null)
return false;
if (other.getDestinationEncryptionContext() != null
&& other.getDestinationEncryptionContext().equals(
this.getDestinationEncryptionContext()) == false)
return false;
if (other.getGrantTokens() == null ^ this.getGrantTokens() == null)
return false;
if (other.getGrantTokens() != null
&& other.getGrantTokens().equals(this.getGrantTokens()) == false)
return false;
return true;
}
}