ExAws.S3.Crypto.KMSWrapper (ex_aws_s3_crypto v3.2.0)
View SourceUtility module to wrap calls to ExAws.KMS
to generate / decrypt data keys.
Summary
Functions
@spec decrypt_key(encrypted_key :: bitstring(), context :: map()) :: {:ok, key :: bitstring()} | {:error, reason :: String.t()}
Decrypt an encrypted data key.
The context is an encryption context
that should generally just be a map of %{"kms_cmk_id" => key_id}
for the master key_id used in the initial generation.
@spec generate_data_key(key_id :: String.t()) :: {:ok, {encrypted_blob :: String.t(), key :: bitstring()}} | {:error, reason :: String.t()}
Generate a data key for the master key with the given id.