AwsEncryptionSdk.Encrypt (AWS Encryption SDK v0.7.0)

View Source

Message encryption operations.

Encrypts plaintext into AWS Encryption SDK message format using provided encryption materials. This is a non-streaming implementation that requires the entire plaintext in memory.

Algorithm Suite Selection

Uses the algorithm suite from the provided encryption materials. For committed suites (recommended), the message will use format version 2.

Summary

Types

encrypt_opts()
encrypt_result()

Functions

encrypt(materials, plaintext, opts \\ [])

Encrypts plaintext into an AWS Encryption SDK message.

Types

encrypt_opts()

@type encrypt_opts() :: [{:frame_length, pos_integer()}]

encrypt_result()

@type encrypt_result() :: %{
  ciphertext: binary(),
  header: AwsEncryptionSdk.Format.Header.t(),
  encryption_context: map(),
  algorithm_suite: AwsEncryptionSdk.AlgorithmSuite.t()
}

Functions

encrypt(materials, plaintext, opts \\ [])

@spec encrypt(
  AwsEncryptionSdk.Materials.EncryptionMaterials.t(),
  binary(),
  encrypt_opts()
) ::
  {:ok, encrypt_result()} | {:error, term()}

Encrypts plaintext into an AWS Encryption SDK message.

Parameters

  • materials - Encryption materials containing algorithm suite, data key, and EDKs
  • plaintext - Data to encrypt
  • opts - Options:
    • :frame_length - Frame size in bytes (default: 4096)

Returns

  • {:ok, result} - Encryption succeeded; result contains ciphertext, header, etc.
  • {:error, reason} - Encryption failed