AwsEncryptionSdk.Materials.EncryptedDataKey (AWS Encryption SDK v0.7.0)
View SourceEncrypted Data Key (EDK) structure.
An EDK contains a data key encrypted by a specific key provider. Each message contains one or more EDKs, allowing decryption with any of the corresponding master keys.
Fields
:key_provider_id- UTF-8 identifier for the key provider (e.g., "aws-kms"):key_provider_info- Provider-specific key information (binary):ciphertext- The encrypted data key (binary)
Serialization Format
Per message-header.md:
| Field | Length | Type |
|--------------------|---------------|--------|
| Provider ID Length | 2 bytes | Uint16 |
| Provider ID | Variable | UTF-8 |
| Provider Info Len | 2 bytes | Uint16 |
| Provider Info | Variable | Binary |
| Ciphertext Length | 2 bytes | Uint16 |
| Ciphertext | Variable | Binary |Summary
Functions
Deserializes an EDK from binary format.
Deserializes a list of EDKs with count prefix.
Creates a new EncryptedDataKey.
Serializes an EDK to binary format.
Serializes a list of EDKs with a count prefix.
Types
Functions
Deserializes an EDK from binary format.
Returns {:ok, edk, rest} on success, or {:error, reason} on failure.
Deserializes a list of EDKs with count prefix.
Returns {:ok, edks, rest} on success.
Creates a new EncryptedDataKey.
Examples
iex> AwsEncryptionSdk.Materials.EncryptedDataKey.new("aws-kms", "key-arn", <<1, 2, 3>>)
%AwsEncryptionSdk.Materials.EncryptedDataKey{
key_provider_id: "aws-kms",
key_provider_info: "key-arn",
ciphertext: <<1, 2, 3>>
}Serializes an EDK to binary format.
Format
<<provider_id_len::16-big, provider_id::binary,
provider_info_len::16-big, provider_info::binary,
ciphertext_len::16-big, ciphertext::binary>>Serializes a list of EDKs with a count prefix.
Format
<<count::16-big, edk1::binary, edk2::binary, ...>>