All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.ibm.cloud.objectstorage.services.s3.model.CryptoMode Maven / Gradle / Ivy

Go to download

A single bundled dependency that includes all service and dependent JARs with third-party libraries relocated to different namespaces.

There is a newer version: 2.14.0
Show newest version
/*
 * Copyright 2013-2022 Amazon.com, Inc. or its affiliates. All Rights Reserved.
 *
 * Licensed under the Apache License, Version 2.0 (the "License").
 * You may not use this file except in compliance with the License.
 * A copy of the License is located at
 *
 *  http://aws.amazon.com/apache2.0
 *
 * or in the "license" file accompanying this file. This file is distributed
 * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
 * express or implied. See the License for the specific language governing
 * permissions and limitations under the License.
 */
package com.ibm.cloud.objectstorage.services.s3.model;

/**
 * Denotes the different cryptographic modes available for securing an S3 object
 * via client-side encryption. 
 */
public enum CryptoMode {
    /**
     * Encryption-only mode using AES/CBC.
     * @deprecated This feature is in maintenance mode, no new updates will be released.
     * Please see https://docs.aws.amazon.com/general/latest/gr/aws_sdk_cryptography.html for more information.
     */
    @Deprecated
    EncryptionOnly,
    /**
     * Authenticated encryption mode using AES/GCM, AESWrap, etc. Please
     * note the limitation on the maximum message size in bytes that can be
     * encrypted under this mode is 2^36-32, or ~64G, due to the security
     * limitation of AES/GCM as recommended by NIST.
     * 

* When decrypting with AES-GCM, read the entire object to the end before you start using the decrypted data. This * is to verify that the object has not been modified since it was encrypted. */ AuthenticatedEncryption, /** * Strictly enforce the use of authenticated encryption via AES/GCM, * AESWrap, etc., and will throw security exception if an S3 object * retrieved is found to be not protected using authenticated encryption. * This means range-get operation is not supported in this mode, since * range-get is not authenticated. *

* Please note the limitation on the maximum message size in bytes that can * be encrypted under this mode is 2^36-32, or ~64G, due to the security * limitation of AES/GCM as recommended by NIST. *

* When decrypting with AES-GCM, read the entire object to the end before you start using the decrypted data. This * is to verify that the object has not been modified since it was encrypted. */ StrictAuthenticatedEncryption, ; }





© 2015 - 2025 Weber Informatics LLC | Privacy Policy