* If you are using the AWS Encryption SDK with AWS KMS, * you can use AWS KMS to provide additional powerful controls using the encryption context. - * For more information on that, see the KMS developer guide: + * For more information on that, see the AWS KMS developer guide: *
* https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context *
diff --git a/src/examples/java/com/amazonaws/crypto/examples/keyring/awskms/CustomClientSupplier.java b/src/examples/java/com/amazonaws/crypto/examples/keyring/awskms/CustomClientSupplier.java index 0e6ddcdf5..a9005e027 100644 --- a/src/examples/java/com/amazonaws/crypto/examples/keyring/awskms/CustomClientSupplier.java +++ b/src/examples/java/com/amazonaws/crypto/examples/keyring/awskms/CustomClientSupplier.java @@ -20,7 +20,7 @@ import java.util.Map; /** - * By default, the KMS keyring uses a client supplier that + * By default, the AWS KMS keyring uses a client supplier that * supplies a client with the same configuration for every region. * If you need different behavior, you can write your own client supplier. *
@@ -36,13 +36,13 @@ *
* https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/choose-keyring.html#use-kms-keyring *
- * For an example of how to use the KMS keyring with CMKs in multiple regions, + * For an example of how to use the AWS KMS keyring with CMKs in multiple regions, * see the {@link MultipleRegions} example. *
- * For another example of how to use the KMS keyring with a custom client configuration, + * For another example of how to use the AWS KMS keyring with a custom client configuration, * see the {@link CustomKmsClientConfig} example. *
- * For examples of how to use the KMS Discovery keyring on decrypt, + * For examples of how to use the AWS KMS Discovery keyring on decrypt, * see the {@link DiscoveryDecrypt}, {@link DiscoveryDecryptInRegionOnly}, * and {@link DiscoveryDecryptWithPreferredRegions} examples. */ @@ -79,7 +79,7 @@ public AWSKMS getClient(String regionId) { } /** - * Demonstrate an encrypt/decrypt cycle using a KMS keyring with a custom client supplier. + * Demonstrate an encrypt/decrypt cycle using an AWS KMS keyring with a custom client supplier. * * @param awsKmsCmk The ARN of an AWS KMS CMK that protects data keys * @param sourcePlaintext Plaintext to encrypt diff --git a/src/examples/java/com/amazonaws/crypto/examples/keyring/awskms/CustomKmsClientConfig.java b/src/examples/java/com/amazonaws/crypto/examples/keyring/awskms/CustomKmsClientConfig.java index fd3af280d..8e942bb2d 100644 --- a/src/examples/java/com/amazonaws/crypto/examples/keyring/awskms/CustomKmsClientConfig.java +++ b/src/examples/java/com/amazonaws/crypto/examples/keyring/awskms/CustomKmsClientConfig.java @@ -20,29 +20,29 @@ import java.util.Map; /** - * By default, the KMS keyring uses the default configurations + * By default, the AWS KMS keyring uses the default configurations * for all KMS clients and uses the default discoverable credentials. * If you need to change this configuration, * you can configure the client supplier. *
- * This example shows how to use custom-configured clients with the KMS keyring. + * This example shows how to use custom-configured clients with the AWS KMS keyring. *
* https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/choose-keyring.html#use-kms-keyring *
- * For an example of how to use the KMS keyring with CMKs in multiple regions, + * For an example of how to use the AWS KMS keyring with CMKs in multiple regions, * see the {@link MultipleRegions} example. *
- * For another example of how to use the KMS keyring with a custom client configuration, + * For another example of how to use the AWS KMS keyring with a custom client configuration, * see the {@link CustomKmsClientConfig} example. *
- * For examples of how to use the KMS Discovery keyring on decrypt, + * For examples of how to use the AWS KMS Discovery keyring on decrypt, * see the {@link DiscoveryDecrypt}, {@link DiscoveryDecryptInRegionOnly}, * and {@link DiscoveryDecryptWithPreferredRegions} examples. */ public class CustomKmsClientConfig { /** - * Demonstrate an encrypt/decrypt cycle using a KMS keyring with custom KMS client configuration. + * Demonstrate an encrypt/decrypt cycle using an AWS KMS keyring with custom KMS client configuration. * * @param awsKmsCmk The ARN of an AWS KMS CMK that protects data keys * @param sourcePlaintext Plaintext to encrypt diff --git a/src/examples/java/com/amazonaws/crypto/examples/keyring/awskms/DiscoveryDecrypt.java b/src/examples/java/com/amazonaws/crypto/examples/keyring/awskms/DiscoveryDecrypt.java index 64b031887..eda15ad94 100644 --- a/src/examples/java/com/amazonaws/crypto/examples/keyring/awskms/DiscoveryDecrypt.java +++ b/src/examples/java/com/amazonaws/crypto/examples/keyring/awskms/DiscoveryDecrypt.java @@ -16,33 +16,33 @@ import java.util.Map; /** - * When you give the KMS keyring specific key IDs it will use those CMKs and nothing else. + * When you give the AWS KMS keyring specific key IDs it will use those CMKs and nothing else. * This is true both on encrypt and on decrypt. * However, sometimes you need more flexibility on decrypt, * especially when you don't know which CMKs were used to encrypt a message. - * To address this need, you can use a KMS discovery keyring. - * The KMS discovery keyring does nothing on encrypt - * but attempts to decrypt *any* data keys that were encrypted under a KMS CMK. + * To address this need, you can use an AWS KMS discovery keyring. + * The AWS KMS discovery keyring does nothing on encrypt + * but attempts to decrypt *any* data keys that were encrypted under an AWS KMS CMK. *
- * This example shows how to configure and use a KMS discovery keyring. + * This example shows how to configure and use an AWS KMS discovery keyring. *
* https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/choose-keyring.html#use-kms-keyring *
- * For an example of how to use the KMS keyring with CMKs in multiple regions, + * For an example of how to use the AWS KMS keyring with CMKs in multiple regions, * see the {@link MultipleRegions} example. *
- * For examples of how to use the KMS keyring with custom client configurations, + * For examples of how to use the AWS KMS keyring with custom client configurations, * see the {@link CustomClientSupplier} * and {@link CustomKmsClientConfig} examples. *
- * For examples of how to use the KMS discovery keyring on decrypt, + * For examples of how to use the AWS KMS discovery keyring on decrypt, * see the {@link DiscoveryDecryptInRegionOnly}, * and {@link DiscoveryDecryptWithPreferredRegions} examples. */ public class DiscoveryDecrypt { /** - * Demonstrate configuring a KMS discovery keyring for decryption. + * Demonstrate configuring an AWS KMS discovery keyring for decryption. * * @param awsKmsCmk The ARN of an AWS KMS CMK that protects data keys * @param sourcePlaintext Plaintext to encrypt @@ -63,7 +63,7 @@ public static void run(final AwsKmsCmkId awsKmsCmk, final byte[] sourcePlaintext // Create the keyring that determines how your data keys are protected. final Keyring encryptKeyring = StandardKeyrings.awsKms(awsKmsCmk); - // Create a KMS discovery keyring to use on decrypt. + // Create an AWS KMS discovery keyring to use on decrypt. final Keyring decryptKeyring = StandardKeyrings.awsKmsDiscoveryBuilder().build(); // Encrypt your plaintext data. @@ -77,7 +77,7 @@ public static void run(final AwsKmsCmkId awsKmsCmk, final byte[] sourcePlaintext // Demonstrate that the ciphertext and plaintext are different. assert !Arrays.equals(ciphertext, sourcePlaintext); - // Decrypt your encrypted data using the KMS discovery keyring. + // Decrypt your encrypted data using the AWS KMS discovery keyring. // // You do not need to specify the encryption context on decrypt because // the header of the encrypted message includes the encryption context. diff --git a/src/examples/java/com/amazonaws/crypto/examples/keyring/awskms/DiscoveryDecryptInRegionOnly.java b/src/examples/java/com/amazonaws/crypto/examples/keyring/awskms/DiscoveryDecryptInRegionOnly.java index ad545cbec..3e2aa987f 100644 --- a/src/examples/java/com/amazonaws/crypto/examples/keyring/awskms/DiscoveryDecryptInRegionOnly.java +++ b/src/examples/java/com/amazonaws/crypto/examples/keyring/awskms/DiscoveryDecryptInRegionOnly.java @@ -20,36 +20,36 @@ import static java.util.Collections.singleton; /** - * When you give the KMS keyring specific key IDs it will use those CMKs and nothing else. + * When you give the AWS KMS keyring specific key IDs it will use those CMKs and nothing else. * This is true both on encrypt and on decrypt. * However, sometimes you need more flexibility on decrypt, * especially if you don't know which CMK was used to encrypt a message. - * To address this need, you can use a KMS discovery keyring. - * The KMS discovery keyring does nothing on encrypt - * but attempts to decrypt *any* data keys that were encrypted under a KMS CMK. + * To address this need, you can use an AWS KMS discovery keyring. + * The AWS KMS discovery keyring does nothing on encrypt + * but attempts to decrypt *any* data keys that were encrypted under an AWS KMS CMK. *
* However, sometimes you need to be a *bit* more restrictive than that. - * To address this need, you can use a client supplier that restricts the regions a KMS keyring can talk to. + * To address this need, you can use a client supplier that restricts the regions an AWS KMS keyring can talk to. *
- * This example shows how to configure and use a KMS regional discovery keyring that is restricted to one region. + * This example shows how to configure and use an AWS KMS regional discovery keyring that is restricted to one region. *
* https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/choose-keyring.html#use-kms-keyring *
- * For an example of how to use the KMS keyring with CMKs in multiple regions, + * For an example of how to use the AWS KMS keyring with CMKs in multiple regions, * see the {@link MultipleRegions} example. *
- * For examples of how to use the KMS keyring with custom client configurations, + * For examples of how to use the AWS KMS keyring with custom client configurations, * see the {@link CustomClientSupplier} * and {@link CustomKmsClientConfig} examples. *
- * For examples of how to use the KMS discovery keyring on decrypt, + * For examples of how to use the AWS KMS discovery keyring on decrypt, * see the {@link DiscoveryDecrypt}, * and {@link DiscoveryDecryptWithPreferredRegions} examples. */ public class DiscoveryDecryptInRegionOnly { /** - * Demonstrate configuring a KMS keyring to only work within a single region. + * Demonstrate configuring an AWS KMS keyring to only work within a single region. * * @param awsKmsCmk The ARN of an AWS KMS CMK that protects data keys * @param sourcePlaintext Plaintext to encrypt @@ -73,7 +73,7 @@ public static void run(final AwsKmsCmkId awsKmsCmk, final byte[] sourcePlaintext // Extract the region from the CMK ARN. final String decryptRegion = Arn.fromString(awsKmsCmk.toString()).getRegion(); - // Create the KMS discovery keyring that we will use on decrypt. + // Create the AWS KMS discovery keyring that we will use on decrypt. // // The client supplier that we specify here will only supply clients for the specified region. // The keyring only attempts to decrypt data keys if it can get a client for that region, @@ -93,7 +93,7 @@ public static void run(final AwsKmsCmkId awsKmsCmk, final byte[] sourcePlaintext // Demonstrate that the ciphertext and plaintext are different. assert !Arrays.equals(ciphertext, sourcePlaintext); - // Decrypt your encrypted data using the KMS discovery keyring. + // Decrypt your encrypted data using the AWS KMS discovery keyring. // // You do not need to specify the encryption context on decrypt because // the header of the encrypted message includes the encryption context. diff --git a/src/examples/java/com/amazonaws/crypto/examples/keyring/awskms/DiscoveryDecryptWithPreferredRegions.java b/src/examples/java/com/amazonaws/crypto/examples/keyring/awskms/DiscoveryDecryptWithPreferredRegions.java index 5068395d2..1826dafe4 100644 --- a/src/examples/java/com/amazonaws/crypto/examples/keyring/awskms/DiscoveryDecryptWithPreferredRegions.java +++ b/src/examples/java/com/amazonaws/crypto/examples/keyring/awskms/DiscoveryDecryptWithPreferredRegions.java @@ -20,35 +20,35 @@ import static java.util.Collections.singleton; /** - * When you give the KMS keyring specific key IDs it will use those CMKs and nothing else. + * When you give the AWS KMS keyring specific key IDs it will use those CMKs and nothing else. * This is true both on encrypt and on decrypt. * However, sometimes you need more flexibility on decrypt, * especially if you might not know beforehand which CMK was used to encrypt a message. - * To address this need, you can use a KMS discovery keyring. - * The KMS discovery keyring will do nothing on encrypt - * but will attempt to decrypt *any* data keys that were encrypted under a KMS CMK. + * To address this need, you can use an AWS KMS discovery keyring. + * The AWS KMS discovery keyring will do nothing on encrypt + * but will attempt to decrypt *any* data keys that were encrypted under an AWS KMS CMK. *
* However, sometimes you need to be a *bit* more restrictive than that. - * To address this need, you can use a client supplier to restrict what regions a KMS keyring can talk to. + * To address this need, you can use a client supplier to restrict what regions an AWS KMS keyring can talk to. *
* A more complex but more common use-case is that you would *prefer* to stay within a region, * but you would rather make calls to other regions than fail to decrypt the message. * In this case, you want a keyring that will try to decrypt data keys in this region first, * then try other regions. *
- * This example shows how to configure and use a multi-keyring with the KMS keyring + * This example shows how to configure and use a multi-keyring with the AWS KMS keyring * to prefer the current AWS region while also failing over to other AWS regions. *
* https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/choose-keyring.html#use-kms-keyring *
- * For an example of how to use the KMS keyring with CMKs in multiple regions, + * For an example of how to use the AWS KMS keyring with CMKs in multiple regions, * see the {@link MultipleRegions} example. *
- * For examples of how to use the KMS keyring with custom client configurations, + * For examples of how to use the AWS KMS keyring with custom client configurations, * see the {@link CustomClientSupplier} * and {@link CustomKmsClientConfig} examples. *
- * For examples of how to use the KMS discovery keyring on decrypt, + * For examples of how to use the AWS KMS discovery keyring on decrypt, * see the {@link DiscoveryDecrypt}, * and {@link DiscoveryDecryptInRegionOnly} examples. */ @@ -79,7 +79,7 @@ public static void run(final AwsKmsCmkId awsKmsCmk, final byte[] sourcePlaintext // To create our decrypt keyring, we need to know our current default AWS region. final String localRegion = AWSKMSClientBuilder.standard().getRegion(); - // Now, use that region name to create two KMS discovery keyrings: + // Now, use that region name to create two AWS KMS discovery keyrings: // // One that only works in the local region final Keyring localRegionDecryptKeyring = StandardKeyrings.awsKmsDiscoveryBuilder() diff --git a/src/examples/java/com/amazonaws/crypto/examples/keyring/awskms/MultipleRegions.java b/src/examples/java/com/amazonaws/crypto/examples/keyring/awskms/MultipleRegions.java index 8eabf06c6..52065e8f0 100644 --- a/src/examples/java/com/amazonaws/crypto/examples/keyring/awskms/MultipleRegions.java +++ b/src/examples/java/com/amazonaws/crypto/examples/keyring/awskms/MultipleRegions.java @@ -18,18 +18,18 @@ import java.util.Map; /** - * This example shows how to configure and use a KMS keyring with CMKs in multiple regions. + * This example shows how to configure and use an AWS KMS keyring with CMKs in multiple regions. *
* https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/choose-keyring.html#use-kms-keyring *
- * For an example of how to use the KMS keyring with a single CMK, + * For an example of how to use the AWS KMS keyring with a single CMK, * see the {@link SingleCmk} example. *
- * For examples of how to use the KMS keyring with custom client configurations, + * For examples of how to use the AWS KMS keyring with custom client configurations, * see the {@link CustomClientSupplier} * and {@link CustomKmsClientConfig} examples. *
- * For examples of how to use the KMS Discovery keyring on decrypt,
+ * For examples of how to use the AWS KMS Discovery keyring on decrypt,
* see the {@link DiscoveryDecrypt},
* {@link DiscoveryDecryptInRegionOnly},
* and {@link DiscoveryDecryptWithPreferredRegions} examples.
@@ -37,10 +37,10 @@
public class MultipleRegions {
/**
- * Demonstrate an encrypt/decrypt cycle using a KMS keyring with CMKs in multiple regions.
+ * Demonstrate an encrypt/decrypt cycle using an AWS KMS keyring with CMKs in multiple regions.
*
* @param awsKmsGeneratorCmk The ARN of an AWS KMS CMK that protects data keys
- * @param awsKmsAdditionalCmks Additional ARNs of secondary KMS CMKs
+ * @param awsKmsAdditionalCmks Additional ARNs of secondary AWS KMS CMKs
* @param sourcePlaintext Plaintext to encrypt
*/
public static void run(final AwsKmsCmkId awsKmsGeneratorCmk, final List
* https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/choose-keyring.html#use-kms-keyring
*
- * For an example of how to use the KMS keyring with CMKs in multiple regions,
+ * For an example of how to use the AWS KMS keyring with CMKs in multiple regions,
* see the {@link MultipleRegions} example.
*
- * For examples of how to use the KMS keyring with custom client configurations,
+ * For examples of how to use the AWS KMS keyring with custom client configurations,
* see the {@link CustomClientSupplier}
* and {@link CustomKmsClientConfig} examples.
*
- * For examples of how to use the KMS Discovery keyring on decrypt,
+ * For examples of how to use the AWS KMS Discovery keyring on decrypt,
* see the {@link DiscoveryDecrypt},
* {@link DiscoveryDecryptInRegionOnly},
* and {@link DiscoveryDecryptWithPreferredRegions} examples.
@@ -35,7 +35,7 @@
public class SingleCmk {
/**
- * Demonstrate an encrypt/decrypt cycle using a KMS keyring with a single CMK.
+ * Demonstrate an encrypt/decrypt cycle using an AWS KMS keyring with a single CMK.
*
* @param awsKmsCmk The ARN of an AWS KMS CMK that protects data keys
* @param sourcePlaintext Plaintext to encrypt
diff --git a/src/examples/java/com/amazonaws/crypto/examples/keyring/multi/AwsKmsWithEscrow.java b/src/examples/java/com/amazonaws/crypto/examples/keyring/multi/AwsKmsWithEscrow.java
index 541c017cb..111e69452 100644
--- a/src/examples/java/com/amazonaws/crypto/examples/keyring/multi/AwsKmsWithEscrow.java
+++ b/src/examples/java/com/amazonaws/crypto/examples/keyring/multi/AwsKmsWithEscrow.java
@@ -24,15 +24,15 @@
* the ability to enjoy the benefits of AWS KMS during normal operation
* but retain the ability to decrypt encrypted messages without access to AWS KMS.
* This example shows how you can use the multi-keyring to achieve this
- * by combining a KMS keyring with a raw RSA keyring.
+ * by combining an AWS KMS keyring with a raw RSA keyring.
*
* https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/choose-keyring.html#use-multi-keyring
*
- * For more examples of how to use the KMS keyring, see the keyring/awskms examples.
+ * For more examples of how to use the AWS KMS keyring, see the keyring/awskms examples.
*
* For more examples of how to use the raw RSA keyring, see the keyring/rawrsa examples.
*
- * In this example we generate a RSA keypair
+ * In this example we generate an RSA keypair
* but in practice you would want to keep your private key in an HSM
* or other key management system.
*
@@ -41,7 +41,7 @@
public class AwsKmsWithEscrow {
/**
- * Demonstrate configuring a keyring to use an AWS KMS CMK and a RSA wrapping key.
+ * Demonstrate configuring a keyring to use an AWS KMS CMK and an RSA wrapping key.
*
* @param awsKmsCmk The ARN of an AWS KMS CMK that protects data keys
* @param sourcePlaintext Plaintext to encrypt
@@ -96,10 +96,10 @@ public static void run(final AwsKmsCmkId awsKmsCmk, final byte[] sourcePlaintext
.paddingScheme(RsaPaddingScheme.OAEP_SHA256_MGF1)
.build();
- // Create the KMS keyring that you will use from decryption during normal operations.
+ // Create the AWS KMS keyring that you will use from decryption during normal operations.
final Keyring kmsKeyring = StandardKeyrings.awsKms(awsKmsCmk);
- // Combine the KMS keyring and the escrow encrypt keyring using the multi-keyring.
+ // Combine the AWS KMS keyring and the escrow encrypt keyring using the multi-keyring.
final Keyring encryptKeyring = StandardKeyrings.multi(kmsKeyring, escrowEncryptKeyring);
// Encrypt your plaintext data using the multi-keyring.
@@ -111,13 +111,13 @@ public static void run(final AwsKmsCmkId awsKmsCmk, final byte[] sourcePlaintext
final byte[] ciphertext = encryptResult.getResult();
// Verify that the header contains the expected number of encrypted data keys (EDKs).
- // It should contain one EDK for KMS and one for the escrow key.
+ // It should contain one EDK for AWS KMS and one for the escrow key.
assert encryptResult.getHeaders().getEncryptedKeyBlobCount() == 2;
// Demonstrate that the ciphertext and plaintext are different.
assert !Arrays.equals(ciphertext, sourcePlaintext);
- // Decrypt your encrypted data separately using the KMS keyring and the escrow decrypt keyring.
+ // Decrypt your encrypted data separately using the AWS KMS keyring and the escrow decrypt keyring.
//
// You do not need to specify the encryption context on decrypt because
// the header of the encrypted message includes the encryption context.
diff --git a/src/examples/java/com/amazonaws/crypto/examples/legacy/BasicEncryptionExample.java b/src/examples/java/com/amazonaws/crypto/examples/legacy/BasicEncryptionExample.java
index 4093004ed..77487d08c 100644
--- a/src/examples/java/com/amazonaws/crypto/examples/legacy/BasicEncryptionExample.java
+++ b/src/examples/java/com/amazonaws/crypto/examples/legacy/BasicEncryptionExample.java
@@ -23,7 +23,7 @@
*
* Arguments:
*
- * Encrypts a file using both KMS and an asymmetric key pair.
+ * Encrypts a file using both AWS KMS and an asymmetric key pair.
* NOTE: Master key providers are deprecated and replaced by keyrings.
* We keep these older examples as reference material,
* but we recommend that you use the new examples in examples/keyring
@@ -30,21 +30,21 @@
*
* Arguments:
*
- * The KMS master key provider uses any key IDs that you specify on encrypt,
- * but attempts to decrypt *any* data keys that were encrypted under a KMS CMK.
+ * The AWS KMS master key provider uses any key IDs that you specify on encrypt,
+ * but attempts to decrypt *any* data keys that were encrypted under an AWS KMS CMK.
* This means that you do not need to know which CMKs were used to encrypt a message.
*
- * This example shows how to configure and use a KMS master key provider to decrypt without provider key IDs.
+ * This example shows how to configure and use an AWS KMS master key provider to decrypt without provider key IDs.
*
* https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/concepts.html#master-key-provider
*
- * For an example of how to use the KMS master key with a single CMK,
+ * For an example of how to use the AWS KMS master key with a single CMK,
* see the {@link SingleCmk} example.
*
- * For an example of how to use the KMS master key provider with CMKs in multiple regions,
+ * For an example of how to use the AWS KMS master key provider with CMKs in multiple regions,
* see the {@link MultipleRegions} example.
*/
public class DiscoveryDecrypt {
/**
- * Demonstrate configuring a KMS master key provider for decryption.
+ * Demonstrate configuring an AWS KMS master key provider for decryption.
*
* @param awsKmsCmk The ARN of an AWS KMS CMK that protects data keys
* @param sourcePlaintext Plaintext to encrypt
@@ -57,7 +57,7 @@ public static void run(final AwsKmsCmkId awsKmsCmk, final byte[] sourcePlaintext
final KmsMasterKeyProvider encryptMasterKeyProvider = KmsMasterKeyProvider.builder()
.withKeysForEncryption(awsKmsCmk.toString()).build();
- // Create a KMS master key provider to use on decrypt.
+ // Create an AWS KMS master key provider to use on decrypt.
final KmsMasterKeyProvider decryptMasterKeyProvider = KmsMasterKeyProvider.builder().build();
// Encrypt your plaintext data.
@@ -70,7 +70,7 @@ public static void run(final AwsKmsCmkId awsKmsCmk, final byte[] sourcePlaintext
// Demonstrate that the ciphertext and plaintext are different.
assert !Arrays.equals(ciphertext, sourcePlaintext);
- // Decrypt your encrypted data using the KMS master key provider.
+ // Decrypt your encrypted data using the AWS KMS master key provider.
//
// You do not need to specify the encryption context on decrypt because
// the header of the encrypted message includes the encryption context.
diff --git a/src/examples/java/com/amazonaws/crypto/examples/masterkeyprovider/awskms/MultipleRegions.java b/src/examples/java/com/amazonaws/crypto/examples/masterkeyprovider/awskms/MultipleRegions.java
index e5cb68349..7ac0147f8 100644
--- a/src/examples/java/com/amazonaws/crypto/examples/masterkeyprovider/awskms/MultipleRegions.java
+++ b/src/examples/java/com/amazonaws/crypto/examples/masterkeyprovider/awskms/MultipleRegions.java
@@ -22,23 +22,23 @@
* We recommend using keyrings rather than master key providers.
* For examples using keyrings, see the 'examples/keyring' directory.
*
- * This example shows how to configure and use a KMS master key provider with with CMKs in multiple regions.
+ * This example shows how to configure and use an AWS KMS master key provider with with CMKs in multiple regions.
*
* https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/concepts.html#master-key-provider
*
- * For an example of how to use the KMS master key with a single CMK,
+ * For an example of how to use the AWS KMS master key with a single CMK,
* see the {@link SingleCmk} example.
*
- * For an example of how to use the KMS master key provider in discovery mode on decrypt,
+ * For an example of how to use the AWS KMS master key provider in discovery mode on decrypt,
* see the {@link DiscoveryDecrypt} example.
*/
public class MultipleRegions {
/**
- * Demonstrate an encrypt/decrypt cycle using a KMS master key provider with CMKs in multiple regions.
+ * Demonstrate an encrypt/decrypt cycle using an AWS KMS master key provider with CMKs in multiple regions.
*
* @param awsKmsGeneratorCmk The ARN of an AWS KMS CMK that protects data keys
- * @param awsKmsAdditionalCmks Additional ARNs of secondary KMS CMKs
+ * @param awsKmsAdditionalCmks Additional ARNs of secondary AWS KMS CMKs
* @param sourcePlaintext Plaintext to encrypt
*/
public static void run(final AwsKmsCmkId awsKmsGeneratorCmk, final List
- * This example shows how to configure and use a KMS master key with a single KMS CMK.
+ * This example shows how to configure and use an AWS KMS master key with a single AWS KMS CMK.
*
* https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/concepts.html#master-key-provider
*
- * For an example of how to use the KMS master key provider with CMKs in multiple regions,
+ * For an example of how to use the AWS KMS master key provider with CMKs in multiple regions,
* see the {@link MultipleRegions} example.
*
- * For an example of how to use the KMS master key provider in discovery mode on decrypt,
+ * For an example of how to use the AWS KMS master key provider in discovery mode on decrypt,
* see the {@link DiscoveryDecrypt} example.
*/
public class SingleCmk {
/**
- * Demonstrate an encrypt/decrypt cycle using a KMS master key provider with a single CMK.
+ * Demonstrate an encrypt/decrypt cycle using an AWS KMS master key provider with a single CMK.
*
* @param awsKmsCmk The ARN of an AWS KMS CMK that protects data keys
* @param sourcePlaintext Plaintext to encrypt
diff --git a/src/examples/java/com/amazonaws/crypto/examples/masterkeyprovider/multi/AwsKmsWithEscrow.java b/src/examples/java/com/amazonaws/crypto/examples/masterkeyprovider/multi/AwsKmsWithEscrow.java
index 425f8cff6..96b14e0e3 100644
--- a/src/examples/java/com/amazonaws/crypto/examples/masterkeyprovider/multi/AwsKmsWithEscrow.java
+++ b/src/examples/java/com/amazonaws/crypto/examples/masterkeyprovider/multi/AwsKmsWithEscrow.java
@@ -28,11 +28,11 @@
* the ability to enjoy the benefits of AWS KMS during normal operation
* but retain the ability to decrypt encrypted messages without access to AWS KMS.
* This example shows how you can achieve this
- * by combining a KMS master key with a raw RSA master key.
+ * by combining an AWS KMS master key with a raw RSA master key.
*
* https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/concepts.html#master-key-provider
*
- * For more examples of how to use the KMS master key provider, see the
+ * For more examples of how to use the AWS KMS master key provider, see the
* 'masterkeyprovider/awskms' examples'
*
* For more examples of how to use the raw RSA master key, see the
@@ -101,11 +101,11 @@ public static void run(final AwsKmsCmkId awsKmsCmk, final byte[] sourcePlaintext
"RSA/ECB/OAEPWithSHA-256AndMGF1Padding");
- // Create the KMS master key that you will use for decryption during normal operations.
+ // Create the AWS KMS master key that you will use for decryption during normal operations.
final KmsMasterKeyProvider kmsMasterKeyProvider = KmsMasterKeyProvider.builder()
.withKeysForEncryption(awsKmsCmk.toString()).build();
- // Combine the KMS and escrow providers into a single master key provider.
+ // Combine the AWS KMS and escrow providers into a single master key provider.
final MasterKeyProvider masterKeyProvider = MultipleProviderFactory.buildMultiProvider(
kmsMasterKeyProvider, escrowEncryptMasterKey);
@@ -117,13 +117,13 @@ public static void run(final AwsKmsCmkId awsKmsCmk, final byte[] sourcePlaintext
final byte[] ciphertext = encryptResult.getResult();
// Verify that the header contains the expected number of encrypted data keys (EDKs).
- // It should contain one EDK for KMS and one for the escrow key.
+ // It should contain one EDK for AWS KMS and one for the escrow key.
assert encryptResult.getHeaders().getEncryptedKeyBlobCount() == 2;
// Demonstrate that the ciphertext and plaintext are different.
assert !Arrays.equals(ciphertext, sourcePlaintext);
- // Decrypt your encrypted data separately using the KMS master key provider
+ // Decrypt your encrypted data separately using the AWS KMS master key provider
// and the escrow decrypt master key.
//
// You do not need to specify the encryption context on decrypt because
- *
*/
diff --git a/src/examples/java/com/amazonaws/crypto/examples/legacy/EscrowedEncryptExample.java b/src/examples/java/com/amazonaws/crypto/examples/legacy/EscrowedEncryptExample.java
index 18286624f..a2e752498 100644
--- a/src/examples/java/com/amazonaws/crypto/examples/legacy/EscrowedEncryptExample.java
+++ b/src/examples/java/com/amazonaws/crypto/examples/legacy/EscrowedEncryptExample.java
@@ -21,7 +21,7 @@
/**
*
- *
*
- * You might use AWS Key Management Service (KMS) for most encryption and decryption operations, but
- * still want the option of decrypting your data offline independently of KMS. This sample
+ * You might use AWS Key Management Service (AWS KMS) for most encryption and decryption operations, but
+ * still want the option of decrypting your data offline independently of AWS KMS. This sample
* demonstrates one way to do this.
*
- * The sample encrypts data under both a KMS customer master key (CMK) and an "escrowed" RSA key pair
- * so that either key alone can decrypt it. You might commonly use the KMS CMK for decryption. However,
- * at any time, you can use the private RSA key to decrypt the ciphertext independent of KMS.
+ * The sample encrypts data under both an AWS KMS customer master key (CMK) and an "escrowed" RSA key pair
+ * so that either key alone can decrypt it. You might commonly use the AWS KMS CMK for decryption. However,
+ * at any time, you can use the private RSA key to decrypt the ciphertext independent of AWS KMS.
*
- * This sample uses the JCEMasterKey class to generate a RSA public-private key pair
+ * This sample uses the JCEMasterKey class to generate an RSA public-private key pair
* and saves the key pair in memory. In practice, you would store the private key in a secure offline
* location, such as an offline HSM, and distribute the public key to your development team.
*
@@ -69,7 +69,7 @@ public static void main(final String[] args) throws Exception {
}
private static void standardEncrypt(final String kmsArn, final String fileName) throws Exception {
- // Encrypt with the KMS CMK and the escrowed public key
+ // Encrypt with the AWS KMS CMK and the escrowed public key
// 1. Instantiate the AWS Encryption SDK.
final AwsCrypto crypto = new AwsCrypto();
@@ -98,7 +98,7 @@ private static void standardEncrypt(final String kmsArn, final String fileName)
}
private static void standardDecrypt(final String kmsArn, final String fileName) throws Exception {
- // Decrypt with the KMS CMK and the escrow public key. You can use a combined provider,
+ // Decrypt with the AWS KMS CMK and the escrow public key. You can use a combined provider,
// as shown here, or just the KMS master key provider.
// 1. Instantiate the AWS Encryption SDK.
@@ -129,7 +129,7 @@ private static void standardDecrypt(final String kmsArn, final String fileName)
private static void escrowDecrypt(final String fileName) throws Exception {
// You can decrypt the stream using only the private key.
- // This method does not call KMS.
+ // This method does not call AWS KMS.
// 1. Instantiate the AWS Encryption SDK.
final AwsCrypto crypto = new AwsCrypto();
diff --git a/src/examples/java/com/amazonaws/crypto/examples/masterkeyprovider/awskms/DiscoveryDecrypt.java b/src/examples/java/com/amazonaws/crypto/examples/masterkeyprovider/awskms/DiscoveryDecrypt.java
index e16095224..18d1aef76 100644
--- a/src/examples/java/com/amazonaws/crypto/examples/masterkeyprovider/awskms/DiscoveryDecrypt.java
+++ b/src/examples/java/com/amazonaws/crypto/examples/masterkeyprovider/awskms/DiscoveryDecrypt.java
@@ -18,24 +18,24 @@
* We recommend using keyrings rather than master key providers.
* For examples using keyrings, see the 'examples/keyring' directory.
*