Package software.amazon.awssdk.services.kms.model

Class GetPublicKeyResponse

java.lang.Object
software.amazon.awssdk.core.SdkResponse
software.amazon.awssdk.awscore.AwsResponse
software.amazon.awssdk.services.kms.model.KmsResponse
software.amazon.awssdk.services.kms.model.GetPublicKeyResponse
All Implemented Interfaces:
SdkPojo, ToCopyableBuilder<GetPublicKeyResponse.Builder,GetPublicKeyResponse>
@Generated("software.amazon.awssdk:codegen") public final class GetPublicKeyResponse extends KmsResponse implements ToCopyableBuilder<GetPublicKeyResponse.Builder,GetPublicKeyResponse>

  • Method Details

    • keyId

      public final String keyId()

      The Amazon Resource Name (key ARN) of the asymmetric KMS key from which the public key was downloaded.

      Returns:
      The Amazon Resource Name (key ARN) of the asymmetric KMS key from which the public key was downloaded.

    • publicKey

      public final SdkBytes publicKey()

      The exported public key.

      The value is a DER-encoded X.509 public key, also known as SubjectPublicKeyInfo (SPKI), as defined in RFC 5280. When you use the HTTP API or the Amazon Web Services CLI, the value is Base64-encoded. Otherwise, it is not Base64-encoded.

      Returns:
      The exported public key.

      The value is a DER-encoded X.509 public key, also known as SubjectPublicKeyInfo (SPKI), as defined in RFC 5280. When you use the HTTP API or the Amazon Web Services CLI, the value is Base64-encoded. Otherwise, it is not Base64-encoded.

    • customerMasterKeySpec

      @Deprecated public final CustomerMasterKeySpec customerMasterKeySpec()
      Deprecated.
      This field has been deprecated. Instead, use the KeySpec field.

      Instead, use the KeySpec field in the GetPublicKey response.

      The KeySpec and CustomerMasterKeySpec fields have the same value. We recommend that you use the KeySpec field in your code. However, to avoid breaking changes, KMS supports both fields.

      If the service returns an enum value that is not available in the current SDK version, customerMasterKeySpec will return CustomerMasterKeySpec.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from customerMasterKeySpecAsString().

      Returns:
      Instead, use the KeySpec field in the GetPublicKey response.

      The KeySpec and CustomerMasterKeySpec fields have the same value. We recommend that you use the KeySpec field in your code. However, to avoid breaking changes, KMS supports both fields.

      See Also:

    • customerMasterKeySpecAsString

      @Deprecated public final String customerMasterKeySpecAsString()
      Deprecated.
      This field has been deprecated. Instead, use the KeySpec field.

      Instead, use the KeySpec field in the GetPublicKey response.

      The KeySpec and CustomerMasterKeySpec fields have the same value. We recommend that you use the KeySpec field in your code. However, to avoid breaking changes, KMS supports both fields.

      If the service returns an enum value that is not available in the current SDK version, customerMasterKeySpec will return CustomerMasterKeySpec.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from customerMasterKeySpecAsString().

      Returns:
      Instead, use the KeySpec field in the GetPublicKey response.

      The KeySpec and CustomerMasterKeySpec fields have the same value. We recommend that you use the KeySpec field in your code. However, to avoid breaking changes, KMS supports both fields.

      See Also:

    • keySpec

      public final KeySpec keySpec()

      The type of the of the public key that was downloaded.

      If the service returns an enum value that is not available in the current SDK version, keySpec will return KeySpec.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from keySpecAsString().

      Returns:
      The type of the of the public key that was downloaded.
      See Also:

    • keySpecAsString

      public final String keySpecAsString()

      The type of the of the public key that was downloaded.

      If the service returns an enum value that is not available in the current SDK version, keySpec will return KeySpec.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from keySpecAsString().

      Returns:
      The type of the of the public key that was downloaded.
      See Also:

    • keyUsage

      public final KeyUsageType keyUsage()

      The permitted use of the public key. Valid values for asymmetric key pairs are ENCRYPT_DECRYPT, SIGN_VERIFY, and KEY_AGREEMENT.

      This information is critical. For example, if a public key with SIGN_VERIFY key usage encrypts data outside of KMS, the ciphertext cannot be decrypted.

      If the service returns an enum value that is not available in the current SDK version, keyUsage will return KeyUsageType.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from keyUsageAsString().

      Returns:
      The permitted use of the public key. Valid values for asymmetric key pairs are ENCRYPT_DECRYPT, SIGN_VERIFY, and KEY_AGREEMENT.

      This information is critical. For example, if a public key with SIGN_VERIFY key usage encrypts data outside of KMS, the ciphertext cannot be decrypted.

      See Also:

    • keyUsageAsString

      public final String keyUsageAsString()

      The permitted use of the public key. Valid values for asymmetric key pairs are ENCRYPT_DECRYPT, SIGN_VERIFY, and KEY_AGREEMENT.

      This information is critical. For example, if a public key with SIGN_VERIFY key usage encrypts data outside of KMS, the ciphertext cannot be decrypted.

      If the service returns an enum value that is not available in the current SDK version, keyUsage will return KeyUsageType.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from keyUsageAsString().

      Returns:
      The permitted use of the public key. Valid values for asymmetric key pairs are ENCRYPT_DECRYPT, SIGN_VERIFY, and KEY_AGREEMENT.

      This information is critical. For example, if a public key with SIGN_VERIFY key usage encrypts data outside of KMS, the ciphertext cannot be decrypted.

      See Also:

    • encryptionAlgorithms

      public final List<EncryptionAlgorithmSpec> encryptionAlgorithms()

      The encryption algorithms that KMS supports for this key.

      This information is critical. If a public key encrypts data outside of KMS by using an unsupported encryption algorithm, the ciphertext cannot be decrypted.

      This field appears in the response only when the KeyUsage of the public key is ENCRYPT_DECRYPT.

      Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

      This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the hasEncryptionAlgorithms() method.

      Returns:
      The encryption algorithms that KMS supports for this key.

      This information is critical. If a public key encrypts data outside of KMS by using an unsupported encryption algorithm, the ciphertext cannot be decrypted.

      This field appears in the response only when the KeyUsage of the public key is ENCRYPT_DECRYPT.

    • hasEncryptionAlgorithms

      public final boolean hasEncryptionAlgorithms()
      For responses, this returns true if the service returned a value for the EncryptionAlgorithms property. This DOES NOT check that the value is non-empty (for which, you should check the isEmpty() method on the property). This is useful because the SDK will never return a null collection or map, but you may need to differentiate between the service returning nothing (or null) and the service returning an empty collection or map. For requests, this returns true if a value for the property was specified in the request builder, and false if a value was not specified.

    • encryptionAlgorithmsAsStrings

      public final List<String> encryptionAlgorithmsAsStrings()

      The encryption algorithms that KMS supports for this key.

      This information is critical. If a public key encrypts data outside of KMS by using an unsupported encryption algorithm, the ciphertext cannot be decrypted.

      This field appears in the response only when the KeyUsage of the public key is ENCRYPT_DECRYPT.

      Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

      This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the hasEncryptionAlgorithms() method.

      Returns:
      The encryption algorithms that KMS supports for this key.

      This information is critical. If a public key encrypts data outside of KMS by using an unsupported encryption algorithm, the ciphertext cannot be decrypted.

      This field appears in the response only when the KeyUsage of the public key is ENCRYPT_DECRYPT.

    • signingAlgorithms

      public final List<SigningAlgorithmSpec> signingAlgorithms()

      The signing algorithms that KMS supports for this key.

      This field appears in the response only when the KeyUsage of the public key is SIGN_VERIFY.

      Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

      This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the hasSigningAlgorithms() method.

      Returns:
      The signing algorithms that KMS supports for this key.

      This field appears in the response only when the KeyUsage of the public key is SIGN_VERIFY.

    • hasSigningAlgorithms

      public final boolean hasSigningAlgorithms()
      For responses, this returns true if the service returned a value for the SigningAlgorithms property. This DOES NOT check that the value is non-empty (for which, you should check the isEmpty() method on the property). This is useful because the SDK will never return a null collection or map, but you may need to differentiate between the service returning nothing (or null) and the service returning an empty collection or map. For requests, this returns true if a value for the property was specified in the request builder, and false if a value was not specified.

    • signingAlgorithmsAsStrings

      public final List<String> signingAlgorithmsAsStrings()

      The signing algorithms that KMS supports for this key.

      This field appears in the response only when the KeyUsage of the public key is SIGN_VERIFY.

      Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

      This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the hasSigningAlgorithms() method.

      Returns:
      The signing algorithms that KMS supports for this key.

      This field appears in the response only when the KeyUsage of the public key is SIGN_VERIFY.

    • keyAgreementAlgorithms

      public final List<KeyAgreementAlgorithmSpec> keyAgreementAlgorithms()

      The key agreement algorithm used to derive a shared secret. This field is present only when the KMS key has a KeyUsage value of KEY_AGREEMENT.

      Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

      This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the hasKeyAgreementAlgorithms() method.

      Returns:
      The key agreement algorithm used to derive a shared secret. This field is present only when the KMS key has a KeyUsage value of KEY_AGREEMENT.

    • hasKeyAgreementAlgorithms

      public final boolean hasKeyAgreementAlgorithms()
      For responses, this returns true if the service returned a value for the KeyAgreementAlgorithms property. This DOES NOT check that the value is non-empty (for which, you should check the isEmpty() method on the property). This is useful because the SDK will never return a null collection or map, but you may need to differentiate between the service returning nothing (or null) and the service returning an empty collection or map. For requests, this returns true if a value for the property was specified in the request builder, and false if a value was not specified.

    • keyAgreementAlgorithmsAsStrings

      public final List<String> keyAgreementAlgorithmsAsStrings()

      The key agreement algorithm used to derive a shared secret. This field is present only when the KMS key has a KeyUsage value of KEY_AGREEMENT.

      Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

      This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the hasKeyAgreementAlgorithms() method.

      Returns:
      The key agreement algorithm used to derive a shared secret. This field is present only when the KMS key has a KeyUsage value of KEY_AGREEMENT.

    • toBuilder

      public GetPublicKeyResponse.Builder toBuilder()
      Specified by:
      toBuilder in interface ToCopyableBuilder<GetPublicKeyResponse.Builder,GetPublicKeyResponse>
      Specified by:
      toBuilder in class AwsResponse

    • builder

      public static GetPublicKeyResponse.Builder builder()

    • serializableBuilderClass

      public static Class<? extends GetPublicKeyResponse.Builder> serializableBuilderClass()

    • hashCode

      public final int hashCode()
      Overrides:
      hashCode in class AwsResponse

    • equals

      public final boolean equals(Object obj)
      Overrides:
      equals in class AwsResponse

    • equalsBySdkFields

      public final boolean equalsBySdkFields(Object obj)
      Specified by:
      equalsBySdkFields in interface SdkPojo

    • toString

      public final String toString()
      Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be redacted from this string using a placeholder value.
      Overrides:
      toString in class Object

    • getValueForField

      public final <T> Optional<T> getValueForField(String fieldName, Class<T> clazz)
      Overrides:
      getValueForField in class SdkResponse

    • sdkFields

      public final List<SdkField<?>> sdkFields()
      Specified by:
      sdkFields in interface SdkPojo

    • sdkFieldNameToField

      public final Map<String,SdkField<?>> sdkFieldNameToField()
      Specified by:
      sdkFieldNameToField in interface SdkPojo