Packages

class SymbolicKms extends Kms with NamedLogging

Ordering
  1. Alphabetic
  2. By Inheritance
Inherited
  1. SymbolicKms
  2. NamedLogging
  3. Kms
  4. FlagCloseable
  5. PerformUnlessClosing
  6. OnShutdownRunner
  7. AutoCloseable
  8. AnyRef
  9. Any
  1. Hide All
  2. Show All
Visibility
  1. Public
  2. Protected

Instance Constructors

  1. new SymbolicKms(crypto: Crypto, config: KmsConfig, releaseProtocolVersion: ReleaseProtocolVersion, timeouts: ProcessingTimeout, loggerFactory: NamedLoggerFactory)

Type Members

  1. type CreateKeySpec = SymbolicKmsCreateKeySpec
    Definition Classes
    SymbolicKmsKms

Value Members

  1. final def !=(arg0: Any): Boolean
    Definition Classes
    AnyRef → Any
  2. final def ##: Int
    Definition Classes
    AnyRef → Any
  3. final def ==(arg0: Any): Boolean
    Definition Classes
    AnyRef → Any
  4. final def asInstanceOf[T0]: T0
    Definition Classes
    Any
  5. def cancelShutdownTask(token: Long): Unit

    Removes a shutdown task from the list using a token returned by runOnShutdown

    Removes a shutdown task from the list using a token returned by runOnShutdown

    Definition Classes
    OnShutdownRunner
  6. def clone(): AnyRef
    Attributes
    protected[lang]
    Definition Classes
    AnyRef
    Annotations
    @throws(classOf[java.lang.CloneNotSupportedException]) @native() @HotSpotIntrinsicCandidate()
  7. final def close(): Unit

    Blocks until all earlier tasks have completed and then prevents further tasks from being run.

    Blocks until all earlier tasks have completed and then prevents further tasks from being run.

    Definition Classes
    FlagCloseableOnShutdownRunner → AutoCloseable
  8. def closingTimeout: FiniteDuration
    Attributes
    protected
    Definition Classes
    FlagCloseablePerformUnlessClosing
  9. val config: KmsConfig
    Definition Classes
    SymbolicKmsKms
  10. def containsShutdownTask(token: Long): Boolean
    Definition Classes
    OnShutdownRunner
  11. def decryptAsymmetric(keyId: KmsKeyId, data: ByteString256, encryptionKeyScheme: EncryptionKeyScheme)(implicit ec: ExecutionContext, tc: TraceContext): EitherT[Future, KmsError, ByteString190]

    Asymmetrically decrypt the data passed as a byte array using a KMS private key.

    Asymmetrically decrypt the data passed as a byte array using a KMS private key.

    keyId

    key identifier (e.g. AWS key ARN)

    data

    byte string to decrypt. The higher bound on the data size we can decrypt is 256bytes (i.e. the ciphertext length for RSA2048-OAEP-SHA256 encryption; when using RSAES-OAEP the ciphertext size is always equal to the size of the Modulus).

    encryptionKeyScheme

    the encryption algorithm that was used to encrypt the plaintext message. The algorithm must be compatible with the KMS key that you specify.

    returns

    a decrypted byte string or an error if it fails to decrypt

    Definition Classes
    Kms
  12. def decryptAsymmetricInternal(keyId: KmsKeyId, data: ByteString256, encryptionKeyScheme: EncryptionKeyScheme)(implicit ec: ExecutionContext, tc: TraceContext): EitherT[Future, KmsError, ByteString190]
    Attributes
    protected
    Definition Classes
    SymbolicKmsKms
  13. def decryptSymmetric(keyId: KmsKeyId, data: ByteString6144)(implicit ec: ExecutionContext, tc: TraceContext): EitherT[Future, KmsError, ByteString4096]

    Symmetrically decrypt the data passed as a byte array using a KMS symmetric key.

    Symmetrically decrypt the data passed as a byte array using a KMS symmetric key.

    keyId

    key identifier (e.g. AWS key ARN)

    data

    byte string to decrypt. The higher bound on the data size we can decrypt is 6144 bytes (i.e. maximum accepted input size for the external KMSs that we support).

    returns

    a decrypted byte string or an error if it fails to decrypt

    Definition Classes
    Kms
  14. def decryptSymmetricInternal(keyId: KmsKeyId, data: ByteString6144)(implicit ec: ExecutionContext, tc: TraceContext): EitherT[Future, KmsError, ByteString4096]
    Attributes
    protected
    Definition Classes
    SymbolicKmsKms
  15. def deleteKey(keyId: KmsKeyId)(implicit ec: ExecutionContext, tc: TraceContext): EitherT[Future, KmsError, Unit]

    Schedule a deletion of a KMS key (takes between 7-30 days)

    Schedule a deletion of a KMS key (takes between 7-30 days)

    keyId

    key identifier (e.g. AWS key ARN)

    returns

    an error if it fails to schedule a deletion of a key

    Definition Classes
    Kms
  16. def deleteKeyInternal(keyId: KmsKeyId)(implicit ec: ExecutionContext, tc: TraceContext): EitherT[Future, KmsError, Unit]
    Attributes
    protected
    Definition Classes
    SymbolicKmsKms
  17. def encryptSymmetric(keyId: KmsKeyId, data: ByteString4096)(implicit ec: ExecutionContext, tc: TraceContext): EitherT[Future, KmsError, ByteString6144]

    Symmetrically encrypt the data passed as a byte string using a KMS symmetric key.

    Symmetrically encrypt the data passed as a byte string using a KMS symmetric key.

    keyId

    key identifier (e.g. AWS key ARN)

    data

    byte string to encrypt. The higher bound on the data size we can encrypt is 4kb (i.e. maximum accepted input size for the external KMSs that we support).

    returns

    an encrypted byte string or an error if it fails to encrypt

    Definition Classes
    Kms
  18. def encryptSymmetricInternal(keyId: KmsKeyId, data: ByteString4096)(implicit ec: ExecutionContext, tc: TraceContext): EitherT[Future, KmsError, ByteString6144]
    Attributes
    protected
    Definition Classes
    SymbolicKmsKms
  19. final def eq(arg0: AnyRef): Boolean
    Definition Classes
    AnyRef
  20. def equals(arg0: AnyRef): Boolean
    Definition Classes
    AnyRef → Any
  21. implicit def errorLoggingContext(implicit traceContext: TraceContext): ErrorLoggingContext
    Attributes
    protected
    Definition Classes
    NamedLogging
  22. def generateAsymmetricEncryptionKeyPair(encryptionKeyScheme: EncryptionKeyScheme, createKeySpec: Option[CreateKeySpec] = None, name: Option[KeyName] = None)(implicit ec: ExecutionContext, tc: TraceContext): EitherT[Future, KmsError, KmsKeyId]

    Creates a new (asymmetric) encryption key pair in the KMS and returns a key identifier.

    Creates a new (asymmetric) encryption key pair in the KMS and returns a key identifier.

    encryptionKeyScheme

    defines the encryption key scheme to which the key is going to be used for.

    createKeySpec

    defines an optional create key specification (e.g. for AWS we can a select a new key to be multi-region). If we use None we use the default specification (e.g. for AWS multiRegion = false).

    name

    an optional name to identify the key.

    returns

    a key id or an error if it fails to create a key

    Definition Classes
    Kms
  23. def generateAsymmetricEncryptionKeyPairInternal(encryptionKeyScheme: EncryptionKeyScheme, createKeySpec: Option[SymbolicKmsCreateKeySpec], name: Option[KeyName])(implicit ec: ExecutionContext, tc: TraceContext): EitherT[Future, KmsError, KmsKeyId]
    Attributes
    protected
    Definition Classes
    SymbolicKmsKms
  24. def generateSigningKeyPair(signingKeyScheme: SigningKeyScheme, createKeySpec: Option[CreateKeySpec] = None, name: Option[KeyName] = None)(implicit ec: ExecutionContext, tc: TraceContext): EitherT[Future, KmsError, KmsKeyId]

    Creates a new signing key pair in the KMS and returns its key identifier.

    Creates a new signing key pair in the KMS and returns its key identifier.

    signingKeyScheme

    defines the signing key scheme to which the key is going to be used for.

    createKeySpec

    defines an optional create key specification (e.g. for AWS we can a select a new key to be multi-region). If we use None we use the default specification (e.g. for AWS multiRegion = false).

    name

    an optional name to identify the key.

    returns

    a key id or an error if it fails to create a key

    Definition Classes
    Kms
  25. def generateSigningKeyPairInternal(signingKeyScheme: SigningKeyScheme, createKeySpec: Option[SymbolicKmsCreateKeySpec], name: Option[KeyName])(implicit ec: ExecutionContext, tc: TraceContext): EitherT[Future, KmsError, KmsKeyId]
    Attributes
    protected
    Definition Classes
    SymbolicKmsKms
  26. def generateSymmetricEncryptionKey(createKeySpec: Option[CreateKeySpec] = None, name: Option[KeyName] = None)(implicit ec: ExecutionContext, tc: TraceContext): EitherT[Future, KmsError, KmsKeyId]

    Creates a new symmetric encryption key in the KMS and returns its key identifier.

    Creates a new symmetric encryption key in the KMS and returns its key identifier. The specific encryption scheme is not necessary (default is taken) because this is intended to be used to generate a KMS wrapper key.

    createKeySpec

    defines an optional create key specification (e.g. for AWS we can a select a new key to be multi-region). If we use None we use the default specification (e.g. for AWS multiRegion = false).

    name

    an optional name to identify the key.

    returns

    a key id or an error if it fails to create a key

    Definition Classes
    Kms
  27. def generateSymmetricEncryptionKeyInternal(createKeySpec: Option[SymbolicKmsCreateKeySpec], name: Option[KeyName])(implicit ec: ExecutionContext, tc: TraceContext): EitherT[Future, KmsError, KmsKeyId]
    Attributes
    protected
    Definition Classes
    SymbolicKmsKms
  28. final def getClass(): Class[_ <: AnyRef]
    Definition Classes
    AnyRef → Any
    Annotations
    @native() @HotSpotIntrinsicCandidate()
  29. def getPublicEncryptionKey(keyId: KmsKeyId)(implicit ec: ExecutionContext, tc: TraceContext): EitherT[Future, KmsError, EncryptionPublicKey]

    Get public key for encryption from KMS given a KMS key identifier.

    Get public key for encryption from KMS given a KMS key identifier.

    keyId

    key identifier (e.g. AWS key ARN)

    returns

    the public encryption key for that keyId

    Definition Classes
    Kms
  30. def getPublicEncryptionKeyInternal(keyId: KmsKeyId)(implicit ec: ExecutionContext, tc: TraceContext): EitherT[Future, KmsError, EncryptionPublicKey]
    Attributes
    protected
    Definition Classes
    SymbolicKmsKms
  31. def getPublicSigningKey(keyId: KmsKeyId)(implicit ec: ExecutionContext, tc: TraceContext): EitherT[Future, KmsError, SigningPublicKey]

    Get public key for signing from KMS given a KMS key identifier.

    Get public key for signing from KMS given a KMS key identifier.

    keyId

    key identifier (e.g. AWS key ARN)

    returns

    the public signing key for that keyId

    Definition Classes
    Kms
  32. def getPublicSigningKeyInternal(keyId: KmsKeyId)(implicit ec: ExecutionContext, tc: TraceContext): EitherT[Future, KmsError, SigningPublicKey]
    Attributes
    protected
    Definition Classes
    SymbolicKmsKms
  33. def hashCode(): Int
    Definition Classes
    AnyRef → Any
    Annotations
    @native() @HotSpotIntrinsicCandidate()
  34. def internalPerformUnlessClosingF[A](name: String)(f: => Future[A])(implicit ec: ExecutionContext, traceContext: TraceContext): UnlessShutdown[Future[A]]
    Attributes
    protected
    Definition Classes
    PerformUnlessClosing
  35. def isClosing: Boolean

    Check whether we're closing.

    Check whether we're closing. Susceptible to race conditions; unless you're using using this as a flag to the retry lib or you really know what you're doing, prefer performUnlessClosing and friends.

    Definition Classes
    OnShutdownRunner
  36. final def isInstanceOf[T0]: Boolean
    Definition Classes
    Any
  37. def keepTrackOfOpenFutures: Boolean

    track running futures on shutdown

    track running futures on shutdown

    set to true to get detailed information about all futures that did not complete during shutdown. if set to false, we don't do anything.

    Attributes
    protected
    Definition Classes
    PerformUnlessClosing
  38. def keyExistsAndIsActive(keyId: KmsKeyId)(implicit ec: ExecutionContext, tc: TraceContext): EitherT[Future, KmsError, Unit]

    Checks that a key identified by keyId exists in the KMS and is not deleted or disabled, and therefore can be used.

    Checks that a key identified by keyId exists in the KMS and is not deleted or disabled, and therefore can be used.

    keyId

    key identifier (e.g. AWS key ARN)

    returns

    error if it fails to find key

    Definition Classes
    Kms
  39. def keyExistsAndIsActiveInternal(keyId: KmsKeyId)(implicit ec: ExecutionContext, tc: TraceContext): EitherT[Future, KmsError, Unit]
    Attributes
    protected
    Definition Classes
    SymbolicKmsKms
  40. def logger: TracedLogger
    Attributes
    protected
    Definition Classes
    NamedLogging
  41. val loggerFactory: NamedLoggerFactory
    Attributes
    protected
    Definition Classes
    SymbolicKmsNamedLogging
  42. def maxSleepMillis: Long

    How often to poll to check that all tasks have completed.

    How often to poll to check that all tasks have completed.

    Attributes
    protected
    Definition Classes
    PerformUnlessClosing
  43. implicit def namedLoggingContext(implicit traceContext: TraceContext): NamedLoggingContext
    Attributes
    protected
    Definition Classes
    NamedLogging
  44. final def ne(arg0: AnyRef): Boolean
    Definition Classes
    AnyRef
  45. def noTracingLogger: Logger
    Attributes
    protected
    Definition Classes
    NamedLogging
  46. final def notify(): Unit
    Definition Classes
    AnyRef
    Annotations
    @native() @HotSpotIntrinsicCandidate()
  47. final def notifyAll(): Unit
    Definition Classes
    AnyRef
    Annotations
    @native() @HotSpotIntrinsicCandidate()
  48. def onCloseFailure(e: Throwable): Unit
    Attributes
    protected
    Definition Classes
    PerformUnlessClosing
  49. def onClosed(): Unit
    Definition Classes
    SymbolicKmsPerformUnlessClosing
  50. final def onFirstClose(): Unit

    Blocks until all earlier tasks have completed and then prevents further tasks from being run.

    Blocks until all earlier tasks have completed and then prevents further tasks from being run.

    Definition Classes
    PerformUnlessClosingOnShutdownRunner
    Annotations
    @SuppressWarnings()
  51. def performUnlessClosing[A](name: String)(f: => A)(implicit traceContext: TraceContext): UnlessShutdown[A]

    Performs the task given by f unless a shutdown has been initiated.

    Performs the task given by f unless a shutdown has been initiated. The shutdown will only begin after f completes, but other tasks may execute concurrently with f, if started using this function, or one of the other variants (performUnlessClosingF and performUnlessClosingEitherT). The tasks are assumed to take less than closingTimeout to complete.

    DO NOT CALL this.close as part of f, because it will result in a deadlock.

    f

    The task to perform

    returns

    scala.None$ if a shutdown has been initiated. Otherwise the result of the task.

    Definition Classes
    PerformUnlessClosing
  52. def performUnlessClosingCheckedT[A, N, R](name: String, onClosing: => Checked[A, N, R])(etf: => CheckedT[Future, A, N, R])(implicit ec: ExecutionContext, traceContext: TraceContext): CheckedT[Future, A, N, R]
    Definition Classes
    PerformUnlessClosing
  53. def performUnlessClosingEitherT[E, R](name: String, onClosing: => E)(etf: => EitherT[Future, E, R])(implicit ec: ExecutionContext, traceContext: TraceContext): EitherT[Future, E, R]

    Performs the EitherT[Future] given by etf unless a shutdown has been initiated, in which case the provided error is returned instead.

    Performs the EitherT[Future] given by etf unless a shutdown has been initiated, in which case the provided error is returned instead. Both etf and the error are lazy; etf is only evaluated if there is no shutdown, the error only if we're shutting down. The shutdown will only begin after etf completes, but other tasks may execute concurrently with etf, if started using this function, or one of the other variants (performUnlessClosing and performUnlessClosingF). The tasks are assumed to take less than closingTimeout to complete.

    DO NOT CALL this.close as part of etf, because it will result in a deadlock.

    etf

    The task to perform

    Definition Classes
    PerformUnlessClosing
  54. def performUnlessClosingEitherTF[E, R](name: String, onClosing: => E)(etf: => EitherT[Future, E, Future[R]])(implicit ec: ExecutionContext, traceContext: TraceContext): EitherT[Future, E, Future[R]]
    Definition Classes
    PerformUnlessClosing
  55. def performUnlessClosingEitherU[E, R](name: String)(etf: => EitherT[Future, E, R])(implicit ec: ExecutionContext, traceContext: TraceContext): EitherT[FutureUnlessShutdown, E, R]
    Definition Classes
    PerformUnlessClosing
  56. def performUnlessClosingEitherUSF[E, R](name: String)(etf: => EitherT[FutureUnlessShutdown, E, R])(implicit ec: ExecutionContext, traceContext: TraceContext): EitherT[FutureUnlessShutdown, E, R]
    Definition Classes
    PerformUnlessClosing
  57. def performUnlessClosingF[A](name: String)(f: => Future[A])(implicit ec: ExecutionContext, traceContext: TraceContext): FutureUnlessShutdown[A]

    Performs the Future given by f unless a shutdown has been initiated.

    Performs the Future given by f unless a shutdown has been initiated. The future is lazy and not evaluated during shutdown. The shutdown will only begin after f completes, but other tasks may execute concurrently with f, if started using this function, or one of the other variants (performUnlessClosing and performUnlessClosingEitherT). The tasks are assumed to take less than closingTimeout to complete.

    DO NOT CALL this.close as part of f, because it will result in a deadlock.

    f

    The task to perform

    returns

    The future completes with com.digitalasset.canton.lifecycle.UnlessShutdown.AbortedDueToShutdown if a shutdown has been initiated. Otherwise the result of the task wrapped in com.digitalasset.canton.lifecycle.UnlessShutdown.Outcome.

    Definition Classes
    PerformUnlessClosing
  58. def performUnlessClosingUSF[A](name: String)(f: => FutureUnlessShutdown[A])(implicit ec: ExecutionContext, traceContext: TraceContext): FutureUnlessShutdown[A]
    Definition Classes
    PerformUnlessClosing
  59. def runOnShutdown[T](task: RunOnShutdown)(implicit traceContext: TraceContext): Long

    Same as runOnShutdown_ but returns a token that allows you to remove the task explicitly from being run using cancelShutdownTask

    Same as runOnShutdown_ but returns a token that allows you to remove the task explicitly from being run using cancelShutdownTask

    Definition Classes
    OnShutdownRunner
  60. def runOnShutdown_[T](task: RunOnShutdown)(implicit traceContext: TraceContext): Unit

    Register a task to run when shutdown is initiated.

    Register a task to run when shutdown is initiated.

    You can use this for example to register tasks that cancel long-running computations, whose termination you can then wait for in "closeAsync".

    Definition Classes
    OnShutdownRunner
  61. def runStateChanged(waitingState: Boolean = false): Unit
    Attributes
    protected
    Definition Classes
    OnShutdownRunner
    Annotations
    @VisibleForTesting()
  62. def sign(keyId: KmsKeyId, data: ByteString4096, signingKeyScheme: SigningKeyScheme)(implicit ec: ExecutionContext, tc: TraceContext): EitherT[Future, KmsError, ByteString]

    Sign the data passed as a byte string using a KMS key.

    Sign the data passed as a byte string using a KMS key.

    keyId

    key identifier (e.g. AWS key ARN)

    data

    byte string to sign. The higher bound on the data size we can sign is 4kb (i.e. maximum accepted input size for the external KMSs that we support).

    signingKeyScheme

    the signing algorithm to use to generate the signature

    returns

    a byte string corresponding to the signature of the data

    Definition Classes
    Kms
  63. def signInternal(keyId: KmsKeyId, data: ByteString4096, signingKeyScheme: SigningKeyScheme)(implicit ec: ExecutionContext, tc: TraceContext): EitherT[Future, KmsError, ByteString]
    Attributes
    protected
    Definition Classes
    SymbolicKmsKms
  64. final def synchronized[T0](arg0: => T0): T0
    Definition Classes
    AnyRef
  65. val timeouts: ProcessingTimeout
    Definition Classes
    SymbolicKmsFlagCloseable
  66. def toString(): String
    Definition Classes
    AnyRef → Any
  67. final def wait(arg0: Long, arg1: Int): Unit
    Definition Classes
    AnyRef
    Annotations
    @throws(classOf[java.lang.InterruptedException])
  68. final def wait(arg0: Long): Unit
    Definition Classes
    AnyRef
    Annotations
    @throws(classOf[java.lang.InterruptedException]) @native()
  69. final def wait(): Unit
    Definition Classes
    AnyRef
    Annotations
    @throws(classOf[java.lang.InterruptedException])
  70. def waitForActive(kmsKeyId: KmsKeyId)(implicit ec: ExecutionContext, tc: TraceContext): EitherT[Future, KmsError, Unit]

    Helper method waiting for a key to exist and be active

    Helper method waiting for a key to exist and be active

    Definition Classes
    SymbolicKmsKms
  71. def waitForActiveAndGetAs[A](kmsKeyId: KmsKeyId)(task: (KmsKeyId) => EitherT[Future, KmsError, A])(implicit ec: ExecutionContext, tc: TraceContext): EitherT[Future, KmsError, A]

    Helper method to get a key just after its creation, retrying if necessary until it's available

    Helper method to get a key just after its creation, retrying if necessary until it's available

    Definition Classes
    SymbolicKmsKms
  72. def withRetries[T](description: String)(task: => EitherT[Future, KmsError, T])(implicit ec: ExecutionContext, tc: TraceContext): EitherT[Future, KmsError, T]
    Attributes
    protected
    Definition Classes
    SymbolicKmsKms

Deprecated Value Members

  1. def finalize(): Unit
    Attributes
    protected[lang]
    Definition Classes
    AnyRef
    Annotations
    @throws(classOf[java.lang.Throwable]) @Deprecated @Deprecated
    Deprecated

Inherited from NamedLogging

Inherited from Kms

Inherited from FlagCloseable

Inherited from PerformUnlessClosing

Inherited from OnShutdownRunner

Inherited from AutoCloseable

Inherited from AnyRef

Inherited from Any

Ungrouped