internal static EncryptionInstructions GenerateInstructionsForKMSMaterialsV2()

in src/EncryptionUtilsV2.cs [378:402]

• 21 lines of code
• 3 McCabe index (conditional complexity)

        internal static EncryptionInstructions GenerateInstructionsForKMSMaterialsV2(IAmazonKeyManagementService kmsClient, EncryptionMaterialsV2 materials)
        {
            if (materials.KMSKeyID == null)
            {
                throw new ArgumentNullException(nameof(materials.KMSKeyID), KmsKeyIdNullMessage);
            }

            switch (materials.KmsType)
            {
                case KmsType.KmsContext:
                {
                    var nonce = new byte[DefaultNonceSize];

                    // Generate nonce, and get both the key and the encrypted key from KMS.
                    RandomNumberGenerator.Create().GetBytes(nonce);
                    var result = kmsClient.GenerateDataKey(materials.KMSKeyID, materials.MaterialsDescription, KMSKeySpec);

                    var instructions = new EncryptionInstructions(materials.MaterialsDescription, result.KeyPlaintext, result.KeyCiphertext, nonce,
                        XAmzWrapAlgKmsContextValue, XAmzAesGcmCekAlgValue);
                    return instructions;
                }
                default:
                    throw new NotSupportedException($"{materials.KmsType} is not supported for KMS Key Id {materials.KMSKeyID}");
            }
        }