internal static EncryptionInstructions GenerateInstructionsForKMSMaterialsV2()

in src/EncryptionUtilsV2.cs [356:385]

• 26 lines of code
• 3 McCabe index (conditional complexity)

        internal static EncryptionInstructions GenerateInstructionsForKMSMaterialsV2(IAmazonKeyManagementService kmsClient, EncryptionMaterialsV2 materials)
        {
            if (materials.KMSKeyID == null)
            {
                throw new ArgumentNullException(nameof(materials.KMSKeyID), KmsKeyIdNullMessage);
            }

            switch (materials.KmsType)
            {
                case KmsType.KmsContext:
                {
                    var nonce = new byte[DefaultNonceSize];

                    // Generate nonce, and get both the key and the encrypted key from KMS.
                    RandomNumberGenerator.Create().GetBytes(nonce);
                    var result = kmsClient.GenerateDataKey(new GenerateDataKeyRequest
                    {
                        KeyId = materials.KMSKeyID,
                        EncryptionContext = materials.MaterialsDescription,
                        KeySpec = KMSKeySpec
                    });

                    var instructions = new EncryptionInstructions(materials.MaterialsDescription, result.Plaintext.ToArray(), result.CiphertextBlob.ToArray(), nonce,
                        XAmzWrapAlgKmsContextValue, XAmzAesGcmCekAlgValue);
                    return instructions;
                }
                default:
                    throw new NotSupportedException($"{materials.KmsType} is not supported for KMS Key Id {materials.KMSKeyID}");
            }
        }