public KmsMasterKey getMasterKey()

in src/main/java/com/amazonaws/encryptionsdk/kmssdkv2/KmsMasterKeyProvider.java [302:348]

• 40 lines of code
• 12 McCabe index (conditional complexity)

  public KmsMasterKey getMasterKey(final String provider, final String keyId)
      throws UnsupportedProviderException, NoSuchMasterKeyException {
    if (!canProvide(provider)) {
      throw new UnsupportedProviderException();
    }

    if (!isDiscovery_ && !keyIds_.contains(keyId)) {
      throw new NoSuchMasterKeyException("Key must be in supplied list of keyIds.");
    }

    final AwsKmsCmkArnInfo arnInfo = parseInfoFromKeyArn(keyId);

    if (isDiscovery_ && discoveryFilter_ != null && (arnInfo == null)) {
      throw new NoSuchMasterKeyException(
          "Cannot use non-ARN key identifiers or aliases if " + "discovery filter is configured.");
    } else if (isDiscovery_
        && discoveryFilter_ != null
        && !discoveryFilter_.allowsPartitionAndAccount(
            arnInfo.getPartition(), arnInfo.getAccountId())) {
      throw new NoSuchMasterKeyException(
          "Cannot use key in partition "
              + arnInfo.getPartition()
              + " with account id "
              + arnInfo.getAccountId()
              + " with configured discovery filter.");
    }

    Region region = defaultRegion_;
    if (arnInfo != null) {
      region = Region.of(arnInfo.getRegion());
    }

    final Region region_ = region;

    Supplier<KmsClient> kmsSupplier =
        () -> {
          KmsClient client = regionalClientSupplier_.getClient(region_);
          if (client == null) {
            throw new AwsCryptoException("Can't use keys from region " + region_.id());
          }
          return client;
        };

    final KmsMasterKey result = KmsMasterKey.getInstance(kmsSupplier, keyId, this);
    result.setGrantTokens(grantTokens_);
    return result;
  }