public KmsMasterKey getMasterKey()

in src/main/java/com/amazonaws/encryptionsdk/kms/KmsMasterKeyProvider.java [428:474]

• 40 lines of code
• 12 McCabe index (conditional complexity)

  public KmsMasterKey getMasterKey(final String provider, final String keyId)
      throws UnsupportedProviderException, NoSuchMasterKeyException {
    if (!canProvide(provider)) {
      throw new UnsupportedProviderException();
    }

    if (!isDiscovery_ && !keyIds_.contains(keyId)) {
      throw new NoSuchMasterKeyException("Key must be in supplied list of keyIds.");
    }

    final AwsKmsCmkArnInfo arnInfo = parseInfoFromKeyArn(keyId);

    if (isDiscovery_ && discoveryFilter_ != null && (arnInfo == null)) {
      throw new NoSuchMasterKeyException(
          "Cannot use non-ARN key identifiers or aliases if " + "discovery filter is configured.");
    } else if (isDiscovery_
        && discoveryFilter_ != null
        && !discoveryFilter_.allowsPartitionAndAccount(
            arnInfo.getPartition(), arnInfo.getAccountId())) {
      throw new NoSuchMasterKeyException(
          "Cannot use key in partition "
              + arnInfo.getPartition()
              + " with account id "
              + arnInfo.getAccountId()
              + " with configured discovery filter.");
    }

    String regionName = defaultRegion_;
    if (arnInfo != null) {
      regionName = arnInfo.getRegion();
    }

    String regionName_ = regionName;

    Supplier<AWSKMS> kmsSupplier =
        () -> {
          AWSKMS kms = regionalClientSupplier_.getClient(regionName_);
          if (kms == null) {
            throw new AwsCryptoException("Can't use keys from region " + regionName_);
          }
          return kms;
        };

    final KmsMasterKey result = KmsMasterKey.getInstance(kmsSupplier, keyId, this);
    result.setGrantTokens(grantTokens_);
    return result;
  }