feat: AWS SDK v2 support

Author: smswz

pom.xml

@@ -38,6 +38,19 @@
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
     </properties>
 
+    <dependencyManagement>
+        <dependencies>
+            <dependency>
+                <groupId>software.amazon.awssdk</groupId>
+                <artifactId>bom</artifactId>
+                <version>2.17.136</version>
+                <optional>true</optional>
+                <type>pom</type>
+                <scope>import</scope>
+            </dependency>
+        </dependencies>
+    </dependencyManagement>
+
     <dependencies>
         <dependency>
             <groupId>com.amazonaws</groupId>
@@ -46,6 +59,13 @@
             <optional>true</optional>
         </dependency>
 
+        <dependency>
+            <groupId>software.amazon.awssdk</groupId>
+            <artifactId>kms</artifactId>
+            <version>2.17.136</version>
+            <optional>true</optional>
+        </dependency>
+
         <dependency>
             <groupId>org.bouncycastle</groupId>
             <artifactId>bcprov-ext-jdk15on</artifactId>
@@ -79,7 +99,6 @@
             <scope>test</scope>
         </dependency>
 
-
         <dependency>
             <groupId>com.google.code.findbugs</groupId>
             <artifactId>jsr305</artifactId>

src/examples/java/com/amazonaws/crypto/examples/BasicEncryptionExample.java

@@ -10,8 +10,8 @@
 
 import com.amazonaws.encryptionsdk.AwsCrypto;
 import com.amazonaws.encryptionsdk.CryptoResult;
-import com.amazonaws.encryptionsdk.kms.KmsMasterKey;
-import com.amazonaws.encryptionsdk.kms.KmsMasterKeyProvider;
+import com.amazonaws.encryptionsdk.kmssdkv2.KmsMasterKey;
+import com.amazonaws.encryptionsdk.kmssdkv2.KmsMasterKeyProvider;
 import com.amazonaws.encryptionsdk.CommitmentPolicy;
 
 /**

src/examples/java/com/amazonaws/crypto/examples/BasicMultiRegionKeyEncryptionExample.java

@@ -6,8 +6,8 @@
 import com.amazonaws.encryptionsdk.AwsCrypto;
 import com.amazonaws.encryptionsdk.CommitmentPolicy;
 import com.amazonaws.encryptionsdk.CryptoResult;
-import com.amazonaws.encryptionsdk.kms.AwsKmsMrkAwareMasterKey;
-import com.amazonaws.encryptionsdk.kms.AwsKmsMrkAwareMasterKeyProvider;
+import com.amazonaws.encryptionsdk.kmssdkv2.AwsKmsMrkAwareMasterKey;
+import com.amazonaws.encryptionsdk.kmssdkv2.AwsKmsMrkAwareMasterKeyProvider;
 
 import java.nio.charset.StandardCharsets;
 import java.util.Arrays;

src/examples/java/com/amazonaws/crypto/examples/DiscoveryDecryptionExample.java

@@ -10,8 +10,8 @@
 
 import com.amazonaws.encryptionsdk.AwsCrypto;
 import com.amazonaws.encryptionsdk.CryptoResult;
-import com.amazonaws.encryptionsdk.kms.KmsMasterKey;
-import com.amazonaws.encryptionsdk.kms.KmsMasterKeyProvider;
+import com.amazonaws.encryptionsdk.kmssdkv2.KmsMasterKey;
+import com.amazonaws.encryptionsdk.kmssdkv2.KmsMasterKeyProvider;
 import com.amazonaws.encryptionsdk.CommitmentPolicy;
 import com.amazonaws.encryptionsdk.kms.DiscoveryFilter;
 

src/examples/java/com/amazonaws/crypto/examples/DiscoveryMultiRegionDecryptionExample.java

@@ -7,13 +7,14 @@
 import com.amazonaws.encryptionsdk.CommitmentPolicy;
 import com.amazonaws.encryptionsdk.CryptoResult;
 import com.amazonaws.encryptionsdk.kms.DiscoveryFilter;
-import com.amazonaws.encryptionsdk.kms.AwsKmsMrkAwareMasterKey;
-import com.amazonaws.encryptionsdk.kms.AwsKmsMrkAwareMasterKeyProvider;
+import com.amazonaws.encryptionsdk.kmssdkv2.AwsKmsMrkAwareMasterKey;
+import com.amazonaws.encryptionsdk.kmssdkv2.AwsKmsMrkAwareMasterKeyProvider;
 
 import java.nio.charset.StandardCharsets;
 import java.util.Arrays;
 import java.util.Collections;
 import java.util.Map;
+import software.amazon.awssdk.regions.Region;
 
 /**
  * <p>
@@ -39,7 +40,7 @@ public static void main(final String[] args) {
         final String keyName = args[0];
         final String partition = args[1];
         final String accountId = args[2];
-        final String discoveryMrkRegion = args[3];
+        final Region discoveryMrkRegion = Region.of(args[3]);
 
         encryptAndDecrypt(keyName, partition, accountId, discoveryMrkRegion);
     }
@@ -48,7 +49,7 @@ static void encryptAndDecrypt(
         final String keyName,
         final String partition,
         final String accountId,
-        final String discoveryMrkRegion
+        final Region discoveryMrkRegion
     ) {
         // 1. Instantiate the SDK
         // This builds the AwsCrypto client with
@@ -113,7 +114,7 @@ static void encryptAndDecrypt(
         // it is limited to the Region configured for the AWS SDK.
         final AwsKmsMrkAwareMasterKeyProvider decryptingKeyProvider = AwsKmsMrkAwareMasterKeyProvider
                 .builder()
-                .withDiscoveryMrkRegion(discoveryMrkRegion)
+                .discoveryMrkRegion(discoveryMrkRegion)
                 .buildDiscovery(discoveryFilter);
 
         // 7. Decrypt the data

src/examples/java/com/amazonaws/crypto/examples/EscrowedEncryptExample.java

@@ -17,7 +17,7 @@
 import com.amazonaws.encryptionsdk.CryptoOutputStream;
 import com.amazonaws.encryptionsdk.MasterKeyProvider;
 import com.amazonaws.encryptionsdk.jce.JceMasterKey;
-import com.amazonaws.encryptionsdk.kms.KmsMasterKeyProvider;
+import com.amazonaws.encryptionsdk.kmssdkv2.KmsMasterKeyProvider;
 import com.amazonaws.encryptionsdk.multi.MultipleProviderFactory;
 import com.amazonaws.encryptionsdk.CommitmentPolicy;
 import com.amazonaws.util.IOUtils;

src/examples/java/com/amazonaws/crypto/examples/MultipleCmkEncryptExample.java

@@ -10,8 +10,8 @@
 
 import com.amazonaws.encryptionsdk.AwsCrypto;
 import com.amazonaws.encryptionsdk.CryptoResult;
-import com.amazonaws.encryptionsdk.kms.KmsMasterKey;
-import com.amazonaws.encryptionsdk.kms.KmsMasterKeyProvider;
+import com.amazonaws.encryptionsdk.kmssdkv2.KmsMasterKey;
+import com.amazonaws.encryptionsdk.kmssdkv2.KmsMasterKeyProvider;
 import com.amazonaws.encryptionsdk.CommitmentPolicy;
 
 /**

src/examples/java/com/amazonaws/crypto/examples/RestrictRegionExample.java

@@ -11,12 +11,12 @@
 import com.amazonaws.encryptionsdk.AwsCrypto;
 import com.amazonaws.encryptionsdk.CryptoResult;
 import com.amazonaws.encryptionsdk.exception.AwsCryptoException;
-import com.amazonaws.encryptionsdk.kms.KmsMasterKey;
-import com.amazonaws.encryptionsdk.kms.KmsMasterKeyProvider;
+import com.amazonaws.encryptionsdk.kmssdkv2.KmsMasterKey;
+import com.amazonaws.encryptionsdk.kmssdkv2.KmsMasterKeyProvider;
 import com.amazonaws.encryptionsdk.CommitmentPolicy;
 import com.amazonaws.encryptionsdk.kms.DiscoveryFilter;
-import com.amazonaws.services.kms.AWSKMSClientBuilder;
-import com.amazonaws.services.kms.AWSKMS;
+import software.amazon.awssdk.regions.Region;
+import software.amazon.awssdk.services.kms.KmsClient;
 
 /**
  * <p>
@@ -43,12 +43,12 @@ public static void main(final String[] args) {
         final String keyName = args[0];
         final String partition = args[1];
         final String accountId = args[2];
-        final String region = args[3];
+        final Region region = Region.of(args[3]);
 
         encryptAndDecrypt(keyName, partition, accountId, region);
     }
 
-    static void encryptAndDecrypt(final String keyName, final String partition, final String accountId, final String region) {
+    static void encryptAndDecrypt(final String keyName, final String partition, final String accountId, final Region region) {
         // Instantiate the SDK.
         // This builds the AwsCrypto client with the RequireEncryptRequireDecrypt commitment policy,
         // which enforces that this client only encrypts using committing algorithm suites and enforces
@@ -60,7 +60,7 @@ static void encryptAndDecrypt(final String keyName, final String partition, fina
                 .build();
 
         // 2. Instantiate the AWS KMS client for the desired region
-        final AWSKMS kmsClient = AWSKMSClientBuilder.standard().withRegion(region).build();
+        final KmsClient kmsClient = KmsClient.builder().region(region).build();
 
         // 3. Instantiate an AWS KMS master key provider for encryption.
         //
@@ -101,14 +101,14 @@ static void encryptAndDecrypt(final String keyName, final String partition, fina
         // This example also configures the AWS KMS master key provider with a Discovery Filter to limit
         // the attempted AWS KMS CMKs to a particular partition and account.
         final KmsMasterKeyProvider decryptingKeyProvider = KmsMasterKeyProvider.builder()
-                .withCustomClientFactory(cmkRegion -> {
+                .customRegionalClientSupplier(cmkRegion -> {
                     if(cmkRegion.equals(region)) {
                         // return the previously built AWS KMS client so that we do
                         // not create a new client on every decrypt call.
                         return kmsClient;
                     }
 
-                    throw new AwsCryptoException("Only " + region + " is supported");
+                    throw new AwsCryptoException("Only " + region.id() + " is supported");
                 })
                 .buildDiscovery(discoveryFilter);
 

src/examples/java/com/amazonaws/crypto/examples/SetCommitmentPolicyExample.java

@@ -11,8 +11,8 @@
 import com.amazonaws.encryptionsdk.AwsCrypto;
 import com.amazonaws.encryptionsdk.CommitmentPolicy;
 import com.amazonaws.encryptionsdk.CryptoResult;
-import com.amazonaws.encryptionsdk.kms.KmsMasterKey;
-import com.amazonaws.encryptionsdk.kms.KmsMasterKeyProvider;
+import com.amazonaws.encryptionsdk.kmssdkv2.KmsMasterKey;
+import com.amazonaws.encryptionsdk.kmssdkv2.KmsMasterKeyProvider;
 
 /**
  * <p>

src/examples/java/com/amazonaws/crypto/examples/SetEncryptionAlgorithmExample.java

@@ -11,8 +11,8 @@
 import com.amazonaws.encryptionsdk.AwsCrypto;
 import com.amazonaws.encryptionsdk.CryptoAlgorithm;
 import com.amazonaws.encryptionsdk.CryptoResult;
-import com.amazonaws.encryptionsdk.kms.KmsMasterKey;
-import com.amazonaws.encryptionsdk.kms.KmsMasterKeyProvider;
+import com.amazonaws.encryptionsdk.kmssdkv2.KmsMasterKey;
+import com.amazonaws.encryptionsdk.kmssdkv2.KmsMasterKeyProvider;
 
 /**
  * <p>