Replace KMS with AWS KMS (#177)

Author: WesleyRosenblum

src/examples/java/com/amazonaws/crypto/examples/cryptomaterialsmanager/custom/RequiringEncryptionContextFields.java

@@ -32,7 +32,7 @@
  * <p>
  * If you are using the AWS Encryption SDK with AWS KMS,
  * you can use AWS KMS to provide additional powerful controls using the encryption context.
- * For more information on that, see the KMS developer guide:
+ * For more information on that, see the AWS KMS developer guide:
  * <p>
  * https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context
  * <p>

src/examples/java/com/amazonaws/crypto/examples/keyring/awskms/CustomClientSupplier.java

@@ -20,7 +20,7 @@
 import java.util.Map;
 
 /**
- * By default, the KMS keyring uses a client supplier that
+ * By default, the AWS KMS keyring uses a client supplier that
  * supplies a client with the same configuration for every region.
  * If you need different behavior, you can write your own client supplier.
  * <p>
@@ -36,13 +36,13 @@
  * <p>
  * https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/choose-keyring.html#use-kms-keyring
  * <p>
- * For an example of how to use the KMS keyring with CMKs in multiple regions,
+ * For an example of how to use the AWS KMS keyring with CMKs in multiple regions,
  * see the {@link MultipleRegions} example.
  * <p>
- * For another example of how to use the KMS keyring with a custom client configuration,
+ * For another example of how to use the AWS KMS keyring with a custom client configuration,
  * see the {@link CustomKmsClientConfig} example.
  * <p>
- * For examples of how to use the KMS Discovery keyring on decrypt,
+ * For examples of how to use the AWS KMS Discovery keyring on decrypt,
  * see the {@link DiscoveryDecrypt}, {@link DiscoveryDecryptInRegionOnly},
  * and {@link DiscoveryDecryptWithPreferredRegions} examples.
  */
@@ -79,7 +79,7 @@ public AWSKMS getClient(String regionId) {
     }
 
     /**
-     * Demonstrate an encrypt/decrypt cycle using a KMS keyring with a custom client supplier.
+     * Demonstrate an encrypt/decrypt cycle using an AWS KMS keyring with a custom client supplier.
      *
      * @param awsKmsCmk       The ARN of an AWS KMS CMK that protects data keys
      * @param sourcePlaintext Plaintext to encrypt

src/examples/java/com/amazonaws/crypto/examples/keyring/awskms/CustomKmsClientConfig.java

@@ -20,29 +20,29 @@
 import java.util.Map;
 
 /**
- * By default, the KMS keyring uses the default configurations
+ * By default, the AWS KMS keyring uses the default configurations
  * for all KMS clients and uses the default discoverable credentials.
  * If you need to change this configuration,
  * you can configure the client supplier.
  * <p>
- * This example shows how to use custom-configured clients with the KMS keyring.
+ * This example shows how to use custom-configured clients with the AWS KMS keyring.
  * <p>
  * https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/choose-keyring.html#use-kms-keyring
  * <p>
- * For an example of how to use the KMS keyring with CMKs in multiple regions,
+ * For an example of how to use the AWS KMS keyring with CMKs in multiple regions,
  * see the {@link MultipleRegions} example.
  * <p>
- * For another example of how to use the KMS keyring with a custom client configuration,
+ * For another example of how to use the AWS KMS keyring with a custom client configuration,
  * see the {@link CustomKmsClientConfig} example.
  * <p>
- * For examples of how to use the KMS Discovery keyring on decrypt,
+ * For examples of how to use the AWS KMS Discovery keyring on decrypt,
  * see the {@link DiscoveryDecrypt}, {@link DiscoveryDecryptInRegionOnly},
  * and {@link DiscoveryDecryptWithPreferredRegions} examples.
  */
 public class CustomKmsClientConfig {
 
     /**
-     * Demonstrate an encrypt/decrypt cycle using a KMS keyring with custom KMS client configuration.
+     * Demonstrate an encrypt/decrypt cycle using an AWS KMS keyring with custom KMS client configuration.
      *
      * @param awsKmsCmk       The ARN of an AWS KMS CMK that protects data keys
      * @param sourcePlaintext Plaintext to encrypt

src/examples/java/com/amazonaws/crypto/examples/keyring/awskms/DiscoveryDecrypt.java

@@ -16,33 +16,33 @@
 import java.util.Map;
 
 /**
- * When you give the KMS keyring specific key IDs it will use those CMKs and nothing else.
+ * When you give the AWS KMS keyring specific key IDs it will use those CMKs and nothing else.
  * This is true both on encrypt and on decrypt.
  * However, sometimes you need more flexibility on decrypt,
  * especially when you don't know which CMKs were used to encrypt a message.
- * To address this need, you can use a KMS discovery keyring.
- * The KMS discovery keyring does nothing on encrypt
- * but attempts to decrypt *any* data keys that were encrypted under a KMS CMK.
+ * To address this need, you can use an AWS KMS discovery keyring.
+ * The AWS KMS discovery keyring does nothing on encrypt
+ * but attempts to decrypt *any* data keys that were encrypted under an AWS KMS CMK.
  * <p>
- * This example shows how to configure and use a KMS discovery keyring.
+ * This example shows how to configure and use an AWS KMS discovery keyring.
  * <p>
  * https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/choose-keyring.html#use-kms-keyring
  * <p>
- * For an example of how to use the KMS keyring with CMKs in multiple regions,
+ * For an example of how to use the AWS KMS keyring with CMKs in multiple regions,
  * see the {@link MultipleRegions} example.
  * <p>
- * For examples of how to use the KMS keyring with custom client configurations,
+ * For examples of how to use the AWS KMS keyring with custom client configurations,
  * see the {@link CustomClientSupplier}
  * and {@link CustomKmsClientConfig} examples.
  * <p>
- * For examples of how to use the KMS discovery keyring on decrypt,
+ * For examples of how to use the AWS KMS discovery keyring on decrypt,
  * see the {@link DiscoveryDecryptInRegionOnly},
  * and {@link DiscoveryDecryptWithPreferredRegions} examples.
  */
 public class DiscoveryDecrypt {
 
     /**
-     * Demonstrate configuring a KMS discovery keyring for decryption.
+     * Demonstrate configuring an AWS KMS discovery keyring for decryption.
      *
      * @param awsKmsCmk       The ARN of an AWS KMS CMK that protects data keys
      * @param sourcePlaintext Plaintext to encrypt
@@ -63,7 +63,7 @@ public static void run(final AwsKmsCmkId awsKmsCmk, final byte[] sourcePlaintext
         // Create the keyring that determines how your data keys are protected.
         final Keyring encryptKeyring = StandardKeyrings.awsKms(awsKmsCmk);
 
-        // Create a KMS discovery keyring to use on decrypt.
+        // Create an AWS KMS discovery keyring to use on decrypt.
         final Keyring decryptKeyring = StandardKeyrings.awsKmsDiscoveryBuilder().build();
 
         // Encrypt your plaintext data.
@@ -77,7 +77,7 @@ public static void run(final AwsKmsCmkId awsKmsCmk, final byte[] sourcePlaintext
         // Demonstrate that the ciphertext and plaintext are different.
         assert !Arrays.equals(ciphertext, sourcePlaintext);
 
-        // Decrypt your encrypted data using the KMS discovery keyring.
+        // Decrypt your encrypted data using the AWS KMS discovery keyring.
         //
         // You do not need to specify the encryption context on decrypt because
         // the header of the encrypted message includes the encryption context.

src/examples/java/com/amazonaws/crypto/examples/keyring/awskms/DiscoveryDecryptInRegionOnly.java

@@ -20,36 +20,36 @@
 import static java.util.Collections.singleton;
 
 /**
- * When you give the KMS keyring specific key IDs it will use those CMKs and nothing else.
+ * When you give the AWS KMS keyring specific key IDs it will use those CMKs and nothing else.
  * This is true both on encrypt and on decrypt.
  * However, sometimes you need more flexibility on decrypt,
  * especially if you don't know which CMK was used to encrypt a message.
- * To address this need, you can use a KMS discovery keyring.
- * The KMS discovery keyring does nothing on encrypt
- * but attempts to decrypt *any* data keys that were encrypted under a KMS CMK.
+ * To address this need, you can use an AWS KMS discovery keyring.
+ * The AWS KMS discovery keyring does nothing on encrypt
+ * but attempts to decrypt *any* data keys that were encrypted under an AWS KMS CMK.
  * <p>
  * However, sometimes you need to be a *bit* more restrictive than that.
- * To address this need, you can use a client supplier that restricts the regions a KMS keyring can talk to.
+ * To address this need, you can use a client supplier that restricts the regions an AWS KMS keyring can talk to.
  * <p>
- * This example shows how to configure and use a KMS regional discovery keyring that is restricted to one region.
+ * This example shows how to configure and use an AWS KMS regional discovery keyring that is restricted to one region.
  * <p>
  * https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/choose-keyring.html#use-kms-keyring
  * <p>
- * For an example of how to use the KMS keyring with CMKs in multiple regions,
+ * For an example of how to use the AWS KMS keyring with CMKs in multiple regions,
  * see the {@link MultipleRegions} example.
  * <p>
- * For examples of how to use the KMS keyring with custom client configurations,
+ * For examples of how to use the AWS KMS keyring with custom client configurations,
  * see the {@link CustomClientSupplier}
  * and {@link CustomKmsClientConfig} examples.
  * <p>
- * For examples of how to use the KMS discovery keyring on decrypt,
+ * For examples of how to use the AWS KMS discovery keyring on decrypt,
  * see the {@link DiscoveryDecrypt},
  * and {@link DiscoveryDecryptWithPreferredRegions} examples.
  */
 public class DiscoveryDecryptInRegionOnly {
 
     /**
-     * Demonstrate configuring a KMS keyring to only work within a single region.
+     * Demonstrate configuring an AWS KMS keyring to only work within a single region.
      *
      * @param awsKmsCmk       The ARN of an AWS KMS CMK that protects data keys
      * @param sourcePlaintext Plaintext to encrypt
@@ -73,7 +73,7 @@ public static void run(final AwsKmsCmkId awsKmsCmk, final byte[] sourcePlaintext
         // Extract the region from the CMK ARN.
         final String decryptRegion = Arn.fromString(awsKmsCmk.toString()).getRegion();
 
-        // Create the KMS discovery keyring that we will use on decrypt.
+        // Create the AWS KMS discovery keyring that we will use on decrypt.
         //
         // The client supplier that we specify here will only supply clients for the specified region.
         // The keyring only attempts to decrypt data keys if it can get a client for that region,
@@ -93,7 +93,7 @@ public static void run(final AwsKmsCmkId awsKmsCmk, final byte[] sourcePlaintext
         // Demonstrate that the ciphertext and plaintext are different.
         assert !Arrays.equals(ciphertext, sourcePlaintext);
 
-        // Decrypt your encrypted data using the KMS discovery keyring.
+        // Decrypt your encrypted data using the AWS KMS discovery keyring.
         //
         // You do not need to specify the encryption context on decrypt because
         // the header of the encrypted message includes the encryption context.

src/examples/java/com/amazonaws/crypto/examples/keyring/awskms/DiscoveryDecryptWithPreferredRegions.java

@@ -20,35 +20,35 @@
 import static java.util.Collections.singleton;
 
 /**
- * When you give the KMS keyring specific key IDs it will use those CMKs and nothing else.
+ * When you give the AWS KMS keyring specific key IDs it will use those CMKs and nothing else.
  * This is true both on encrypt and on decrypt.
  * However, sometimes you need more flexibility on decrypt,
  * especially if you might not know beforehand which CMK was used to encrypt a message.
- * To address this need, you can use a KMS discovery keyring.
- * The KMS discovery keyring will do nothing on encrypt
- * but will attempt to decrypt *any* data keys that were encrypted under a KMS CMK.
+ * To address this need, you can use an AWS KMS discovery keyring.
+ * The AWS KMS discovery keyring will do nothing on encrypt
+ * but will attempt to decrypt *any* data keys that were encrypted under an AWS KMS CMK.
  * <p>
  * However, sometimes you need to be a *bit* more restrictive than that.
- * To address this need, you can use a client supplier to restrict what regions a KMS keyring can talk to.
+ * To address this need, you can use a client supplier to restrict what regions an AWS KMS keyring can talk to.
  * <p>
  * A more complex but more common use-case is that you would *prefer* to stay within a region,
  * but you would rather make calls to other regions than fail to decrypt the message.
  * In this case, you want a keyring that will try to decrypt data keys in this region first,
  * then try other regions.
  * <p>
- * This example shows how to configure and use a multi-keyring with the KMS keyring
+ * This example shows how to configure and use a multi-keyring with the AWS KMS keyring
  * to prefer the current AWS region while also failing over to other AWS regions.
  * <p>
  * https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/choose-keyring.html#use-kms-keyring
  * <p>
- * For an example of how to use the KMS keyring with CMKs in multiple regions,
+ * For an example of how to use the AWS KMS keyring with CMKs in multiple regions,
  * see the {@link MultipleRegions} example.
  * <p>
- * For examples of how to use the KMS keyring with custom client configurations,
+ * For examples of how to use the AWS KMS keyring with custom client configurations,
  * see the {@link CustomClientSupplier}
  * and {@link CustomKmsClientConfig} examples.
  * <p>
- * For examples of how to use the KMS discovery keyring on decrypt,
+ * For examples of how to use the AWS KMS discovery keyring on decrypt,
  * see the {@link DiscoveryDecrypt},
  * and {@link DiscoveryDecryptInRegionOnly} examples.
  */
@@ -79,7 +79,7 @@ public static void run(final AwsKmsCmkId awsKmsCmk, final byte[] sourcePlaintext
         // To create our decrypt keyring, we need to know our current default AWS region.
         final String localRegion = AWSKMSClientBuilder.standard().getRegion();
 
-        // Now, use that region name to create two KMS discovery keyrings:
+        // Now, use that region name to create two AWS KMS discovery keyrings:
         //
         // One that only works in the local region
         final Keyring localRegionDecryptKeyring = StandardKeyrings.awsKmsDiscoveryBuilder()

src/examples/java/com/amazonaws/crypto/examples/keyring/awskms/MultipleRegions.java

@@ -18,29 +18,29 @@
 import java.util.Map;
 
 /**
- * This example shows how to configure and use a KMS keyring with CMKs in multiple regions.
+ * This example shows how to configure and use an AWS KMS keyring with CMKs in multiple regions.
  * <p>
  * https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/choose-keyring.html#use-kms-keyring
  * <p>
- * For an example of how to use the KMS keyring with a single CMK,
+ * For an example of how to use the AWS KMS keyring with a single CMK,
  * see the {@link SingleCmk} example.
  * <p>
- * For examples of how to use the KMS keyring with custom client configurations,
+ * For examples of how to use the AWS KMS keyring with custom client configurations,
  * see the {@link CustomClientSupplier}
  * and {@link CustomKmsClientConfig} examples.
  * <p>
- * For examples of how to use the KMS Discovery keyring on decrypt,
+ * For examples of how to use the AWS KMS Discovery keyring on decrypt,
  * see the {@link DiscoveryDecrypt},
  * {@link DiscoveryDecryptInRegionOnly},
  * and {@link DiscoveryDecryptWithPreferredRegions} examples.
  */
 public class MultipleRegions {
 
     /**
-     * Demonstrate an encrypt/decrypt cycle using a KMS keyring with CMKs in multiple regions.
+     * Demonstrate an encrypt/decrypt cycle using an AWS KMS keyring with CMKs in multiple regions.
      *
      * @param awsKmsGeneratorCmk   The ARN of an AWS KMS CMK that protects data keys
-     * @param awsKmsAdditionalCmks Additional ARNs of secondary KMS CMKs
+     * @param awsKmsAdditionalCmks Additional ARNs of secondary AWS KMS CMKs
      * @param sourcePlaintext      Plaintext to encrypt
      */
     public static void run(final AwsKmsCmkId awsKmsGeneratorCmk, final List<AwsKmsCmkId> awsKmsAdditionalCmks, byte[] sourcePlaintext) {

src/examples/java/com/amazonaws/crypto/examples/keyring/awskms/SingleCmk.java

@@ -16,26 +16,26 @@
 import java.util.Map;
 
 /**
- * This example shows how to configure and use a KMS keyring with a single KMS CMK.
+ * This example shows how to configure and use an AWS KMS keyring with a single KMS CMK.
  * <p>
  * https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/choose-keyring.html#use-kms-keyring
  * <p>
- * For an example of how to use the KMS keyring with CMKs in multiple regions,
+ * For an example of how to use the AWS KMS keyring with CMKs in multiple regions,
  * see the {@link MultipleRegions} example.
  * <p>
- * For examples of how to use the KMS keyring with custom client configurations,
+ * For examples of how to use the AWS KMS keyring with custom client configurations,
  * see the {@link CustomClientSupplier}
  * and {@link CustomKmsClientConfig} examples.
  * <p>
- * For examples of how to use the KMS Discovery keyring on decrypt,
+ * For examples of how to use the AWS KMS Discovery keyring on decrypt,
  * see the {@link DiscoveryDecrypt},
  * {@link DiscoveryDecryptInRegionOnly},
  * and {@link DiscoveryDecryptWithPreferredRegions} examples.
  */
 public class SingleCmk {
 
     /**
-     * Demonstrate an encrypt/decrypt cycle using a KMS keyring with a single CMK.
+     * Demonstrate an encrypt/decrypt cycle using an AWS KMS keyring with a single CMK.
      *
      * @param awsKmsCmk       The ARN of an AWS KMS CMK that protects data keys
      * @param sourcePlaintext Plaintext to encrypt