{-# LANGUAGE DeriveGeneric #-} {-# LANGUAGE DuplicateRecordFields #-} {-# LANGUAGE NamedFieldPuns #-} {-# LANGUAGE OverloadedStrings #-} {-# LANGUAGE RecordWildCards #-} {-# LANGUAGE StrictData #-} {-# LANGUAGE NoImplicitPrelude #-} {-# OPTIONS_GHC -fno-warn-unused-imports #-} {-# OPTIONS_GHC -fno-warn-unused-matches #-} -- Derived from AWS service descriptions, licensed under Apache 2.0. -- | -- Module : Amazonka.ElasticTranscoder.Types.Encryption -- Copyright : (c) 2013-2023 Brendan Hay -- License : Mozilla Public License, v. 2.0. -- Maintainer : Brendan Hay -- Stability : auto-generated -- Portability : non-portable (GHC extensions) module Amazonka.ElasticTranscoder.Types.Encryption where import qualified Amazonka.Core as Core import qualified Amazonka.Core.Lens.Internal as Lens import qualified Amazonka.Data as Data import qualified Amazonka.Prelude as Prelude -- | The encryption settings, if any, that are used for decrypting your input -- files or encrypting your output files. If your input file is encrypted, -- you must specify the mode that Elastic Transcoder uses to decrypt your -- file, otherwise you must specify the mode you want Elastic Transcoder to -- use to encrypt your output files. -- -- /See:/ 'newEncryption' smart constructor. data Encryption = Encryption' { -- | The series of random bits created by a random bit generator, unique for -- every encryption operation, that you used to encrypt your input files or -- that you want Elastic Transcoder to use to encrypt your output files. -- The initialization vector must be base64-encoded, and it must be exactly -- 16 bytes long before being base64-encoded. Encryption -> Maybe Text initializationVector :: Prelude.Maybe Prelude.Text, -- | The data encryption key that you want Elastic Transcoder to use to -- encrypt your output file, or that was used to encrypt your input file. -- The key must be base64-encoded and it must be one of the following bit -- lengths before being base64-encoded: -- -- @128@, @192@, or @256@. -- -- The key must also be encrypted by using the Amazon Key Management -- Service. Encryption -> Maybe Text key :: Prelude.Maybe Prelude.Text, -- | The MD5 digest of the key that you used to encrypt your input file, or -- that you want Elastic Transcoder to use to encrypt your output file. -- Elastic Transcoder uses the key digest as a checksum to make sure your -- key was not corrupted in transit. The key MD5 must be base64-encoded, -- and it must be exactly 16 bytes long before being base64-encoded. Encryption -> Maybe Text keyMd5 :: Prelude.Maybe Prelude.Text, -- | The specific server-side encryption mode that you want Elastic -- Transcoder to use when decrypting your input files or encrypting your -- output files. Elastic Transcoder supports the following options: -- -- - __s3:__ Amazon S3 creates and manages the keys used for encrypting -- your files. -- -- - __s3-aws-kms:__ Amazon S3 calls the Amazon Key Management Service, -- which creates and manages the keys that are used for encrypting your -- files. If you specify @s3-aws-kms@ and you don\'t want to use the -- default key, you must add the AWS-KMS key that you want to use to -- your pipeline. -- -- - __aes-cbc-pkcs7:__ A padded cipher-block mode of operation -- originally used for HLS files. -- -- - __aes-ctr:__ AES Counter Mode. -- -- - __aes-gcm:__ AES Galois Counter Mode, a mode of operation that is an -- authenticated encryption format, meaning that a file, key, or -- initialization vector that has been tampered with fails the -- decryption process. -- -- For all three AES options, you must provide the following settings, -- which must be base64-encoded: -- -- - __Key__ -- -- - __Key MD5__ -- -- - __Initialization Vector__ -- -- For the AES modes, your private encryption keys and your unencrypted -- data are never stored by AWS; therefore, it is important that you safely -- manage your encryption keys. If you lose them, you won\'t be able to -- unencrypt your data. Encryption -> Maybe Text mode :: Prelude.Maybe Prelude.Text } deriving (Encryption -> Encryption -> Bool forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a /= :: Encryption -> Encryption -> Bool $c/= :: Encryption -> Encryption -> Bool == :: Encryption -> Encryption -> Bool $c== :: Encryption -> Encryption -> Bool Prelude.Eq, ReadPrec [Encryption] ReadPrec Encryption Int -> ReadS Encryption ReadS [Encryption] forall a. (Int -> ReadS a) -> ReadS [a] -> ReadPrec a -> ReadPrec [a] -> Read a readListPrec :: ReadPrec [Encryption] $creadListPrec :: ReadPrec [Encryption] readPrec :: ReadPrec Encryption $creadPrec :: ReadPrec Encryption readList :: ReadS [Encryption] $creadList :: ReadS [Encryption] readsPrec :: Int -> ReadS Encryption $creadsPrec :: Int -> ReadS Encryption Prelude.Read, Int -> Encryption -> ShowS [Encryption] -> ShowS Encryption -> String forall a. (Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a showList :: [Encryption] -> ShowS $cshowList :: [Encryption] -> ShowS show :: Encryption -> String $cshow :: Encryption -> String showsPrec :: Int -> Encryption -> ShowS $cshowsPrec :: Int -> Encryption -> ShowS Prelude.Show, forall x. Rep Encryption x -> Encryption forall x. Encryption -> Rep Encryption x forall a. (forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a $cto :: forall x. Rep Encryption x -> Encryption $cfrom :: forall x. Encryption -> Rep Encryption x Prelude.Generic) -- | -- Create a value of 'Encryption' with all optional fields omitted. -- -- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields. -- -- The following record fields are available, with the corresponding lenses provided -- for backwards compatibility: -- -- 'initializationVector', 'encryption_initializationVector' - The series of random bits created by a random bit generator, unique for -- every encryption operation, that you used to encrypt your input files or -- that you want Elastic Transcoder to use to encrypt your output files. -- The initialization vector must be base64-encoded, and it must be exactly -- 16 bytes long before being base64-encoded. -- -- 'key', 'encryption_key' - The data encryption key that you want Elastic Transcoder to use to -- encrypt your output file, or that was used to encrypt your input file. -- The key must be base64-encoded and it must be one of the following bit -- lengths before being base64-encoded: -- -- @128@, @192@, or @256@. -- -- The key must also be encrypted by using the Amazon Key Management -- Service. -- -- 'keyMd5', 'encryption_keyMd5' - The MD5 digest of the key that you used to encrypt your input file, or -- that you want Elastic Transcoder to use to encrypt your output file. -- Elastic Transcoder uses the key digest as a checksum to make sure your -- key was not corrupted in transit. The key MD5 must be base64-encoded, -- and it must be exactly 16 bytes long before being base64-encoded. -- -- 'mode', 'encryption_mode' - The specific server-side encryption mode that you want Elastic -- Transcoder to use when decrypting your input files or encrypting your -- output files. Elastic Transcoder supports the following options: -- -- - __s3:__ Amazon S3 creates and manages the keys used for encrypting -- your files. -- -- - __s3-aws-kms:__ Amazon S3 calls the Amazon Key Management Service, -- which creates and manages the keys that are used for encrypting your -- files. If you specify @s3-aws-kms@ and you don\'t want to use the -- default key, you must add the AWS-KMS key that you want to use to -- your pipeline. -- -- - __aes-cbc-pkcs7:__ A padded cipher-block mode of operation -- originally used for HLS files. -- -- - __aes-ctr:__ AES Counter Mode. -- -- - __aes-gcm:__ AES Galois Counter Mode, a mode of operation that is an -- authenticated encryption format, meaning that a file, key, or -- initialization vector that has been tampered with fails the -- decryption process. -- -- For all three AES options, you must provide the following settings, -- which must be base64-encoded: -- -- - __Key__ -- -- - __Key MD5__ -- -- - __Initialization Vector__ -- -- For the AES modes, your private encryption keys and your unencrypted -- data are never stored by AWS; therefore, it is important that you safely -- manage your encryption keys. If you lose them, you won\'t be able to -- unencrypt your data. newEncryption :: Encryption newEncryption :: Encryption newEncryption = Encryption' { $sel:initializationVector:Encryption' :: Maybe Text initializationVector = forall a. Maybe a Prelude.Nothing, $sel:key:Encryption' :: Maybe Text key = forall a. Maybe a Prelude.Nothing, $sel:keyMd5:Encryption' :: Maybe Text keyMd5 = forall a. Maybe a Prelude.Nothing, $sel:mode:Encryption' :: Maybe Text mode = forall a. Maybe a Prelude.Nothing } -- | The series of random bits created by a random bit generator, unique for -- every encryption operation, that you used to encrypt your input files or -- that you want Elastic Transcoder to use to encrypt your output files. -- The initialization vector must be base64-encoded, and it must be exactly -- 16 bytes long before being base64-encoded. encryption_initializationVector :: Lens.Lens' Encryption (Prelude.Maybe Prelude.Text) encryption_initializationVector :: Lens' Encryption (Maybe Text) encryption_initializationVector = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b Lens.lens (\Encryption' {Maybe Text initializationVector :: Maybe Text $sel:initializationVector:Encryption' :: Encryption -> Maybe Text initializationVector} -> Maybe Text initializationVector) (\s :: Encryption s@Encryption' {} Maybe Text a -> Encryption s {$sel:initializationVector:Encryption' :: Maybe Text initializationVector = Maybe Text a} :: Encryption) -- | The data encryption key that you want Elastic Transcoder to use to -- encrypt your output file, or that was used to encrypt your input file. -- The key must be base64-encoded and it must be one of the following bit -- lengths before being base64-encoded: -- -- @128@, @192@, or @256@. -- -- The key must also be encrypted by using the Amazon Key Management -- Service. encryption_key :: Lens.Lens' Encryption (Prelude.Maybe Prelude.Text) encryption_key :: Lens' Encryption (Maybe Text) encryption_key = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b Lens.lens (\Encryption' {Maybe Text key :: Maybe Text $sel:key:Encryption' :: Encryption -> Maybe Text key} -> Maybe Text key) (\s :: Encryption s@Encryption' {} Maybe Text a -> Encryption s {$sel:key:Encryption' :: Maybe Text key = Maybe Text a} :: Encryption) -- | The MD5 digest of the key that you used to encrypt your input file, or -- that you want Elastic Transcoder to use to encrypt your output file. -- Elastic Transcoder uses the key digest as a checksum to make sure your -- key was not corrupted in transit. The key MD5 must be base64-encoded, -- and it must be exactly 16 bytes long before being base64-encoded. encryption_keyMd5 :: Lens.Lens' Encryption (Prelude.Maybe Prelude.Text) encryption_keyMd5 :: Lens' Encryption (Maybe Text) encryption_keyMd5 = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b Lens.lens (\Encryption' {Maybe Text keyMd5 :: Maybe Text $sel:keyMd5:Encryption' :: Encryption -> Maybe Text keyMd5} -> Maybe Text keyMd5) (\s :: Encryption s@Encryption' {} Maybe Text a -> Encryption s {$sel:keyMd5:Encryption' :: Maybe Text keyMd5 = Maybe Text a} :: Encryption) -- | The specific server-side encryption mode that you want Elastic -- Transcoder to use when decrypting your input files or encrypting your -- output files. Elastic Transcoder supports the following options: -- -- - __s3:__ Amazon S3 creates and manages the keys used for encrypting -- your files. -- -- - __s3-aws-kms:__ Amazon S3 calls the Amazon Key Management Service, -- which creates and manages the keys that are used for encrypting your -- files. If you specify @s3-aws-kms@ and you don\'t want to use the -- default key, you must add the AWS-KMS key that you want to use to -- your pipeline. -- -- - __aes-cbc-pkcs7:__ A padded cipher-block mode of operation -- originally used for HLS files. -- -- - __aes-ctr:__ AES Counter Mode. -- -- - __aes-gcm:__ AES Galois Counter Mode, a mode of operation that is an -- authenticated encryption format, meaning that a file, key, or -- initialization vector that has been tampered with fails the -- decryption process. -- -- For all three AES options, you must provide the following settings, -- which must be base64-encoded: -- -- - __Key__ -- -- - __Key MD5__ -- -- - __Initialization Vector__ -- -- For the AES modes, your private encryption keys and your unencrypted -- data are never stored by AWS; therefore, it is important that you safely -- manage your encryption keys. If you lose them, you won\'t be able to -- unencrypt your data. encryption_mode :: Lens.Lens' Encryption (Prelude.Maybe Prelude.Text) encryption_mode :: Lens' Encryption (Maybe Text) encryption_mode = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b Lens.lens (\Encryption' {Maybe Text mode :: Maybe Text $sel:mode:Encryption' :: Encryption -> Maybe Text mode} -> Maybe Text mode) (\s :: Encryption s@Encryption' {} Maybe Text a -> Encryption s {$sel:mode:Encryption' :: Maybe Text mode = Maybe Text a} :: Encryption) instance Data.FromJSON Encryption where parseJSON :: Value -> Parser Encryption parseJSON = forall a. String -> (Object -> Parser a) -> Value -> Parser a Data.withObject String "Encryption" ( \Object x -> Maybe Text -> Maybe Text -> Maybe Text -> Maybe Text -> Encryption Encryption' forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b Prelude.<$> (Object x forall a. FromJSON a => Object -> Key -> Parser (Maybe a) Data..:? Key "InitializationVector") forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b Prelude.<*> (Object x forall a. FromJSON a => Object -> Key -> Parser (Maybe a) Data..:? Key "Key") forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b Prelude.<*> (Object x forall a. FromJSON a => Object -> Key -> Parser (Maybe a) Data..:? Key "KeyMd5") forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b Prelude.<*> (Object x forall a. FromJSON a => Object -> Key -> Parser (Maybe a) Data..:? Key "Mode") ) instance Prelude.Hashable Encryption where hashWithSalt :: Int -> Encryption -> Int hashWithSalt Int _salt Encryption' {Maybe Text mode :: Maybe Text keyMd5 :: Maybe Text key :: Maybe Text initializationVector :: Maybe Text $sel:mode:Encryption' :: Encryption -> Maybe Text $sel:keyMd5:Encryption' :: Encryption -> Maybe Text $sel:key:Encryption' :: Encryption -> Maybe Text $sel:initializationVector:Encryption' :: Encryption -> Maybe Text ..} = Int _salt forall a. Hashable a => Int -> a -> Int `Prelude.hashWithSalt` Maybe Text initializationVector forall a. Hashable a => Int -> a -> Int `Prelude.hashWithSalt` Maybe Text key forall a. Hashable a => Int -> a -> Int `Prelude.hashWithSalt` Maybe Text keyMd5 forall a. Hashable a => Int -> a -> Int `Prelude.hashWithSalt` Maybe Text mode instance Prelude.NFData Encryption where rnf :: Encryption -> () rnf Encryption' {Maybe Text mode :: Maybe Text keyMd5 :: Maybe Text key :: Maybe Text initializationVector :: Maybe Text $sel:mode:Encryption' :: Encryption -> Maybe Text $sel:keyMd5:Encryption' :: Encryption -> Maybe Text $sel:key:Encryption' :: Encryption -> Maybe Text $sel:initializationVector:Encryption' :: Encryption -> Maybe Text ..} = forall a. NFData a => a -> () Prelude.rnf Maybe Text initializationVector seq :: forall a b. a -> b -> b `Prelude.seq` forall a. NFData a => a -> () Prelude.rnf Maybe Text key seq :: forall a b. a -> b -> b `Prelude.seq` forall a. NFData a => a -> () Prelude.rnf Maybe Text keyMd5 seq :: forall a b. a -> b -> b `Prelude.seq` forall a. NFData a => a -> () Prelude.rnf Maybe Text mode instance Data.ToJSON Encryption where toJSON :: Encryption -> Value toJSON Encryption' {Maybe Text mode :: Maybe Text keyMd5 :: Maybe Text key :: Maybe Text initializationVector :: Maybe Text $sel:mode:Encryption' :: Encryption -> Maybe Text $sel:keyMd5:Encryption' :: Encryption -> Maybe Text $sel:key:Encryption' :: Encryption -> Maybe Text $sel:initializationVector:Encryption' :: Encryption -> Maybe Text ..} = [Pair] -> Value Data.object ( forall a. [Maybe a] -> [a] Prelude.catMaybes [ (Key "InitializationVector" forall kv v. (KeyValue kv, ToJSON v) => Key -> v -> kv Data..=) forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b Prelude.<$> Maybe Text initializationVector, (Key "Key" forall kv v. (KeyValue kv, ToJSON v) => Key -> v -> kv Data..=) forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b Prelude.<$> Maybe Text key, (Key "KeyMd5" forall kv v. (KeyValue kv, ToJSON v) => Key -> v -> kv Data..=) forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b Prelude.<$> Maybe Text keyMd5, (Key "Mode" forall kv v. (KeyValue kv, ToJSON v) => Key -> v -> kv Data..=) forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b Prelude.<$> Maybe Text mode ] )