github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl@v0.2.0/README.md (about)

     1  # AWS Cryptographic Material Providers Library
     2  
     3  The AWS Cryptographic Material Providers Library helps you define your key distribution configuration.
     4  It uses cryptographic best practices to protect the data keys that protect your data.
     5  The data key is protected with a key encryption key called a _wrapping key_.
     6  The encryption method returns the data key and one or more encrypted data keys.
     7  Supported libraries use this information to perform envelope encryption.
     8  The data key is used to protect your data,
     9  and the encrypted data keys are stored alongside your data
    10  so you don't need to keep track of the data keys separately.
    11  You can use AWS KMS keys in [AWS Key Management Service](https://aws.amazon.com/kms/)(AWS KMS) as wrapping keys.
    12  The AWS Cryptographic Material Providers Library
    13  also provides APIs to define and use wrapping keys from other key providers.
    14  
    15  The AWS Cryptographic Material Providers Library provides methods for encrypting and decrypting cryptographic materials used in higher level client side encryption libraries.
    16  
    17  ## Security
    18  
    19  If you discover a potential security issue in this project
    20  we ask that you notify AWS/Amazon Security via our
    21  [vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/).
    22  Please **do not** create a public GitHub issue.
    23  
    24  ## Getting Started
    25  
    26  This library is written in Dafny, a formally verifiable programming language that can be compiled into
    27  different runtimes. Dafny code is transpiled into Go code with the help of internal tools.
    28  
    29  ### Installation
    30  
    31  `go get github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl@v0.2.0`
    32  
    33  ### Optional Prerequisites
    34  
    35  #### AWS Integration
    36  
    37  You don't need an Amazon Web Services (AWS) account to use the AWS Cryptographic Material Providers Library,
    38  but some APIs require an AWS account, an AWS KMS key, or an Amazon DynamoDB Table.
    39  You might also need to use the AWS SDK for Go v2 sdk for some APIs.
    40  
    41  - **To create an AWS account**, go to [Sign In or Create an AWS Account](https://portal.aws.amazon.com/gp/aws/developer/registration/index.html) and then choose **I am a new user.** Follow the instructions to create an AWS account.
    42  
    43  - **To create a symmetric encryption KMS key in AWS KMS**, see [Creating Keys](https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html).
    44  
    45  - **To download and install the AWS SDK for Go v2**, see [Installing the AWS SDK for Go v2](https://pkg.go.dev/github.com/aws/aws-sdk-go-v2).
    46  
    47  ## FAQ
    48  
    49  See the [Frequently Asked Questions](https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/faq.html) page in the official documentation.