From eec790b6b611c0a802736f9cf79a743b97442137 Mon Sep 17 00:00:00 2001
From: Darwin Chowdary <darchow@amazon.com>
Date: Fri, 2 Feb 2024 13:16:12 -0800
Subject: [PATCH 1/3] chore: deprecate getMasterKeyIds()

---
 src/main/java/com/amazonaws/encryptionsdk/CryptoResult.java   | 1 +
 .../amazonaws/encryptionsdk/internal/DecryptionHandler.java   | 4 +++-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/main/java/com/amazonaws/encryptionsdk/CryptoResult.java b/src/main/java/com/amazonaws/encryptionsdk/CryptoResult.java
index 61f38fc2..6b569ea7 100644
--- a/src/main/java/com/amazonaws/encryptionsdk/CryptoResult.java
+++ b/src/main/java/com/amazonaws/encryptionsdk/CryptoResult.java
@@ -69,6 +69,7 @@ public List<K> getMasterKeys() {
   }
 
   /** Convenience method for retrieving the keyIds in the results from {@link #getMasterKeys()}. */
+  @Deprecated
   public List<String> getMasterKeyIds() {
     final List<String> result = new ArrayList<>(masterKeys_.size());
     for (final MasterKey<K> mk : masterKeys_) {
diff --git a/src/main/java/com/amazonaws/encryptionsdk/internal/DecryptionHandler.java b/src/main/java/com/amazonaws/encryptionsdk/internal/DecryptionHandler.java
index 591e8805..09ee898d 100644
--- a/src/main/java/com/amazonaws/encryptionsdk/internal/DecryptionHandler.java
+++ b/src/main/java/com/amazonaws/encryptionsdk/internal/DecryptionHandler.java
@@ -890,7 +890,9 @@ public CiphertextHeaders getHeaders() {
 
   @Override
   public List<K> getMasterKeys() {
-    return Collections.singletonList(dataKey_.getMasterKey());
+    return dataKey_.getMasterKey() == null
+        ? Collections.emptyList()
+        : Collections.singletonList(dataKey_.getMasterKey());
   }
 
   @Override

From f182a142c3ffa5ff4c3e155ca89eaff886109f78 Mon Sep 17 00:00:00 2001
From: Darwin Chowdary <darchow@amazon.com>
Date: Fri, 2 Feb 2024 13:16:33 -0800
Subject: [PATCH 2/3] chore: deprecate getMasterKeyIds()

---
 .../encryptionsdk/AwsCryptoIntegrationTest.java  | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/src/test/java/com/amazonaws/encryptionsdk/AwsCryptoIntegrationTest.java b/src/test/java/com/amazonaws/encryptionsdk/AwsCryptoIntegrationTest.java
index e414c50b..2c8c704c 100644
--- a/src/test/java/com/amazonaws/encryptionsdk/AwsCryptoIntegrationTest.java
+++ b/src/test/java/com/amazonaws/encryptionsdk/AwsCryptoIntegrationTest.java
@@ -113,21 +113,21 @@ public void AwsKmsEncryptDecryptKeyring() {
         crypto.encryptData(kmsKeyring, EXAMPLE_DATA, encryptionContext);
 
     List<?> masterKeys = encryptResult.getMasterKeys();
+    List<String> masterKeyIds = encryptResult.getMasterKeyIds();
     // Assert CryptoResult returns empty list if keyrings are used.
     assert masterKeys.size() == 0;
+    assert masterKeyIds.isEmpty();
 
     final byte[] ciphertext = encryptResult.getResult();
 
     // Decrypt the data
-    final CryptoResult<byte[], ?> decryptResult = crypto.decryptData(kmsKeyring, ciphertext);
+    final CryptoResult<byte[], ?> decryptResult =
+        crypto.decryptData(kmsKeyring, ciphertext, encryptionContext);
+    masterKeys = decryptResult.getMasterKeys();
+    masterKeyIds = decryptResult.getMasterKeyIds();
+    // Assert CryptoResult returns empty list if keyrings are used.
     assert masterKeys.size() == 0;
-
-    // Verify that the encryption context in the result contains the
-    // encryption context supplied to the encryptData method.
-    if (!encryptionContext.entrySet().stream()
-        .allMatch(e -> e.getValue().equals(decryptResult.getEncryptionContext().get(e.getKey())))) {
-      throw new IllegalStateException("Wrong Encryption Context!");
-    }
+    assert masterKeyIds.isEmpty();
 
     // Verify that the decrypted plaintext matches the original plaintext
     assert Arrays.equals(decryptResult.getResult(), EXAMPLE_DATA);

From 559275e655728dd5d4751ce1725d590bbd9ed907 Mon Sep 17 00:00:00 2001
From: Darwin Chowdary <darchow@amazon.com>
Date: Fri, 2 Feb 2024 14:41:35 -0800
Subject: [PATCH 3/3] chore: deprecate getMasterKeyIds()

---
 .../com/amazonaws/encryptionsdk/AwsCryptoIntegrationTest.java | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/test/java/com/amazonaws/encryptionsdk/AwsCryptoIntegrationTest.java b/src/test/java/com/amazonaws/encryptionsdk/AwsCryptoIntegrationTest.java
index 2c8c704c..06a9e77e 100644
--- a/src/test/java/com/amazonaws/encryptionsdk/AwsCryptoIntegrationTest.java
+++ b/src/test/java/com/amazonaws/encryptionsdk/AwsCryptoIntegrationTest.java
@@ -115,7 +115,7 @@ public void AwsKmsEncryptDecryptKeyring() {
     List<?> masterKeys = encryptResult.getMasterKeys();
     List<String> masterKeyIds = encryptResult.getMasterKeyIds();
     // Assert CryptoResult returns empty list if keyrings are used.
-    assert masterKeys.size() == 0;
+    assert masterKeys.isEmpty();
     assert masterKeyIds.isEmpty();
 
     final byte[] ciphertext = encryptResult.getResult();
@@ -126,7 +126,7 @@ public void AwsKmsEncryptDecryptKeyring() {
     masterKeys = decryptResult.getMasterKeys();
     masterKeyIds = decryptResult.getMasterKeyIds();
     // Assert CryptoResult returns empty list if keyrings are used.
-    assert masterKeys.size() == 0;
+    assert masterKeys.isEmpty();
     assert masterKeyIds.isEmpty();
 
     // Verify that the decrypted plaintext matches the original plaintext