Examples with DecryptRequest com.amazonaws.services.kms.model.DecryptRequest used on opensource projects

Search in sources :

Example 6 with DecryptRequest

use of com.amazonaws.services.kms.model.DecryptRequest in project aws-doc-sdk-examples by awsdocs.

the class DecryptDataKey method main.

public static void main(String[] args) {
    AWSKMS kmsClient = AWSKMSClientBuilder.standard().build();
    // Decrypt a data key
    // 
    ByteBuffer ciphertextBlob = ByteBuffer.wrap(new byte[] { Byte.parseByte("Place your ciphertext here") });
    DecryptRequest req = new DecryptRequest().withCiphertextBlob(ciphertextBlob);
    ByteBuffer plainText = kmsClient.decrypt(req).getPlaintext();
}
Also used : ByteBuffer(java.nio.ByteBuffer) DecryptRequest(com.amazonaws.services.kms.model.DecryptRequest) AWSKMS(com.amazonaws.services.kms.AWSKMS)

Example 7 with DecryptRequest

use of com.amazonaws.services.kms.model.DecryptRequest in project bender by Nextdoor.

the class Passwords method decrypt.

public static String decrypt(String str, Region region) throws UnsupportedEncodingException {
    if (isJUnitTest()) {
        return str;
    }
    AWSKMS kms = AWSKMSClientBuilder.standard().withRegion(region.getName()).build();
    /*
     * The KMS ciphertext is base64 encoded and must be decoded before the request is made
     */
    String cipherString = str;
    byte[] cipherBytes = Base64.decode(cipherString);
    /*
     * Create decode request and decode
     */
    ByteBuffer cipherBuffer = ByteBuffer.wrap(cipherBytes);
    DecryptRequest req = new DecryptRequest().withCiphertextBlob(cipherBuffer);
    DecryptResult resp = kms.decrypt(req);
    /*
     * Convert the response plaintext bytes to a string
     */
    return new String(resp.getPlaintext().array(), Charset.forName("UTF-8"));
}
Also used : DecryptResult(com.amazonaws.services.kms.model.DecryptResult) ByteBuffer(java.nio.ByteBuffer) DecryptRequest(com.amazonaws.services.kms.model.DecryptRequest) AWSKMS(com.amazonaws.services.kms.AWSKMS)

Example 8 with DecryptRequest

use of com.amazonaws.services.kms.model.DecryptRequest in project testcases by coheigea.

the class CommonCallbackHandler method handle.

public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
    for (int i = 0; i < callbacks.length; i++) {
        if (callbacks[i] instanceof WSPasswordCallback) {
            WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
            if (pc.getUsage() == WSPasswordCallback.SECRET_KEY) {
                final AWSCredentials creds = new BasicAWSCredentials(accessKey, secretKey);
                AWSKMSClient kms = new AWSKMSClient(creds);
                kms.setEndpoint(endpoint);
                if (pc.getEncryptedSecret() != null) {
                    ByteBuffer encryptedKey = ByteBuffer.wrap(pc.getEncryptedSecret());
                    DecryptRequest req = new DecryptRequest().withCiphertextBlob(encryptedKey);
                    ByteBuffer plaintextKey = kms.decrypt(req).getPlaintext();
                    byte[] key = new byte[plaintextKey.remaining()];
                    plaintextKey.get(key);
                    pc.setKey(key);
                } else {
                    GenerateDataKeyRequest dataKeyRequest = new GenerateDataKeyRequest();
                    dataKeyRequest.setKeyId(masterKeyId);
                    String algorithm = "AES_128";
                    if (pc.getAlgorithm() != null && pc.getAlgorithm().contains("aes256")) {
                        algorithm = "AES_256";
                    }
                    dataKeyRequest.setKeySpec(algorithm);
                    GenerateDataKeyResult dataKeyResult = kms.generateDataKey(dataKeyRequest);
                    ByteBuffer plaintextKey = dataKeyResult.getPlaintext();
                    byte[] key = new byte[plaintextKey.remaining()];
                    plaintextKey.get(key);
                    pc.setKey(key);
                    ByteBuffer encryptedKey = dataKeyResult.getCiphertextBlob();
                    byte[] encKey = new byte[encryptedKey.remaining()];
                    encryptedKey.get(encKey);
                    pc.setEncryptedSecret(encKey);
                    // Create a KeyName pointing to the encryption key
                    Document doc = DOMUtils.newDocument();
                    Element keyInfoElement = doc.createElementNS(WSConstants.SIG_NS, WSConstants.SIG_PREFIX + ":" + WSConstants.KEYINFO_LN);
                    keyInfoElement.setAttributeNS(WSConstants.XMLNS_NS, "xmlns:" + WSConstants.SIG_PREFIX, WSConstants.SIG_NS);
                    Element keyNameElement = doc.createElementNS(WSConstants.SIG_NS, WSConstants.SIG_PREFIX + ":KeyName");
                    keyNameElement.setTextContent("1c84a3f2-51cc-4c66-9045-68f51ef8b1eb");
                    keyInfoElement.appendChild(keyNameElement);
                    pc.setKeyInfoReference(keyInfoElement);
                }
            }
        }
    }
}
Also used : GenerateDataKeyResult(com.amazonaws.services.kms.model.GenerateDataKeyResult) Element(org.w3c.dom.Element) Document(org.w3c.dom.Document) BasicAWSCredentials(com.amazonaws.auth.BasicAWSCredentials) AWSCredentials(com.amazonaws.auth.AWSCredentials) ByteBuffer(java.nio.ByteBuffer) BasicAWSCredentials(com.amazonaws.auth.BasicAWSCredentials) GenerateDataKeyRequest(com.amazonaws.services.kms.model.GenerateDataKeyRequest) AWSKMSClient(com.amazonaws.services.kms.AWSKMSClient) WSPasswordCallback(org.apache.wss4j.common.ext.WSPasswordCallback) DecryptRequest(com.amazonaws.services.kms.model.DecryptRequest)

Example 9 with DecryptRequest

use of com.amazonaws.services.kms.model.DecryptRequest in project spring-cloud-config-aws-kms by zalando.

the class KmsEncryptionIntegrationConfigurationTest method testPropertyHasBeenDecrypted.

@Test
public void testPropertyHasBeenDecrypted() throws Exception {
    assertThat(decryptedSecret).isEqualTo(PLAINTEXT);
    final DecryptRequest decryptRequest = new DecryptRequest();
    decryptRequest.setCiphertextBlob(CIPHER_TEXT_BLOB);
    verify(mockKms, atLeastOnce()).decrypt(decryptRequest);
}
Also used : DecryptRequest(com.amazonaws.services.kms.model.DecryptRequest) Test(org.junit.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Example 10 with DecryptRequest

use of com.amazonaws.services.kms.model.DecryptRequest in project athenz by yahoo.

the class AwsPrivateKeyStore method getDecryptedData.

private String getDecryptedData(final String bucketName, final String keyName) {
    String keyValue = "";
    S3Object s3Object = getS3().getObject(bucketName, keyName);
    if (LOG.isDebugEnabled()) {
        LOG.debug("retrieving appName {}, key {}", bucketName, keyName);
    }
    if (null == s3Object) {
        LOG.error("error retrieving key {}, from bucket {}", keyName, bucketName);
        return keyValue;
    }
    try (S3ObjectInputStream s3InputStream = s3Object.getObjectContent();
        ByteArrayOutputStream result = new ByteArrayOutputStream()) {
        byte[] buffer = new byte[1024];
        int length;
        while ((length = s3InputStream.read(buffer)) != -1) {
            result.write(buffer, 0, length);
        }
        if (kmsDecrypt) {
            DecryptRequest req = new DecryptRequest().withCiphertextBlob(ByteBuffer.wrap(result.toByteArray()));
            ByteBuffer plainText = getKMS().decrypt(req).getPlaintext();
            keyValue = new String(plainText.array());
        } else {
            keyValue = result.toString();
        }
    } catch (IOException e) {
        LOG.error("error getting application secret.", e);
    }
    return keyValue.trim();
}
Also used : S3ObjectInputStream(com.amazonaws.services.s3.model.S3ObjectInputStream) S3Object(com.amazonaws.services.s3.model.S3Object) ByteArrayOutputStream(java.io.ByteArrayOutputStream) IOException(java.io.IOException) ByteBuffer(java.nio.ByteBuffer) DecryptRequest(com.amazonaws.services.kms.model.DecryptRequest)

Aggregations

DecryptRequest (com.amazonaws.services.kms.model.DecryptRequest)10 ByteBuffer (java.nio.ByteBuffer)7 DecryptResult (com.amazonaws.services.kms.model.DecryptResult)4 AWSKMS (com.amazonaws.services.kms.AWSKMS)3 AWSKMSClient (com.amazonaws.services.kms.AWSKMSClient)3 AWSCredentials (com.amazonaws.auth.AWSCredentials)2 BasicAWSCredentials (com.amazonaws.auth.BasicAWSCredentials)2 AmazonServiceException (com.amazonaws.AmazonServiceException)1 EncryptRequest (com.amazonaws.services.kms.model.EncryptRequest)1 EncryptResult (com.amazonaws.services.kms.model.EncryptResult)1 GenerateDataKeyRequest (com.amazonaws.services.kms.model.GenerateDataKeyRequest)1 GenerateDataKeyResult (com.amazonaws.services.kms.model.GenerateDataKeyResult)1 S3Object (com.amazonaws.services.s3.model.S3Object)1 S3ObjectInputStream (com.amazonaws.services.s3.model.S3ObjectInputStream)1 ByteArrayOutputStream (java.io.ByteArrayOutputStream)1 IOException (java.io.IOException)1 GeneralSecurityException (java.security.GeneralSecurityException)1 WSPasswordCallback (org.apache.wss4j.common.ext.WSPasswordCallback)1 Base64DecodingException (org.apache.xml.security.exceptions.Base64DecodingException)1 Before (org.junit.Before)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial