Examples with GenerateDataKeyResult com.amazonaws.services.kms.model.GenerateDataKeyResult used on opensource projects

Search in sources :

Example 1 with GenerateDataKeyResult

use of com.amazonaws.services.kms.model.GenerateDataKeyResult in project aws-doc-sdk-examples by awsdocs.

the class GenerateDataKey method main.

public static void main(String[] args) {
    final String USAGE = "To run this example, supply a key id or ARN and a KeySpec\n" + "Usage: GenerateDataKey <key-id> <key-spec>\n" + "Example: GenerateDataKey 1234abcd-12ab-34cd-56ef-1234567890ab" + " AES_256\n";
    if (args.length != 2) {
        System.out.println(USAGE);
        System.exit(1);
    }
    String keyId = args[0];
    String keySpec = args[1];
    AWSKMS kmsClient = AWSKMSClientBuilder.standard().build();
    // Generate a data key
    GenerateDataKeyRequest dataKeyRequest = new GenerateDataKeyRequest();
    dataKeyRequest.setKeyId(keyId);
    dataKeyRequest.setKeySpec(keySpec);
    GenerateDataKeyResult dataKeyResult = kmsClient.generateDataKey(dataKeyRequest);
    ByteBuffer plaintextKey = dataKeyResult.getPlaintext();
    ByteBuffer encryptedKey = dataKeyResult.getCiphertextBlob();
    System.out.printf("Successfully generated an encrypted data key: %s%n", Base64.getEncoder().encodeToString(encryptedKey.array()));
}
Also used : GenerateDataKeyRequest(com.amazonaws.services.kms.model.GenerateDataKeyRequest) GenerateDataKeyResult(com.amazonaws.services.kms.model.GenerateDataKeyResult) ByteBuffer(java.nio.ByteBuffer) AWSKMS(com.amazonaws.services.kms.AWSKMS)

Example 2 with GenerateDataKeyResult

use of com.amazonaws.services.kms.model.GenerateDataKeyResult in project testcases by coheigea.

the class CommonCallbackHandler method handle.

public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
    for (int i = 0; i < callbacks.length; i++) {
        if (callbacks[i] instanceof WSPasswordCallback) {
            WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
            if (pc.getUsage() == WSPasswordCallback.SECRET_KEY) {
                final AWSCredentials creds = new BasicAWSCredentials(accessKey, secretKey);
                AWSKMSClient kms = new AWSKMSClient(creds);
                kms.setEndpoint(endpoint);
                if (pc.getEncryptedSecret() != null) {
                    ByteBuffer encryptedKey = ByteBuffer.wrap(pc.getEncryptedSecret());
                    DecryptRequest req = new DecryptRequest().withCiphertextBlob(encryptedKey);
                    ByteBuffer plaintextKey = kms.decrypt(req).getPlaintext();
                    byte[] key = new byte[plaintextKey.remaining()];
                    plaintextKey.get(key);
                    pc.setKey(key);
                } else {
                    GenerateDataKeyRequest dataKeyRequest = new GenerateDataKeyRequest();
                    dataKeyRequest.setKeyId(masterKeyId);
                    String algorithm = "AES_128";
                    if (pc.getAlgorithm() != null && pc.getAlgorithm().contains("aes256")) {
                        algorithm = "AES_256";
                    }
                    dataKeyRequest.setKeySpec(algorithm);
                    GenerateDataKeyResult dataKeyResult = kms.generateDataKey(dataKeyRequest);
                    ByteBuffer plaintextKey = dataKeyResult.getPlaintext();
                    byte[] key = new byte[plaintextKey.remaining()];
                    plaintextKey.get(key);
                    pc.setKey(key);
                    ByteBuffer encryptedKey = dataKeyResult.getCiphertextBlob();
                    byte[] encKey = new byte[encryptedKey.remaining()];
                    encryptedKey.get(encKey);
                    pc.setEncryptedSecret(encKey);
                    // Create a KeyName pointing to the encryption key
                    Document doc = DOMUtils.newDocument();
                    Element keyInfoElement = doc.createElementNS(WSConstants.SIG_NS, WSConstants.SIG_PREFIX + ":" + WSConstants.KEYINFO_LN);
                    keyInfoElement.setAttributeNS(WSConstants.XMLNS_NS, "xmlns:" + WSConstants.SIG_PREFIX, WSConstants.SIG_NS);
                    Element keyNameElement = doc.createElementNS(WSConstants.SIG_NS, WSConstants.SIG_PREFIX + ":KeyName");
                    keyNameElement.setTextContent("1c84a3f2-51cc-4c66-9045-68f51ef8b1eb");
                    keyInfoElement.appendChild(keyNameElement);
                    pc.setKeyInfoReference(keyInfoElement);
                }
            }
        }
    }
}
Also used : GenerateDataKeyResult(com.amazonaws.services.kms.model.GenerateDataKeyResult) Element(org.w3c.dom.Element) Document(org.w3c.dom.Document) BasicAWSCredentials(com.amazonaws.auth.BasicAWSCredentials) AWSCredentials(com.amazonaws.auth.AWSCredentials) ByteBuffer(java.nio.ByteBuffer) BasicAWSCredentials(com.amazonaws.auth.BasicAWSCredentials) GenerateDataKeyRequest(com.amazonaws.services.kms.model.GenerateDataKeyRequest) AWSKMSClient(com.amazonaws.services.kms.AWSKMSClient) WSPasswordCallback(org.apache.wss4j.common.ext.WSPasswordCallback) DecryptRequest(com.amazonaws.services.kms.model.DecryptRequest)

Aggregations

GenerateDataKeyRequest (com.amazonaws.services.kms.model.GenerateDataKeyRequest)2 GenerateDataKeyResult (com.amazonaws.services.kms.model.GenerateDataKeyResult)2 ByteBuffer (java.nio.ByteBuffer)2 AWSCredentials (com.amazonaws.auth.AWSCredentials)1 BasicAWSCredentials (com.amazonaws.auth.BasicAWSCredentials)1 AWSKMS (com.amazonaws.services.kms.AWSKMS)1 AWSKMSClient (com.amazonaws.services.kms.AWSKMSClient)1 DecryptRequest (com.amazonaws.services.kms.model.DecryptRequest)1 WSPasswordCallback (org.apache.wss4j.common.ext.WSPasswordCallback)1 Document (org.w3c.dom.Document)1 Element (org.w3c.dom.Element)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial