Search in sources :

Example 1 with KMSInvalidStateException

use of com.amazonaws.services.kms.model.KMSInvalidStateException in project cerberus by Nike-Inc.

the class AuthenticationService method encrypt.

/**
 * Encrypts the data provided using KMS based on the provided region and key id.
 *
 * @param regionName Region where key is located
 * @param keyId Key id
 * @param data Data to be encrypted
 * @return encrypted data
 */
private byte[] encrypt(final String regionName, final String keyId, final byte[] data) {
    Region region;
    try {
        region = Region.getRegion(Regions.fromName(regionName));
    } catch (IllegalArgumentException iae) {
        throw ApiException.newBuilder().withApiErrors(DefaultApiError.AUTH_IAM_ROLE_AWS_REGION_INVALID).withExceptionCause(iae).build();
    }
    final AWSKMSClient kmsClient = kmsClientFactory.getClient(region);
    try {
        final EncryptResult encryptResult = kmsClient.encrypt(new EncryptRequest().withKeyId(keyId).withPlaintext(ByteBuffer.wrap(data)));
        return encryptResult.getCiphertextBlob().array();
    } catch (NotFoundException | KMSInvalidStateException keyNotUsableException) {
        throw new KeyInvalidForAuthException(String.format("Failed to encrypt token using KMS key with id: %s", keyId), keyNotUsableException);
    } catch (AmazonClientException ace) {
        String msg = String.format("Unexpected error communicating with AWS KMS for region %s.", regionName);
        throw ApiException.newBuilder().withApiErrors(CustomApiError.createCustomApiError(DefaultApiError.INTERNAL_SERVER_ERROR, msg)).withExceptionCause(ace).withExceptionMessage(msg).build();
    }
}
Also used : AmazonClientException(com.amazonaws.AmazonClientException) AWSKMSClient(com.amazonaws.services.kms.AWSKMSClient) Region(com.amazonaws.regions.Region) NotFoundException(com.amazonaws.services.kms.model.NotFoundException) KeyInvalidForAuthException(com.nike.cerberus.error.KeyInvalidForAuthException) EncryptResult(com.amazonaws.services.kms.model.EncryptResult) KMSInvalidStateException(com.amazonaws.services.kms.model.KMSInvalidStateException) EncryptRequest(com.amazonaws.services.kms.model.EncryptRequest)

Example 2 with KMSInvalidStateException

use of com.amazonaws.services.kms.model.KMSInvalidStateException in project aws-sdk-android by aws-amplify.

the class KMSInvalidStateExceptionUnmarshaller method unmarshall.

@Override
public AmazonServiceException unmarshall(JsonErrorResponse error) throws Exception {
    KMSInvalidStateException e = (KMSInvalidStateException) super.unmarshall(error);
    e.setErrorCode("KMSInvalidStateException");
    return e;
}
Also used : KMSInvalidStateException(com.amazonaws.services.kms.model.KMSInvalidStateException)

Aggregations

KMSInvalidStateException (com.amazonaws.services.kms.model.KMSInvalidStateException)2 AmazonClientException (com.amazonaws.AmazonClientException)1 Region (com.amazonaws.regions.Region)1 AWSKMSClient (com.amazonaws.services.kms.AWSKMSClient)1 EncryptRequest (com.amazonaws.services.kms.model.EncryptRequest)1 EncryptResult (com.amazonaws.services.kms.model.EncryptResult)1 NotFoundException (com.amazonaws.services.kms.model.NotFoundException)1 KeyInvalidForAuthException (com.nike.cerberus.error.KeyInvalidForAuthException)1