List of usage examples for com.amazonaws.services.kms AWSKMS decrypt
DecryptResult decrypt(DecryptRequest decryptRequest);
Decrypts ciphertext that was encrypted by a AWS KMS customer master key (CMK) using any of the following operations:
You can use this operation to decrypt ciphertext that was encrypted under a symmetric or asymmetric CMK.
From source file:com.nextdoor.bender.utils.Passwords.java
License:Apache License
public static String decrypt(String str, Region region) throws UnsupportedEncodingException { if (isJUnitTest()) { return str; }/*from www . j a v a2s .co m*/ AWSKMS kms = AWSKMSClientBuilder.standard().withRegion(region.getName()).build(); /* * The KMS ciphertext is base64 encoded and must be decoded before the request is made */ String cipherString = str; byte[] cipherBytes = Base64.decode(cipherString); /* * Create decode request and decode */ ByteBuffer cipherBuffer = ByteBuffer.wrap(cipherBytes); DecryptRequest req = new DecryptRequest().withCiphertextBlob(cipherBuffer); DecryptResult resp = kms.decrypt(req); /* * Convert the response plaintext bytes to a string */ return new String(resp.getPlaintext().array(), Charset.forName("UTF-8")); }
From source file:de.zalando.spring.cloud.config.aws.kms.MockAwsKmsConfig.java
License:Apache License
@Bean
AWSKMS kms() {// w w w. j av a 2s . c om
final AWSKMS mock = mock(AWSKMS.class);
when(mock.decrypt(any(DecryptRequest.class))).thenAnswer(new Answer<DecryptResult>() {
@Override
public DecryptResult answer(InvocationOnMock invocation) throws Throwable {
return new DecryptResult().withPlaintext(
ByteBuffer.wrap(KmsEncryptionIntegrationConfigurationTest.PLAINTEXT.getBytes()));
}
});
return mock;
}