Example usage for com.amazonaws.services.kms AWSKMSClient encrypt

List of usage examples for com.amazonaws.services.kms AWSKMSClient encrypt

  1. HOME
  2. Java
  3. com.amazonaws
  4. com.amazonaws.services.kms.*
  5. AWSKMSClient
  6. encrypt

Introduction

In this page you can find the example usage for com.amazonaws.services.kms AWSKMSClient encrypt.

Prototype

@Override
public EncryptResult encrypt(EncryptRequest request)

Source Link

Document

Encrypts plaintext into ciphertext by using a customer master key (CMK).

Usage

From source file:com.nike.cerberus.service.AuthenticationService.java

License:Apache License

/**
 * Encrypts the data provided using KMS based on the provided region and key id.
 *
 * @param regionName Region where key is located
 * @param keyId Key id/*  www .  j  a  v a2s  . com*/
 * @param data Data to be encrypted
 * @return encrypted data
 */
private byte[] encrypt(final String regionName, final String keyId, final byte[] data) {
    Region region;
    try {
        region = Region.getRegion(Regions.fromName(regionName));
    } catch (IllegalArgumentException iae) {
        throw ApiException.newBuilder().withApiErrors(DefaultApiError.AUTH_IAM_ROLE_AWS_REGION_INVALID)
                .withExceptionCause(iae).build();
    }

    final AWSKMSClient kmsClient = kmsClientFactory.getClient(region);

    try {
        final EncryptResult encryptResult = kmsClient
                .encrypt(new EncryptRequest().withKeyId(keyId).withPlaintext(ByteBuffer.wrap(data)));

        return encryptResult.getCiphertextBlob().array();
    } catch (AmazonClientException ace) {
        throw ApiException.newBuilder().withApiErrors(DefaultApiError.INTERNAL_SERVER_ERROR)
                .withExceptionCause(ace)
                .withExceptionMessage(
                        String.format("Unexpected error communicating with AWS KMS for region %s.", regionName))
                .build();
    }
}

From source file:org.apache.coheigea.cxf.kms.asymmetric.KMSPasswordEncryptor.java

License:Apache License

@Override
public String encrypt(String password) {
    final AWSCredentials creds = new BasicAWSCredentials(accessKey, secretKey);

    AWSKMSClient kms = new AWSKMSClient(creds);
    kms.setEndpoint(endpoint);// w w w .java  2s  . com

    ByteBuffer plaintext = ByteBuffer.wrap(password.getBytes());

    EncryptRequest req = new EncryptRequest().withPlaintext(plaintext);
    req.setKeyId(masterKeyId);
    ByteBuffer encryptedKey = kms.encrypt(req).getCiphertextBlob();

    byte[] key = new byte[encryptedKey.remaining()];
    encryptedKey.get(key);

    return Base64.encode(key);
}