List of usage examples for com.amazonaws.services.kms AWSKMSClientBuilder standard
public static AWSKMSClientBuilder standard()
From source file:com.google.crypto.tink.integration.awskms.AwsKmsClient.java
License:Apache License
/** Loads AWS credentials from a provider. */ public KmsClient withCredentialsProvider(AWSCredentialsProvider provider) throws GeneralSecurityException { try {/*from w w w . j av a 2 s . co m*/ String[] tokens = this.keyUri.split(":"); this.client = AWSKMSClientBuilder.standard().withCredentials(provider) .withRegion(Regions.fromName(tokens[4])).build(); return this; } catch (AmazonServiceException e) { throw new GeneralSecurityException("cannot load credentials from provider", e); } }
From source file:com.nextdoor.bender.utils.Passwords.java
License:Apache License
public static String decrypt(String str, Region region) throws UnsupportedEncodingException { if (isJUnitTest()) { return str; }/*from w w w .j av a2 s.co m*/ AWSKMS kms = AWSKMSClientBuilder.standard().withRegion(region.getName()).build(); /* * The KMS ciphertext is base64 encoded and must be decoded before the request is made */ String cipherString = str; byte[] cipherBytes = Base64.decode(cipherString); /* * Create decode request and decode */ ByteBuffer cipherBuffer = ByteBuffer.wrap(cipherBytes); DecryptRequest req = new DecryptRequest().withCiphertextBlob(cipherBuffer); DecryptResult resp = kms.decrypt(req); /* * Convert the response plaintext bytes to a string */ return new String(resp.getPlaintext().array(), Charset.forName("UTF-8")); }