Example usage for com.amazonaws.services.kms.model DecryptRequest addEncryptionContextEntry

List of usage examples for com.amazonaws.services.kms.model DecryptRequest addEncryptionContextEntry

  1. HOME
  2. Java
  3. com.amazonaws
  4. com.amazonaws.services.kms.model.*
  5. DecryptRequest
  6. addEncryptionContextEntry

Introduction

In this page you can find the example usage for com.amazonaws.services.kms.model DecryptRequest addEncryptionContextEntry.

Prototype

public DecryptRequest addEncryptionContextEntry(String key, String value)

Source Link

Usage

From source file:com.google.crypto.tink.integration.awskms.AwsKmsAead.java

License:Apache License

@Override
public byte[] decrypt(final byte[] ciphertext, final byte[] associatedData) throws GeneralSecurityException {
    try {//from  w w w. j a  v  a2s  .co m
        DecryptRequest req = new DecryptRequest().withCiphertextBlob(ByteBuffer.wrap(ciphertext));
        if (associatedData != null && associatedData.length != 0) {
            req = req.addEncryptionContextEntry("associatedData", BinaryUtils.toHex(associatedData));
        }
        DecryptResult result = kmsClient.decrypt(req);
        if (!result.getKeyId().equals(keyArn)) {
            throw new GeneralSecurityException("decryption failed: wrong key id");
        }
        return result.getPlaintext().array();
    } catch (AmazonServiceException e) {
        throw new GeneralSecurityException("decryption failed", e);
    }
}