List of usage examples for com.amazonaws.services.kms.model DecryptRequest addEncryptionContextEntry
public DecryptRequest addEncryptionContextEntry(String key, String value)
From source file:com.google.crypto.tink.integration.awskms.AwsKmsAead.java
License:Apache License
@Override public byte[] decrypt(final byte[] ciphertext, final byte[] associatedData) throws GeneralSecurityException { try {//from w w w. j a v a2s .co m DecryptRequest req = new DecryptRequest().withCiphertextBlob(ByteBuffer.wrap(ciphertext)); if (associatedData != null && associatedData.length != 0) { req = req.addEncryptionContextEntry("associatedData", BinaryUtils.toHex(associatedData)); } DecryptResult result = kmsClient.decrypt(req); if (!result.getKeyId().equals(keyArn)) { throw new GeneralSecurityException("decryption failed: wrong key id"); } return result.getPlaintext().array(); } catch (AmazonServiceException e) { throw new GeneralSecurityException("decryption failed", e); } }