Example usage for com.amazonaws.services.kms.model DecryptResult getKeyId

List of usage examples for com.amazonaws.services.kms.model DecryptResult getKeyId

  1. HOME
  2. Java
  3. com.amazonaws
  4. com.amazonaws.services.kms.model.*
  5. DecryptResult
  6. getKeyId

Introduction

In this page you can find the example usage for com.amazonaws.services.kms.model DecryptResult getKeyId.

Prototype


public String getKeyId()

Source Link

Document

The ARN of the customer master key that was used to perform the decryption.

Usage

From source file:com.google.crypto.tink.integration.awskms.AwsKmsAead.java

License:Apache License

@Override
public byte[] decrypt(final byte[] ciphertext, final byte[] associatedData) throws GeneralSecurityException {
    try {/*from w w  w  . java2s.com*/
        DecryptRequest req = new DecryptRequest().withCiphertextBlob(ByteBuffer.wrap(ciphertext));
        if (associatedData != null && associatedData.length != 0) {
            req = req.addEncryptionContextEntry("associatedData", BinaryUtils.toHex(associatedData));
        }
        DecryptResult result = kmsClient.decrypt(req);
        if (!result.getKeyId().equals(keyArn)) {
            throw new GeneralSecurityException("decryption failed: wrong key id");
        }
        return result.getPlaintext().array();
    } catch (AmazonServiceException e) {
        throw new GeneralSecurityException("decryption failed", e);
    }
}