Example usage for com.amazonaws.services.kms.model EncryptRequest EncryptRequest

List of usage examples for com.amazonaws.services.kms.model EncryptRequest EncryptRequest

  1. HOME
  2. Java
  3. com.amazonaws
  4. com.amazonaws.services.kms.model.*
  5. EncryptRequest
  6. EncryptRequest

Introduction

In this page you can find the example usage for com.amazonaws.services.kms.model EncryptRequest EncryptRequest.

Prototype

EncryptRequest

Source Link

Usage

From source file:com.google.crypto.tink.integration.awskms.AwsKmsAead.java

License:Apache License

@Override
public byte[] encrypt(final byte[] plaintext, final byte[] associatedData) throws GeneralSecurityException {
    try {//from   w w w . j a  va2  s.c  o m
        EncryptRequest req = new EncryptRequest().withKeyId(keyArn).withPlaintext(ByteBuffer.wrap(plaintext));
        if (associatedData != null && associatedData.length != 0) {
            req = req.addEncryptionContextEntry("associatedData", BinaryUtils.toHex(associatedData));
        }
        return kmsClient.encrypt(req).getCiphertextBlob().array();
    } catch (AmazonServiceException e) {
        throw new GeneralSecurityException("encryption failed", e);
    }
}

From source file:com.nike.cerberus.service.AuthenticationService.java

License:Apache License

/**
 * Encrypts the data provided using KMS based on the provided region and key id.
 *
 * @param regionName Region where key is located
 * @param keyId Key id//from   w w  w .jav  a2  s.  c  o  m
 * @param data Data to be encrypted
 * @return encrypted data
 */
private byte[] encrypt(final String regionName, final String keyId, final byte[] data) {
    Region region;
    try {
        region = Region.getRegion(Regions.fromName(regionName));
    } catch (IllegalArgumentException iae) {
        throw ApiException.newBuilder().withApiErrors(DefaultApiError.AUTH_IAM_ROLE_AWS_REGION_INVALID)
                .withExceptionCause(iae).build();
    }

    final AWSKMSClient kmsClient = kmsClientFactory.getClient(region);

    try {
        final EncryptResult encryptResult = kmsClient
                .encrypt(new EncryptRequest().withKeyId(keyId).withPlaintext(ByteBuffer.wrap(data)));

        return encryptResult.getCiphertextBlob().array();
    } catch (AmazonClientException ace) {
        throw ApiException.newBuilder().withApiErrors(DefaultApiError.INTERNAL_SERVER_ERROR)
                .withExceptionCause(ace)
                .withExceptionMessage(
                        String.format("Unexpected error communicating with AWS KMS for region %s.", regionName))
                .build();
    }
}

From source file:de.zalando.spring.cloud.config.aws.kms.KmsTextEncryptor.java

License:Apache License

@Override
public String encrypt(final String text) {
    Assert.hasText(kmsKeyId, "kmsKeyId must not be blank");
    if (text == null || text.isEmpty()) {
        return EMPTY_STRING;
    } else {/*from  w w  w . ja v  a 2  s  .  co m*/
        final EncryptRequest encryptRequest = new EncryptRequest().withKeyId(kmsKeyId) //
                .withPlaintext(ByteBuffer.wrap(text.getBytes()));

        final ByteBuffer encryptedBytes = kms.encrypt(encryptRequest).getCiphertextBlob();

        return extractString(ByteBuffer.wrap(Base64.encode(encryptedBytes.array())));
    }
}

From source file:org.apache.coheigea.cxf.kms.asymmetric.KMSPasswordEncryptor.java

License:Apache License

@Override
public String encrypt(String password) {
    final AWSCredentials creds = new BasicAWSCredentials(accessKey, secretKey);

    AWSKMSClient kms = new AWSKMSClient(creds);
    kms.setEndpoint(endpoint);/*from ww w.  j a va 2 s .  c om*/

    ByteBuffer plaintext = ByteBuffer.wrap(password.getBytes());

    EncryptRequest req = new EncryptRequest().withPlaintext(plaintext);
    req.setKeyId(masterKeyId);
    ByteBuffer encryptedKey = kms.encrypt(req).getCiphertextBlob();

    byte[] key = new byte[encryptedKey.remaining()];
    encryptedKey.get(key);

    return Base64.encode(key);
}

From source file:org.sfs.encryption.AwsKms.java

License:Apache License

@Override
public Observable<Encrypted> encrypt(VertxContext<Server> vertxContext, byte[] plainBytes) {
    SfsVertx sfsVertx = vertxContext.vertx();
    Context context = sfsVertx.getOrCreateContext();
    return Observable.defer(() -> {
        byte[] cloned = Arrays.copyOf(plainBytes, plainBytes.length);
        return RxHelper.executeBlocking(context, sfsVertx.getBackgroundPool(), () -> {
            try {
                EncryptRequest req = new EncryptRequest().withKeyId(keyId)
                        .withPlaintext(ByteBuffer.wrap(cloned));
                ByteBuffer buffer = kms.encrypt(req).getCiphertextBlob();
                byte[] b = new byte[buffer.remaining()];
                buffer.get(b);/*from w ww.  ja va 2  s. co  m*/
                return new Encrypted(b, String.format("xppsaws:%s", keyId));
            } finally {
                Arrays.fill(cloned, (byte) 0);
            }
        });
    });
}

From source file:org.zalando.crypto.aws.kms.KmsEncrypter.java

License:Apache License

@Override
public String encrypt(String text) {
    if (isNullOrEmpty(text)) {

        return EMPTY_STRING;
    } else {//from   ww  w . j  a v a 2s  .  co  m
        final EncryptRequest encryptRequest = new EncryptRequest().withKeyId(kmsKeyId) //
                .withPlaintext(ByteBuffer.wrap(text.getBytes()));

        final ByteBuffer encryptedBytes = kms.encrypt(encryptRequest).getCiphertextBlob();

        return extractString(ByteBuffer.wrap(Base64.encode(encryptedBytes.array())));
    }
}