public String getValue() { if (this.value == null) { return value; } /* * Ensure that the value is only decrypted once regardless of usage. This prevents KMS from * being called over and over from within the function to decrypt the same field. */ if (!this.decrypted) { try { this.value = Passwords.decrypt(this.value, Region.getRegion(this.region)); } catch (UnsupportedEncodingException e) { throw new ConfigurationException("Unable to decrypt", e); } this.decrypted = true; } return this.value; }
public static String decrypt(String str, Region region) throws UnsupportedEncodingException { if (isJUnitTest()) { return str; } AWSKMS kms = AWSKMSClientBuilder.standard().withRegion(region.getName()).build(); /* * The KMS ciphertext is base64 encoded and must be decoded before the request is made */ String cipherString = str; byte[] cipherBytes = Base64.decode(cipherString); /* * Create decode request and decode */ ByteBuffer cipherBuffer = ByteBuffer.wrap(cipherBytes); DecryptRequest req = new DecryptRequest().withCiphertextBlob(cipherBuffer); DecryptResult resp = kms.decrypt(req); /* * Convert the response plaintext bytes to a string */ return new String(resp.getPlaintext().array(), Charset.forName("UTF-8")); } }
public static String decrypt(String str, Region region) throws UnsupportedEncodingException { if (isJUnitTest()) { return str; } AWSKMS kms = AWSKMSClientBuilder.standard().withRegion(region.getName()).build(); /* * The KMS ciphertext is base64 encoded and must be decoded before the request is made */ String cipherString = str; byte[] cipherBytes = Base64.decode(cipherString); /* * Create decode request and decode */ ByteBuffer cipherBuffer = ByteBuffer.wrap(cipherBytes); DecryptRequest req = new DecryptRequest().withCiphertextBlob(cipherBuffer); DecryptResult resp = kms.decrypt(req); /* * Convert the response plaintext bytes to a string */ return new String(resp.getPlaintext().array(), Charset.forName("UTF-8")); } }
public String getValue() { if (this.value == null) { return value; } /* * Ensure that the value is only decrypted once regardless of usage. This prevents KMS from * being called over and over from within the function to decrypt the same field. */ if (!this.decrypted) { try { this.value = Passwords.decrypt(this.value, Region.getRegion(this.region)); } catch (UnsupportedEncodingException e) { throw new ConfigurationException("Unable to decrypt", e); } this.decrypted = true; } return this.value; }