EncryptRequest encryptRequest = new EncryptRequest() .withEncryptionContext(matdesc) .withKeyId(materials.getCustomerMasterKeyId()) .withPlaintext(ByteBuffer.wrap(cek.getEncoded()))
final EncryptRequest encryptRequest = new EncryptRequest() .withEncryptionContext(matdesc) .withKeyId(materials.getCustomerMasterKeyId()) .withPlaintext(ByteBuffer.wrap(cek.getEncoded())); encryptRequest
@Override public String encrypt(final String text) { Assert.hasText(kmsKeyId, "kmsKeyId must not be blank"); if (text == null || text.isEmpty()) { return EMPTY_STRING; } else { final EncryptRequest encryptRequest = new EncryptRequest().withKeyId(kmsKeyId) // .withPlaintext(ByteBuffer.wrap(text.getBytes())); final ByteBuffer encryptedBytes = kms.encrypt(encryptRequest).getCiphertextBlob(); return extractString(encryptedBytes, new KmsTextEncryptorOptions(OutputMode.BASE64)); } }
@Override public byte[] encrypt(final byte[] plaintext, final byte[] associatedData) throws GeneralSecurityException { try { EncryptRequest req = new EncryptRequest().withKeyId(keyArn).withPlaintext(ByteBuffer.wrap(plaintext)); if (associatedData != null && associatedData.length != 0) { req = req.addEncryptionContextEntry("associatedData", BinaryUtils.toHex(associatedData)); } return kmsClient.encrypt(req).getCiphertextBlob().array(); } catch (AmazonServiceException e) { throw new GeneralSecurityException("encryption failed", e); } }
private String kmsEncrypt(String value) { String kmsKeyId = context.getSecrets().getSecret("aws.emr.kms_key_id"); EncryptResult result = kms.encrypt(new EncryptRequest().withKeyId(kmsKeyId).withPlaintext(UTF_8.encode(value))); return base64(result.getCiphertextBlob()); }
@Override public DataKey<KmsMasterKey> encryptDataKey(final CryptoAlgorithm algorithm, final Map<String, String> encryptionContext, final DataKey<?> dataKey) { final SecretKey key = dataKey.getKey(); if (!key.getFormat().equals("RAW")) { throw new IllegalArgumentException("Only RAW encoded keys are supported"); } try { final EncryptResult encryptResult = kms_.get().encrypt(updateUserAgent( new EncryptRequest() .withKeyId(id_) .withPlaintext(ByteBuffer.wrap(key.getEncoded())) .withEncryptionContext(encryptionContext) .withGrantTokens(grantTokens_))); final byte[] edk = new byte[encryptResult.getCiphertextBlob().remaining()]; encryptResult.getCiphertextBlob().get(edk); return new DataKey<>(dataKey.getKey(), edk, encryptResult.getKeyId().getBytes(StandardCharsets.UTF_8), this); } catch (final AmazonServiceException asex) { throw new AwsCryptoException(asex); } }
EncryptRequest encryptRequest = new EncryptRequest() .withEncryptionContext(matdesc) .withKeyId(materials.getCustomerMasterKeyId()) .withPlaintext(ByteBuffer.wrap(cek.getEncoded()))
final EncryptRequest encryptRequest = new EncryptRequest() .withEncryptionContext(matdesc) .withKeyId(materials.getCustomerMasterKeyId()) .withPlaintext(ByteBuffer.wrap(cek.getEncoded())); encryptRequest