com.amazonaws.services.kms.model.InvalidCiphertextException Java Examples

The following examples show how to use com.amazonaws.services.kms.model.InvalidCiphertextException. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: MockKMSClient.java    From aws-encryption-sdk-java with Apache License 2.0 6 votes vote down vote up 
@Override
public DecryptResult decrypt(DecryptRequest req) throws AmazonServiceException, AmazonClientException {
    DecryptResult result = results_.get(new DecryptMapKey(req));
    if (result != null) {
        // Copy it to avoid external modification
        DecryptResult copy = new DecryptResult();
        copy.setKeyId(retrieveArn(result.getKeyId()));
        byte[] pt = new byte[result.getPlaintext().limit()];
        result.getPlaintext().get(pt);
        result.getPlaintext().rewind();
        copy.setPlaintext(ByteBuffer.wrap(pt));
        return copy;
    } else {
        throw new InvalidCiphertextException("Invalid Ciphertext");
    }
}
Example #2
Source File: AsymmetricEncryptionNotAvailableTest.java    From spring-cloud-config-aws-kms with Apache License 2.0 6 votes vote down vote up 
@Test
void testAsymmetricDecryptionIsNotAvailable(CapturedOutput output) {
    doThrow(InvalidCiphertextException.class).when(mockKms).decrypt(any(DecryptRequest.class));

    try {
        // Asymmetric algorithm is not available, because an outdated AWS SDK is used. The textEncryptor will
        // print a warning and fall back to symmetric algorithm.
        // Trying to use an asymmetric key with the symmetric algorithm will lead to an exception.
        textEncryptor.decrypt(CIPHERTEXT);
        failBecauseExceptionWasNotThrown(InvalidCiphertextException.class);
    } catch (InvalidCiphertextException ignored) {
        assertThat(output).contains(VERSION_HINT);
        final DecryptRequest expectedRequest = new DecryptRequest()
                .withCiphertextBlob(ByteBuffer.wrap(Base64.getDecoder().decode(CIPHERTEXT.getBytes())));
        verify(mockKms).decrypt(eq(expectedRequest));
    }
}
Example #3
Source File: KmsDaoTest.java    From herd with Apache License 2.0 5 votes vote down vote up 
@Test
public void testDecryptInvalidCipher()
{
    try
    {
        // Try to decrypt an invalid ciphertext.
        kmsDao.decrypt(new AwsParamsDto(), MockKmsOperationsImpl.MOCK_CIPHER_TEXT_INVALID);
        fail("Suppose to throw an InvalidCiphertextException when cipher text is invalid.");
    }
    catch (Exception e)
    {
        assertEquals(InvalidCiphertextException.class, e.getClass());
    }
}
Example #4
Source File: MockKmsOperationsImpl.java    From herd with Apache License 2.0 5 votes vote down vote up 
@Override
public DecryptResult decrypt(AWSKMSClient awsKmsClient, DecryptRequest decryptRequest)
{
    // Check the cipher text.
    if (decryptRequest.getCiphertextBlob().equals(ByteBuffer.wrap(Base64.decodeBase64(MOCK_CIPHER_TEXT_INVALID))))
    {
        throw new InvalidCiphertextException("(Service: AWSKMS; Status Code: 400; Error Code: InvalidCiphertextException; Request ID: NONE)");
    }

    DecryptResult decryptResult = new DecryptResult();

    // Convert the test plain text to byte buffer and set the plain text return value.
    decryptResult.setPlaintext(ByteBuffer.wrap(MOCK_PLAIN_TEXT.getBytes()));

    return decryptResult;
}
Example #5
Source File: FakeKMS.java    From aws-dynamodb-encryption-java with Apache License 2.0 5 votes vote down vote up 
@Override
public DecryptResult decrypt(DecryptRequest req) throws AmazonServiceException,
        AmazonClientException {
    DecryptResult result = results_.get(new DecryptMapKey(req));
    if (result != null) {
        return result;
    } else {
        throw new InvalidCiphertextException("Invalid Ciphertext");
    }
}