private async Task <MemoryStream> Encrypt(string value, Amazon.KeyManagementService.IAmazonKeyManagementService client)
{
if (String.IsNullOrWhiteSpace(_config.KmsKeyId))
{
throw new ArgumentOutOfRangeException("config.KmsKeyId");
}
using (MemoryStream memoryStream = new MemoryStream())
{
using (var writer = new StreamWriter(memoryStream, Encoding.UTF8))
{
writer.Write(value);
writer.Flush();
memoryStream.Seek(0, SeekOrigin.Begin);
var request = new Amazon.KeyManagementService.Model.EncryptRequest()
{
KeyId = _config.KmsKeyId,
Plaintext = memoryStream
};
var response = await client.EncryptAsync(request);
return(response.CiphertextBlob);
}
}
}
private async Task <string> Decrypt(Stream stream, Amazon.KeyManagementService.IAmazonKeyManagementService client)
{
using (MemoryStream memoryStream = new MemoryStream())
{
await stream.CopyToAsync(memoryStream);
memoryStream.Seek(0, SeekOrigin.Begin);
var request = new Amazon.KeyManagementService.Model.DecryptRequest()
{
CiphertextBlob = memoryStream
};
var response = await client.DecryptAsync(request);
using (var reader = new StreamReader(response.Plaintext, Encoding.UTF8))
{
return(await reader.ReadToEndAsync());
}
}
}
