public byte[] DecryptKey(byte[] cipherText, IDictionary <string, string> context)
{
var req = new DecryptRequest
{
CiphertextBlob = new MemoryStream(cipherText),
EncryptionContext = AsDictionary(context)
};
return(_client.Decrypt(req).Plaintext.ToArray());
}
internal virtual CryptoKey DecryptKmsEncryptedKey(
IAmazonKeyManagementService awsKmsClient,
byte[] cipherText,
DateTimeOffset keyCreated,
byte[] kmsKeyEncryptionKey,
bool revoked)
{
byte[] plaintextBackingBytes = awsKmsClient.Decrypt(kmsKeyEncryptionKey, null);
try
{
return(crypto.DecryptKey(cipherText, keyCreated, crypto.GenerateKeyFromBytes(plaintextBackingBytes), revoked));
}
finally
{
ManagedBufferUtils.WipeByteArray(plaintextBackingBytes);
}
}
private Amazon.KeyManagementService.Model.DecryptResponse CallAWSServiceOperation(IAmazonKeyManagementService client, Amazon.KeyManagementService.Model.DecryptRequest request)
{
Utils.Common.WriteVerboseEndpointMessage(this, client.Config, "AWS Key Management Service", "Decrypt");
try
{
#if DESKTOP
return(client.Decrypt(request));
#elif CORECLR
return(client.DecryptAsync(request).GetAwaiter().GetResult());
#else
#error "Unknown build edition"
#endif
}
catch (AmazonServiceException exc)
{
var webException = exc.InnerException as System.Net.WebException;
if (webException != null)
{
throw new Exception(Utils.Common.FormatNameResolutionFailureMessage(client.Config, webException.Message), webException);
}
throw;
}
}
public byte[] Decrypt(byte[] ciphertextBlob, Dictionary <string, string> encryptionContext)
{
return(_service.Decrypt(ciphertextBlob, encryptionContext));
}
